Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
152 vulnerabilities by conectiva
VAR-200107-0035
Vulnerability from variot - Updated: 2024-07-23 22:24slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. Multiple versions of OpenLDAP contain vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to follow the advice provided below. Vulnerabilities exist in slapd in OpenLDAP 1.x versions prior to 1.2.12 and 2.x versions prior to 2.0.8
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200107-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openldap",
"scope": "eq",
"trust": 1.6,
"vendor": "openldap",
"version": "1.0.2"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.1.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.9"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "2.0.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.3"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "7.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "2.0.5"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "2.0.4"
},
{
"model": "mandrake single network firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "7.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "2.0.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "2.0.7"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.1.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.12"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "2.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "2.0.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.11"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.1.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.5"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "1.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.7"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.6"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "7.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.2"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.0.1"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.10"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.1.4"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.0.3"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "2.0"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "1.2.8"
},
{
"model": "openldap",
"scope": "eq",
"trust": 1.0,
"vendor": "openldap",
"version": "2.0.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openldap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#935800"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-100"
},
{
"db": "NVD",
"id": "CVE-2001-0977"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:1.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openldap:openldap:2.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0977"
}
]
},
"cve": "CVE-2001-0977",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-3783",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2001-0977",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#935800",
"trust": 0.8,
"value": "1.77"
},
{
"author": "CNNVD",
"id": "CNNVD-200107-100",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-3783",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#935800"
},
{
"db": "VULHUB",
"id": "VHN-3783"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-100"
},
{
"db": "NVD",
"id": "CVE-2001-0977"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. Multiple versions of OpenLDAP contain vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to follow the advice provided below. Vulnerabilities exist in slapd in OpenLDAP 1.x versions prior to 1.2.12 and 2.x versions prior to 2.0.8",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0977"
},
{
"db": "CERT/CC",
"id": "VU#935800"
},
{
"db": "VULHUB",
"id": "VHN-3783"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3049",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#935800",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "1905",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2001-0977",
"trust": 1.7
},
{
"db": "XF",
"id": "6904",
"trust": 1.4
},
{
"db": "CNNVD",
"id": "CNNVD-200107-100",
"trust": 0.7
},
{
"db": "CONECTIVA",
"id": "CLA-2001:417",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2001:098",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2001-18",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-068",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2001:069",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-3783",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#935800"
},
{
"db": "VULHUB",
"id": "VHN-3783"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-100"
},
{
"db": "NVD",
"id": "CVE-2001-0977"
}
]
},
"id": "VAR-200107-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-3783"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:24:58.858000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0977"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/3049"
},
{
"trust": 1.7,
"url": "http://www.cert.org/advisories/ca-2001-18.html"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/935800"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2001/dsa-068"
},
{
"trust": 1.7,
"url": "http://www.linux-mandrake.com/en/security/2001/mdksa-2001-069.php3"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/1905"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2001-098.html"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/static/6904.php"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904"
},
{
"trust": 0.8,
"url": "http://www.openldap.org/"
},
{
"trust": 0.8,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#935800"
},
{
"db": "VULHUB",
"id": "VHN-3783"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-100"
},
{
"db": "NVD",
"id": "CVE-2001-0977"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#935800"
},
{
"db": "VULHUB",
"id": "VHN-3783"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-100"
},
{
"db": "NVD",
"id": "CVE-2001-0977"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-07-17T00:00:00",
"db": "CERT/CC",
"id": "VU#935800"
},
{
"date": "2001-07-16T00:00:00",
"db": "VULHUB",
"id": "VHN-3783"
},
{
"date": "2001-07-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200107-100"
},
{
"date": "2001-07-16T04:00:00",
"db": "NVD",
"id": "CVE-2001-0977"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-12T00:00:00",
"db": "CERT/CC",
"id": "VU#935800"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-3783"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200107-100"
},
{
"date": "2017-10-10T01:29:57.360000",
"db": "NVD",
"id": "CVE-2001-0977"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200107-100"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple versions of OpenLDAP are vulnerable to denial-of-service attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#935800"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200107-100"
}
],
"trust": 0.6
}
}
VAR-200505-0162
Vulnerability from variot - Updated: 2024-07-23 22:09Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The gzip program contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Included with many products telnet Clients env_opt_add() There is a vulnerability that causes a buffer overflow when certain input data including escape characters is processed due to improper bounds checking in the function.Configured by a third party telnet Guided or crafted the target user to log in to the server Web By displaying the page, arbitrary code may be executed with the user's authority. Multiple vendors' Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the 'env_opt_add()' function in the 'telnet.c' source file, which is apparently common source for all the affected vendors.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: gzip Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA21996
VERIFY ADVISORY: http://secunia.com/advisories/21996/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
SOFTWARE: gzip 1.x http://secunia.com/product/4220/
DESCRIPTION: Tavis Ormandy has reported some vulnerabilities in gzip, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
1) A boundary error within the "make_table()" function in unlzh.c can be used to modify certain stack data. tricking a user or automated system into unpacking a specially crafted archive file. tricking a user or automated system into unpacking a specially crafted "pack" archive file.
3) A buffer overflow within the "make_table()" function of gzip's LZH support can be exploited to cause a DoS and potentially to compromise a vulnerable system by e.g. tricking a user or automated system into unpacking an archive containing a specially crafted decoding table.
4) A NULL pointer dereference within the "huft_build()" function and an infinite loop within the LZH handling can be exploited to cause a DoS by e.g. tricking a user or automated system into unpacking a specially crafted archive file.
The vulnerabilities have been reported in version 1.3.5. Other versions may also be affected.
SOLUTION: Do not unpack untrusted archive files.
PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy, Google Security Team
ORIGINAL ADVISORY: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
OTHER REFERENCES: US-CERT VU#554780: http://www.kb.cert.org/vuls/id/554780
US-CERT VU#381508: http://www.kb.cert.org/vuls/id/381508
US-CERT VU#773548: http://www.kb.cert.org/vuls/id/773548
US-CERT VU#933712: http://www.kb.cert.org/vuls/id/933712
US-CERT VU#596848 http://www.kb.cert.org/vuls/id/596848
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. BACKGROUND
The TELNET protocol allows virtual network terminals to be connected to over the internet. The initial description of the telnet protocol was given in RFC854 in May 1983. Since then there have been many extra features added including encryption.
II.
The vulnerability specifically exists in the env_opt_add() function of telnet.c. A buffer of a fixed size (256 bytes) is allocated to store the result of the processing this function performs on network input. If this buffer is not large enough to contain the string, the buffer is expanded by a further 256 bytes. This size is sufficient for most well formed input, as the buffer passed as input to the affected function is limited to the same size. However, due to the way the telnet protocol escapes certain characters, it is possible to increase the length of the output by including a large run of characters which need escaping. This can allow the 256 byte input buffer to expand to a maximum of 512 bytes in the allocated storage buffer. If, after expanding the buffer by 256 bytes, the buffer is still not large enough to contain the input, a heap based buffer overflow occurs, which is exploitable on at least some affected platforms.
III. It may be possible to automatically launch the telnet command from a webpage, for example:
On opening this page the telnet client may be launched and attempt to connect to the host 'malicious.server'. IV. DETECTION iDEFENSE has confirmed the existance of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability. V. WORKAROUND iDEFENSE is currently unaware of any effective workarounds for this vulnerability. VI. VENDOR RESPONSE The following vendors have provided official responses related to this vulnerability. Other vendors may be affected but have not provided an official response. Vulnerable: - ALT Linux All supported ALT Linux distributions include telnet client derived from OpenBSD 3.0. The env_opt_add() buffer overflow vulnerability is present in all our telnet clients. Updated packages with fixes for these issues will be released on March 28, 2005. http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html - Apple Computer, Inc. Component: Telnet Available for: Mac OS X 10.3.8, Mac OS X Server 10.3.8 This is fixed in Security Update 2005-003, which is available at http://docs.info.apple.com/article.html?artnum=61798 - FreeBSD FreeBSD-SA-05:01.telnet security advisory: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc - MIT (Kerberos) This vulnerability is covered in the following upcoming advisory: MITKRB5-SA-2005-001: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt patch against krb5-1.4: http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt - Openwall Project The bugs are fixed starting with telnet package version 3.0-owl2. http://www.openwall.com/Owl/CHANGES-current.shtml - Red Hat, Inc. Red Hat Enterprise Linux ship with telnet and krb5 packages vulnerable to this issue. New telnet and krb5 packages are now available along with our advisory at the URLs below and by using the Red Hat Network 'up2date' tool. Red Hat Enterprise Linux - telnet http://rhn.redhat.com/errata/RHSA-2005-330.html Red Hat Enterprise Linux - krb5 http://rhn.redhat.com/errata/RHSA-2005-327.html - Sun Microsystems Inc. Sun confirms that the telnet(1) vulnerabilities do affect all currently supported versions of Solaris: Solaris 7, 8, 9 and 10 Sun has released a Sun Alert which describes a workaround until patches are available at: http://sunsolve.sun.com Sun Alert #57755 The Sun Alert will be updated with the patch information once it becomes available. Sun patches are available from: http://sunsolve.sun.com/securitypatch Not Vulnerable: - CyberSafe Limited The CyberSafe TrustBroker products, version 3.0 or later, are not vulnerable. - Hewlett-Packard Development Company, L.P. HP-UX and HP Tru64 UNIX are not vulnerable. - InterSoft International, Inc. InterSoft International, Inc. products NetTerm, SecureNetTerm and SNetTerm are not affected by the env_opt_add() buffer overflow conditions. VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2005-0468 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 02/18/2005 Initial vendor notifications 03/28/2005 Coordinated public disclosure IX. CREDIT Ga\xebl Delalleau credited with this discovery. Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp Free tools, research and upcoming events http://labs.idefense.com X. LEGAL NOTICES Copyright \xa9 2005 iDEFENSE, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. Workaround ========== There is no known workaround at this time. Resolution ========== All telnet-bsd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/telnet-bsd-1.0-r1" References ========== [ 1 ] CAN-2005-0468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 [ 2 ] IDEF0867 http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities [ 3 ] CAN-2005-0469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 [ 4 ] IDEF0866 http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200504-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.0 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : telnet client multiple issues Advisory number: SCOSA-2005.21 Issue date: 2005 April 08 Cross reference: sr893210 fz531446 erg712801 CAN-2005-0469 CAN-2005-0468 ______________________________________________________________________________ 1. UnixWare 7.1.4 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21 4.2 Verification MD5 (erg712801.714.pkg.Z) = bf53673ea12a1c25e3606a5b879adbc4 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712801.714.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712801.714.pkg.Z # pkgadd -d /var/spool/pkg/erg712801.714.pkg 5. UnixWare 7.1.3 5.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21 5.2 Verification MD5 (erg712801.713.pkg.Z) = e876b261afbecb41c18c26d6ec11e71d md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712801.713.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712801.713.pkg.Z # pkgadd -d /var/spool/pkg/erg712801.713.pkg 6. UnixWare 7.1.1 6.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21 6.2 Verification MD5 (erg712801.711.pkg.Z) = f3099416a793c1f731bc7e377fe0e4a2 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 6.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712801.711.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712801.711.pkg.Z # pkgadd -d /var/spool/pkg/erg712801.711.pkg 7. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities SCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents sr893210 fz531446 erg712801. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. Additional user interaction may not be required if the attacker can get the user to view HTML containing an IFRAME tag containing a "telnet:" URL pointing to a malicious server. FIXES ===== * WORKAROUND: Disable handling of "telnet:" URLs in web browsers, email readers, etc., or remove execute permissions from the telnet client program. * The upcoming krb5-1.4.1 patch release will contain fixes for this problem. * Apply the patch found at: http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt The associated detached PGP signature is at: http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt.asc The patch was generated against the krb5-1.4 release. It may apply against earlier releases with some offset. DETAILS ======= The slc_add_reply() function in telnet.c performs inadequate length checking. The env_opt_add() function in telnet.c performs inadequate length checking. For the stable distribution (woody) these problems have been fixed in version 1.2.4-5woody8. For the unstable distribution (sid) these problems have been fixed in version 1.3.6-1. We recommend that you upgrade your krb5 package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc Size/MD5 checksum: 750 51c3ea6dcf74a9d82bef016509870c3d http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz Size/MD5 checksum: 83173 97d5ce1eeec763cc67d56b0758891a0f http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz Size/MD5 checksum: 5443051 663add9b5942be74a86fa860a3fa4167 Architecture independent components: http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb Size/MD5 checksum: 512968 88dea0dcf727a6fe03457485e6c98ea4 Alpha architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 253798 4124ad89c3d6698ae5ce09cc0a810e77 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 217536 02bdd8e928ce65cfc415de890106cde7 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 63072 9aa2b092cc3d4729f6d309160b27117c http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 252162 0f2b0638347b34b07ab919c05b7a404a http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 76452 4eab68ade26bdd00dc733183f673cf7e http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 59106 4c00e1ad73ba0be9631ed3b20846cf31 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 207478 f94b1e493f4a35a9244ab0a71f714f61 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 83948 b4870cfb49811f9e9bfc182004d6e72a http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 633440 f794455df495082bd8c40b2f0a6e0f22 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb Size/MD5 checksum: 367446 248fced4d354d47649deaa0c5d349354 ARM architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb Size/MD5 checksum: 197342 11591d7d943ee2d38f0117b53ec59026 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb Size/MD5 checksum: 160678 f4118cf6266830f7db9553329dcc1532 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb Size/MD5 checksum: 48830 dc4986db69fc9fa3aacd9487a1a57004 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb Size/MD5 checksum: 198672 6e11c792134a4d9bd602a7461895c42c http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb Size/MD5 checksum: 63738 01cee2e685f3bc973f7cce7e5ec08f56 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb Size/MD5 checksum: 49406 03755be7fa950f05c099aff6dc847e7d http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb Size/MD5 checksum: 166018 b8000d9c82076d7134aacf28a3ae7a98 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb Size/MD5 checksum: 73626 3070b54d29b8174b78886e37bc25c112 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb Size/MD5 checksum: 493632 b74a2e03c250019f25ff58387792d666 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb Size/MD5 checksum: 295230 bd4ccc64814aeebd0071b68dc964080d Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb Size/MD5 checksum: 179362 e38dffa6b1e44da9c05ab5569283141b http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb Size/MD5 checksum: 152348 eb2d37aca6f5aeb2ecd3dc7a66b351fc http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb Size/MD5 checksum: 46370 dda52cc0f381955716025f4f3f210630 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb Size/MD5 checksum: 178578 3d9e28bc8bbd83161cd8c9781db99e76 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb Size/MD5 checksum: 61358 846936ed49d43dddf11c8239e7ecb74f http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb Size/MD5 checksum: 46652 4b12ff1ef17b81aadec2cf27c249b263 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb Size/MD5 checksum: 156624 2a626d8694742a825242085d83efb40f http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb Size/MD5 checksum: 72022 678e924f12886c54cb3ca9bdee6a8da4 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb Size/MD5 checksum: 433960 9a90e0a4c79b81f2d00945fb7bdf84da http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb Size/MD5 checksum: 293706 be17bc6de25438a34466e7a47c5e4a0f Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 322390 bd8deae9fe5e2fd0d0e304d93c676c95 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 266614 fa5fedbcc5ce19cf0fd6e0f019988aaa http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 73742 3b21c0fd054d80e979808c47bef49b15 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 322348 b893958f43de292d927b49cd9dda434b http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 92050 2c1a3cf4ae7311dc95a696bf919148e9 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 70700 38b66040685eb5421abcb92cdcb682df http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 256278 5440c691dcc69e168105b60a4433332d http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 107650 0b12f0212a2e8ee31654a605e7b74219 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 705942 9dc21d18876a435f5ecbae3c1fa90fac http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb Size/MD5 checksum: 475034 072e1682115dd9c556d2eca5c65780af HP Precision architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 214666 50a69b51ec610a919c00e13dad97c237 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 189950 ed974a7360091fe4ea8a5dee5f310a93 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 54064 87d03aa246e3a8bed874ea20aab5c90c http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 214092 fdb3544036609131e218f1293d59ab62 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 68802 6476e62e8872de28da85a6d7ff6a91a8 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 55892 ae903fa8671838a64061748b150503ae http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 183066 bde3354927006d85aed74b4ce67f379b http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 85122 160ea9c72f59ee814853092ba414f37e http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 558094 4b5f91e312a31a075cf0ee5f5abb28f4 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb Size/MD5 checksum: 362152 bf33b679c8e3023f1baa81dedc1c9e32 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 164376 695f5090f6f02ef5ffcdb94994923d1d http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 144904 f03b67ac31422c20cd2024a7f530f077 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 44522 7bb04f7623ecb06934e615790364744e http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 164106 460978cf8ba185277681491f91269bd3 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 57054 8bcee8e9061c204cc1d53f310603f647 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 44838 c57524e8c13e8f007451617b6c99374f http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 146184 ef14d19fd5d0d4bb4a4ee88287e556cd http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 70032 1bccace886d6c662ab3b10b0cfaa29d9 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 409054 be8e8f2a4573bb15ec6024f00a1c4087 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb Size/MD5 checksum: 277330 c78d56b08e2e4c37bc7d9d1aae9272f6 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb Size/MD5 checksum: 206742 9881404c18f586f88b60322f6ac46e11 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb Size/MD5 checksum: 191334 637743e42bdcbd990a8a8eaec03f04e6 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb Size/MD5 checksum: 53510 c194be0f6dedfbaa82f3f7f51bbafe48 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb Size/MD5 checksum: 209794 7ad1a3ae1a623910446a89d44f4d7c0a http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb Size/MD5 checksum: 66606 0921f3d4930ad9501eba05cb48c86093 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb Size/MD5 checksum: 55072 22603859834a0c66169b9c6b3438296b http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb Size/MD5 checksum: 175416 edcbd96200fec2b725a64df310856287 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb Size/MD5 checksum: 72292 afa180a53f462b42ada57f4183e481b2 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb Size/MD5 checksum: 541350 be00fa435c03a2474310c03b3aadb3d0 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb Size/MD5 checksum: 308518 db69345f0ad3df1e0b3b70310ffa6ed6 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 210850 d7831efe581155af02fbf4cd4b298577 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 190990 facf8459bd0684335304e2a9af7b8ec1 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 53694 cbae172d0491dd9f259b31f502d3f0ef http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 213350 9b2e3742c660d42556e790503cfa73c2 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 66918 cf9b408405283ea6cda2dc7d79dc5187 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 54936 13d0e562fea89e39cecffe02caa5184f http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 177270 6e92b594956acc65452e8c351222fb53 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 72106 54a3fbae7e86134d48ee49befcb00c99 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 540884 a93fd74e3cfce1d61e81dc15adeede7d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb Size/MD5 checksum: 307184 e725f0ab101cf33b1eb127eb3d18df81 PowerPC architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 188456 1605cd80b08025be71477d33bae41d53 http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 164152 0e3d09352a72b78dce03519b297a87c3 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 49372 9289fc6a3d9a4a1e35e55a8f536b2762 http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 189546 cee053d38c1f38de08966f6957ed914a http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 62728 e6f98290ed591d955d5c80eb58d9f6dd http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 49338 bf451f9b226dd16dac16ee9c59d97783 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 162762 2edc9dee6e7672c838626cd391820de9 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 74060 5c6ce5c10f005fa31786354fd60c4616 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 490920 1a5ee5de494c46f5c00598b2ef5dff3d http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb Size/MD5 checksum: 303574 0972361a36370e77050b37e46aeaed66 IBM S/390 architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb Size/MD5 checksum: 189308 1b5d39163a97cb6ea829810afb1a648c http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb Size/MD5 checksum: 166440 0709eaf98f958d5190afbe956a277995 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb Size/MD5 checksum: 50302 f8721e09d7b159a5e16b293a8999d43c http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb Size/MD5 checksum: 190628 cd1c66f7eaa63239aee8fbb4a26bed76 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb Size/MD5 checksum: 67096 a191f8826271cfe94a8aef0d8e6aece1 http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb Size/MD5 checksum: 50278 b0fccd0d25256f8357e8f32e815bf6f6 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb Size/MD5 checksum: 164334 ce022c07d1815b0df8b5f9a46e8c2ed8 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb Size/MD5 checksum: 76638 4aa46656e9c0293fb5e28e56391e77bc http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb Size/MD5 checksum: 453482 b52bf2d4a664c52c350f80c1593ea5c2 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb Size/MD5 checksum: 319656 7b7d0c4b136d99b9dfaf798d4f94d0c9 Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 183454 aa907094cbdaac57da2f0eca9b8eb5bd http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 173036 7f173f3267bcab3e66922ea6d40b9108 http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 49792 ce46cc950c54a24025647cec765c6e6b http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 184358 1ae257a74f7e385a2e4e186a26e86da6 http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 64400 6429cb02f6d8c3948ef94176ee077c9e http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 49780 dc7690038fd1b4125179157411f96396 http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 159528 4c9938799737182f5fd4455f7ba08508 http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 73406 83f33192e1d069af16c155136117b331 http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 463024 94916989bafb9975e1d973cc0210b1d0 http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb Size/MD5 checksum: 301464 ebf61bee3343e02ea2d64066a6713424 These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-333A Apple Releases Security Update to Address Multiple Vulnerabilities Original release date: November 29, 2006 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X version 10.3.x and 10.4.x * Apple Mac OS X Server version 10.3.x and 10.4.x * Apple Safari web browser These vulnerabilities affect both Intel-based and PowerPC-based Apple systems. Vulnerabilities in OpenSSL, gzip, and other products are also addressed. I. Further details are available in the related vulnerability notes. This security update also addresses previously known vulnerabilities in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. The OpenSSL vulnerabilities are documented in multiple vulnerability notes. Information is also available through the OpenSSL vulnerabilities page. Information about the vulnerabilities in gzip is available in a series of vulnerability notes. Impact The impacts of these vulnerabilities vary. For specific details, see the appropriate vulnerability notes. Solution Install updates Install Apple Security Update 2006-007. References * Vulnerability Notes for Apple Security Update 2006-007 - * Vulnerability Notes for OpenSSL Security Advisory [28th September 2006] - * Vulnerability Note VU#845620 - * Vulnerability Note VU#933712 - * Vulnerability Note VU#381508 - * Vulnerability Note VU#554780 - * Vulnerability Note VU#596848 - * Vulnerability Note VU#773548 - * About the security content of Security Update 2006-007 - * Mac OS X: Updating your software - * Apple Downloads - * OpenSSL: OpenSSL vulnerabilities - * Securing Your Web Browser - _________________________________________________________________ The most recent version of this document can be found at: _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA06-333A Feedback VU#191336" in the subject. _________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: _________________________________________________________________ Revision History November 29, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6 lJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz iN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7 xr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf 8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q A580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg== =f7N+ -----END PGP SIGNATURE----- Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0162",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": "telnet",
"scope": "eq",
"trust": 1.6,
"vendor": "ncsa",
"version": "c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "heimdal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mit kerberos team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco unix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": "kerberos",
"scope": "lt",
"trust": 0.8,
"vendor": "mit kerberos",
"version": "5 (krb5-1.4.1 )"
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "ver. 2.x firmware version 2.10(jamming) ~ 2.27(ridge)"
},
{
"model": "seil/plus",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "firmware version 1.00(snappy) ~ 1.51(swisssingle)"
},
{
"model": "seil/turbo",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "firmware version 1.10(aberdeen) ~ 1.51(riodell)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "seam",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.0.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.6,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.14"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.0"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.6"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.1"
},
{
"model": "mn100",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.4"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.8"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "irix .19m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "irix e",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.6"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1x86"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "linux enterprise server for s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "linux i686",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "linux",
"scope": "ne",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6.3"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.27"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix t",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.3"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.16"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "linux -current",
"scope": "ne",
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.23"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "linux",
"scope": "ne",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.4"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.12"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.0.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.2"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.0"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.0.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "kerberos -alpha1",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.25"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.17.17"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.2"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.3"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.7"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix g",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "linux alt linux compact",
"scope": "eq",
"trust": 0.3,
"vendor": "alt",
"version": "2.3"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.1"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix xfs",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.3"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "linux alt linux junior",
"scope": "eq",
"trust": 0.3,
"vendor": "alt",
"version": "2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.17"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "irix a",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "gnu/*/linux",
"scope": "eq",
"trust": 0.3,
"vendor": "openwall",
"version": "1.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "irix d",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "3-dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.5.3"
},
{
"model": "kerberos -beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "gnu/*/linux -current",
"scope": null,
"trust": 0.3,
"vendor": "openwall",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "linux",
"scope": "ne",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.24"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.1.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.6"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "gnu/*/linux",
"scope": "eq",
"trust": 0.3,
"vendor": "openwall",
"version": "1.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.2"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "heimdal",
"scope": "ne",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6.4"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.10"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux",
"scope": "ne",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "irix .19f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "irix t",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.23"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "irix h",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix b",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.26"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.2"
},
{
"model": "modular messaging s3400",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.24"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "3-dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "irix ipr",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.2"
},
{
"model": "linux",
"scope": "ne",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.4"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "irix xfs",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.520"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.5.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.15"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "BID",
"id": "12919"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000202"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-503"
},
{
"db": "NVD",
"id": "CVE-2005-0468"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ncsa:telnet:c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0468"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gael DelalleauiDEFENSE Labs labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-503"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0468",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2005-0468",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0468",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#773548",
"trust": 0.8,
"value": "1.57"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#341908",
"trust": 0.8,
"value": "29.95"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-503",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000202"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-503"
},
{
"db": "NVD",
"id": "CVE-2005-0468"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The gzip program contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Included with many products telnet Clients env_opt_add() There is a vulnerability that causes a buffer overflow when certain input data including escape characters is processed due to improper bounds checking in the function.Configured by a third party telnet Guided or crafted the target user to log in to the server Web By displaying the page, arbitrary code may be executed with the user\u0027s authority. Multiple vendors\u0027 Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the \u0027env_opt_add()\u0027 function in the \u0027telnet.c\u0027 source file, which is apparently common source for all the affected vendors. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\ngzip Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA21996\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21996/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\ngzip 1.x\nhttp://secunia.com/product/4220/\n\nDESCRIPTION:\nTavis Ormandy has reported some vulnerabilities in gzip, which can be\nexploited by malicious people to cause a DoS (Denial of Service) and\npotentially compromise a vulnerable system. \n\n1) A boundary error within the \"make_table()\" function in unlzh.c can\nbe used to modify certain stack data. tricking\na user or automated system into unpacking a specially crafted archive\nfile. tricking a user or\nautomated system into unpacking a specially crafted \"pack\" archive\nfile. \n\n3) A buffer overflow within the \"make_table()\" function of gzip\u0027s LZH\nsupport can be exploited to cause a DoS and potentially to compromise\na vulnerable system by e.g. tricking a user or automated system into\nunpacking an archive containing a specially crafted decoding table. \n\n4) A NULL pointer dereference within the \"huft_build()\" function and\nan infinite loop within the LZH handling can be exploited to cause a\nDoS by e.g. tricking a user or automated system into unpacking a\nspecially crafted archive file. \n\nThe vulnerabilities have been reported in version 1.3.5. Other\nversions may also be affected. \n\nSOLUTION:\nDo not unpack untrusted archive files. \n\nPROVIDED AND/OR DISCOVERED BY:\nTavis Ormandy, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676\n\nOTHER REFERENCES:\nUS-CERT VU#554780:\nhttp://www.kb.cert.org/vuls/id/554780\n\nUS-CERT VU#381508:\nhttp://www.kb.cert.org/vuls/id/381508\n\nUS-CERT VU#773548:\nhttp://www.kb.cert.org/vuls/id/773548\n\nUS-CERT VU#933712:\nhttp://www.kb.cert.org/vuls/id/933712\n\nUS-CERT VU#596848\nhttp://www.kb.cert.org/vuls/id/596848\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. BACKGROUND\n\nThe TELNET protocol allows virtual network terminals to be connected to \nover the internet. The initial description of the telnet protocol was \ngiven in RFC854 in May 1983. Since then there have been many extra \nfeatures added including encryption. \n\nII. \n\nThe vulnerability specifically exists in the env_opt_add() function of\ntelnet.c. A buffer of a fixed size (256 bytes) is allocated to store the\nresult of the processing this function performs on network input. If\nthis buffer is not large enough to contain the string, the buffer is \nexpanded by a further 256 bytes. This size is sufficient for most well \nformed input, as the buffer passed as input to the affected function is \nlimited to the same size. However, due to the way the telnet protocol \nescapes certain characters, it is possible to increase the length of the\noutput by including a large run of characters which need escaping. This \ncan allow the 256 byte input buffer to expand to a maximum of 512 bytes \nin the allocated storage buffer. If, after expanding the buffer by 256 \nbytes, the buffer is still not large enough to contain the input, a heap\nbased buffer overflow occurs, which is exploitable on at least some \naffected platforms. \n\nIII. It may be \npossible to automatically launch the telnet command from a webpage, for \nexample:\n\n\u003chtml\u003e\u003cbody\u003e\n\u003ciframe src=\u0027telnet://malicious.server/\u0027\u003e\n\u003c/body\u003e\n\nOn opening this page the telnet client may be launched and attempt to \nconnect to the host \u0027malicious.server\u0027. \n\nIV. DETECTION\n\niDEFENSE has confirmed the existance of the vulnerability in the telnet \nclient included in the Kerberos V5 Release 1.3.6 package and the client \nincluded in the SUNWtnetc package of Solaris 5.9. It is suspected that \nmost BSD based telnet clients are affected by this vulnerability. \n\nV. WORKAROUND\n\niDEFENSE is currently unaware of any effective workarounds for this \nvulnerability. \n\nVI. VENDOR RESPONSE\n\nThe following vendors have provided official responses related to this\nvulnerability. Other vendors may be affected but have not provided an\nofficial response. \n\nVulnerable:\n\n- ALT Linux\nAll supported ALT Linux distributions include telnet client derived from\nOpenBSD 3.0. The env_opt_add() buffer overflow vulnerability is present\nin all our telnet clients. Updated packages with fixes for these issues\nwill be released on March 28, 2005. \nhttp://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html\n\n- Apple Computer, Inc. \nComponent: Telnet\nAvailable for: Mac OS X 10.3.8, Mac OS X Server 10.3.8\nThis is fixed in Security Update 2005-003, which is available at\nhttp://docs.info.apple.com/article.html?artnum=61798\n\n- FreeBSD\nFreeBSD-SA-05:01.telnet security advisory:\nftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc\n\n- MIT (Kerberos)\nThis vulnerability is covered in the following upcoming advisory:\nMITKRB5-SA-2005-001:\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt\npatch against krb5-1.4:\n http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt\n\n- Openwall Project\nThe bugs are fixed starting with telnet package version 3.0-owl2. \n http://www.openwall.com/Owl/CHANGES-current.shtml\n\n- Red Hat, Inc. \nRed Hat Enterprise Linux ship with telnet and krb5 packages vulnerable\nto this issue. New telnet and krb5 packages are now available along\nwith our advisory at the URLs below and by using the Red Hat Network\n\u0027up2date\u0027 tool. \n Red Hat Enterprise Linux - telnet\n http://rhn.redhat.com/errata/RHSA-2005-330.html\n Red Hat Enterprise Linux - krb5\n http://rhn.redhat.com/errata/RHSA-2005-327.html\n\n- Sun Microsystems Inc. \nSun confirms that the telnet(1) vulnerabilities do affect all\ncurrently supported versions of Solaris:\n Solaris 7, 8, 9 and 10\nSun has released a Sun Alert which describes a workaround until patches\nare available at:\n http://sunsolve.sun.com\n Sun Alert #57755 \nThe Sun Alert will be updated with the patch information once it becomes\navailable. Sun patches are available from:\n http://sunsolve.sun.com/securitypatch\n\nNot Vulnerable:\n\n- CyberSafe Limited\nThe CyberSafe TrustBroker products, version 3.0 or later, are not\nvulnerable. \n\n- Hewlett-Packard Development Company, L.P. \nHP-UX and HP Tru64 UNIX are not vulnerable. \n\n- InterSoft International, Inc. \nInterSoft International, Inc. products NetTerm, SecureNetTerm and\nSNetTerm are not affected by the env_opt_add() buffer overflow\nconditions. \n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CAN-2005-0468 to this issue. This is a candidate for inclusion\nin the CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n02/18/2005 Initial vendor notifications\n03/28/2005 Coordinated public disclosure\n\nIX. CREDIT\n\nGa\\xebl Delalleau credited with this discovery. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2005 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll telnet-bsd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/telnet-bsd-1.0-r1\"\n\nReferences\n==========\n\n [ 1 ] CAN-2005-0468\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468\n [ 2 ] IDEF0867\n\nhttp://www.idefense.com/application/poi/display?id=221\u0026type=vulnerabilities\n [ 3 ] CAN-2005-0469\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469\n [ 4 ] IDEF0866\n\nhttp://www.idefense.com/application/poi/display?id=220\u0026type=vulnerabilities\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200504-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2005 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n______________________________________________________________________________\n\n\t\t\tSCO Security Advisory\n\nSubject:\t\tUnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : telnet client multiple issues\nAdvisory number: \tSCOSA-2005.21\nIssue date: \t\t2005 April 08\nCross reference:\tsr893210 fz531446 erg712801 CAN-2005-0469 CAN-2005-0468\n______________________________________________________________________________\n\n\n1. UnixWare 7.1.4\n\n\t4.1 Location of Fixed Binaries\n\n\tftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21\n\n\t4.2 Verification\n\n\tMD5 (erg712801.714.pkg.Z) = bf53673ea12a1c25e3606a5b879adbc4\n\n\tmd5 is available for download from\n\t\tftp://ftp.sco.com/pub/security/tools\n\n\t4.3 Installing Fixed Binaries\n\n\tUpgrade the affected binaries with the following sequence:\n\n\tDownload erg712801.714.pkg.Z to the /var/spool/pkg directory\n\n\t# uncompress /var/spool/pkg/erg712801.714.pkg.Z\n\t# pkgadd -d /var/spool/pkg/erg712801.714.pkg\n\n\n5. UnixWare 7.1.3\n\n\t5.1 Location of Fixed Binaries\n\n\tftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21\n\n\t5.2 Verification\n\n\tMD5 (erg712801.713.pkg.Z) = e876b261afbecb41c18c26d6ec11e71d\n\n\tmd5 is available for download from\n\t\tftp://ftp.sco.com/pub/security/tools\n\n\t5.3 Installing Fixed Binaries\n\n\tUpgrade the affected binaries with the following sequence:\n\n\tDownload erg712801.713.pkg.Z to the /var/spool/pkg directory\n\n\t# uncompress /var/spool/pkg/erg712801.713.pkg.Z\n\t# pkgadd -d /var/spool/pkg/erg712801.713.pkg\n\n\n6. UnixWare 7.1.1\n\n\t6.1 Location of Fixed Binaries\n\n\tftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21\n\n\t6.2 Verification\n\n\tMD5 (erg712801.711.pkg.Z) = f3099416a793c1f731bc7e377fe0e4a2\n\n\tmd5 is available for download from\n\t\tftp://ftp.sco.com/pub/security/tools\n\n\t6.3 Installing Fixed Binaries\n\n\tUpgrade the affected binaries with the following sequence:\n\n\tDownload erg712801.711.pkg.Z to the /var/spool/pkg directory\n\n\t# uncompress /var/spool/pkg/erg712801.711.pkg.Z\n\t# pkgadd -d /var/spool/pkg/erg712801.711.pkg\n\n\n7. References\n\n\tSpecific references for this advisory:\n\t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 \n\t\thttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 \n\t\thttp://www.idefense.com/application/poi/display?id=221\u0026type=vulnerabilities \n\t\thttp://www.idefense.com/application/poi/display?id=220\u0026type=vulnerabilities\n\n\tSCO security resources:\n\t\thttp://www.sco.com/support/security/index.html\n\n\tSCO security advisories via email\n\t\thttp://www.sco.com/support/forums/security.html\n\n\tThis security fix closes SCO incidents sr893210 fz531446\n\terg712801. Disclaimer\n\n\tSCO is not responsible for the misuse of any of the information\n\twe provide on this website and/or through our security\n\tadvisories. Our advisories are a service to our customers\n\tintended to promote secure installation and use of SCO\n\tproducts. Additional user interaction may not be required if the\nattacker can get the user to view HTML containing an IFRAME tag\ncontaining a \"telnet:\" URL pointing to a malicious server. \n\nFIXES\n=====\n\n* WORKAROUND: Disable handling of \"telnet:\" URLs in web browsers,\n email readers, etc., or remove execute permissions from the telnet\n client program. \n\n* The upcoming krb5-1.4.1 patch release will contain fixes for this\n problem. \n\n* Apply the patch found at:\n\n http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt\n\n The associated detached PGP signature is at:\n\n http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt.asc\n\n The patch was generated against the krb5-1.4 release. It may apply\n against earlier releases with some offset. \n\nDETAILS\n=======\n\nThe slc_add_reply() function in telnet.c performs inadequate length\nchecking. \n\nThe env_opt_add() function in telnet.c performs inadequate length\nchecking. \n\nFor the stable distribution (woody) these problems have been fixed in\nversion 1.2.4-5woody8. \n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.3.6-1. \n\nWe recommend that you upgrade your krb5 package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc\n Size/MD5 checksum: 750 51c3ea6dcf74a9d82bef016509870c3d\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz\n Size/MD5 checksum: 83173 97d5ce1eeec763cc67d56b0758891a0f\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz\n Size/MD5 checksum: 5443051 663add9b5942be74a86fa860a3fa4167\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb\n Size/MD5 checksum: 512968 88dea0dcf727a6fe03457485e6c98ea4\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 253798 4124ad89c3d6698ae5ce09cc0a810e77\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 217536 02bdd8e928ce65cfc415de890106cde7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 63072 9aa2b092cc3d4729f6d309160b27117c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 252162 0f2b0638347b34b07ab919c05b7a404a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 76452 4eab68ade26bdd00dc733183f673cf7e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 59106 4c00e1ad73ba0be9631ed3b20846cf31\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 207478 f94b1e493f4a35a9244ab0a71f714f61\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 83948 b4870cfb49811f9e9bfc182004d6e72a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 633440 f794455df495082bd8c40b2f0a6e0f22\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 367446 248fced4d354d47649deaa0c5d349354\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 197342 11591d7d943ee2d38f0117b53ec59026\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 160678 f4118cf6266830f7db9553329dcc1532\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 48830 dc4986db69fc9fa3aacd9487a1a57004\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 198672 6e11c792134a4d9bd602a7461895c42c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 63738 01cee2e685f3bc973f7cce7e5ec08f56\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 49406 03755be7fa950f05c099aff6dc847e7d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 166018 b8000d9c82076d7134aacf28a3ae7a98\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 73626 3070b54d29b8174b78886e37bc25c112\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 493632 b74a2e03c250019f25ff58387792d666\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 295230 bd4ccc64814aeebd0071b68dc964080d\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 179362 e38dffa6b1e44da9c05ab5569283141b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 152348 eb2d37aca6f5aeb2ecd3dc7a66b351fc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 46370 dda52cc0f381955716025f4f3f210630\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 178578 3d9e28bc8bbd83161cd8c9781db99e76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 61358 846936ed49d43dddf11c8239e7ecb74f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 46652 4b12ff1ef17b81aadec2cf27c249b263\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 156624 2a626d8694742a825242085d83efb40f\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 72022 678e924f12886c54cb3ca9bdee6a8da4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 433960 9a90e0a4c79b81f2d00945fb7bdf84da\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 293706 be17bc6de25438a34466e7a47c5e4a0f\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 322390 bd8deae9fe5e2fd0d0e304d93c676c95\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 266614 fa5fedbcc5ce19cf0fd6e0f019988aaa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 73742 3b21c0fd054d80e979808c47bef49b15\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 322348 b893958f43de292d927b49cd9dda434b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 92050 2c1a3cf4ae7311dc95a696bf919148e9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 70700 38b66040685eb5421abcb92cdcb682df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 256278 5440c691dcc69e168105b60a4433332d\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 107650 0b12f0212a2e8ee31654a605e7b74219\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 705942 9dc21d18876a435f5ecbae3c1fa90fac\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 475034 072e1682115dd9c556d2eca5c65780af\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 214666 50a69b51ec610a919c00e13dad97c237\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 189950 ed974a7360091fe4ea8a5dee5f310a93\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 54064 87d03aa246e3a8bed874ea20aab5c90c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 214092 fdb3544036609131e218f1293d59ab62\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 68802 6476e62e8872de28da85a6d7ff6a91a8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 55892 ae903fa8671838a64061748b150503ae\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 183066 bde3354927006d85aed74b4ce67f379b\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 85122 160ea9c72f59ee814853092ba414f37e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 558094 4b5f91e312a31a075cf0ee5f5abb28f4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 362152 bf33b679c8e3023f1baa81dedc1c9e32\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 164376 695f5090f6f02ef5ffcdb94994923d1d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 144904 f03b67ac31422c20cd2024a7f530f077\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 44522 7bb04f7623ecb06934e615790364744e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 164106 460978cf8ba185277681491f91269bd3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 57054 8bcee8e9061c204cc1d53f310603f647\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 44838 c57524e8c13e8f007451617b6c99374f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 146184 ef14d19fd5d0d4bb4a4ee88287e556cd\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 70032 1bccace886d6c662ab3b10b0cfaa29d9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 409054 be8e8f2a4573bb15ec6024f00a1c4087\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 277330 c78d56b08e2e4c37bc7d9d1aae9272f6\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 206742 9881404c18f586f88b60322f6ac46e11\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 191334 637743e42bdcbd990a8a8eaec03f04e6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 53510 c194be0f6dedfbaa82f3f7f51bbafe48\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 209794 7ad1a3ae1a623910446a89d44f4d7c0a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 66606 0921f3d4930ad9501eba05cb48c86093\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 55072 22603859834a0c66169b9c6b3438296b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 175416 edcbd96200fec2b725a64df310856287\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 72292 afa180a53f462b42ada57f4183e481b2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 541350 be00fa435c03a2474310c03b3aadb3d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 308518 db69345f0ad3df1e0b3b70310ffa6ed6\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 210850 d7831efe581155af02fbf4cd4b298577\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 190990 facf8459bd0684335304e2a9af7b8ec1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 53694 cbae172d0491dd9f259b31f502d3f0ef\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 213350 9b2e3742c660d42556e790503cfa73c2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 66918 cf9b408405283ea6cda2dc7d79dc5187\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 54936 13d0e562fea89e39cecffe02caa5184f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 177270 6e92b594956acc65452e8c351222fb53\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 72106 54a3fbae7e86134d48ee49befcb00c99\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 540884 a93fd74e3cfce1d61e81dc15adeede7d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 307184 e725f0ab101cf33b1eb127eb3d18df81\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 188456 1605cd80b08025be71477d33bae41d53\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 164152 0e3d09352a72b78dce03519b297a87c3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 49372 9289fc6a3d9a4a1e35e55a8f536b2762\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 189546 cee053d38c1f38de08966f6957ed914a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 62728 e6f98290ed591d955d5c80eb58d9f6dd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 49338 bf451f9b226dd16dac16ee9c59d97783\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 162762 2edc9dee6e7672c838626cd391820de9\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 74060 5c6ce5c10f005fa31786354fd60c4616\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 490920 1a5ee5de494c46f5c00598b2ef5dff3d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 303574 0972361a36370e77050b37e46aeaed66\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 189308 1b5d39163a97cb6ea829810afb1a648c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 166440 0709eaf98f958d5190afbe956a277995\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 50302 f8721e09d7b159a5e16b293a8999d43c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 190628 cd1c66f7eaa63239aee8fbb4a26bed76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 67096 a191f8826271cfe94a8aef0d8e6aece1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 50278 b0fccd0d25256f8357e8f32e815bf6f6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 164334 ce022c07d1815b0df8b5f9a46e8c2ed8\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 76638 4aa46656e9c0293fb5e28e56391e77bc\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 453482 b52bf2d4a664c52c350f80c1593ea5c2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 319656 7b7d0c4b136d99b9dfaf798d4f94d0c9\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 183454 aa907094cbdaac57da2f0eca9b8eb5bd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 173036 7f173f3267bcab3e66922ea6d40b9108\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 49792 ce46cc950c54a24025647cec765c6e6b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 184358 1ae257a74f7e385a2e4e186a26e86da6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 64400 6429cb02f6d8c3948ef94176ee077c9e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 49780 dc7690038fd1b4125179157411f96396\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 159528 4c9938799737182f5fd4455f7ba08508\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 73406 83f33192e1d069af16c155136117b331\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 463024 94916989bafb9975e1d973cc0210b1d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 301464 ebf61bee3343e02ea2d64066a6713424\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA06-333A\n\n\nApple Releases Security Update to Address Multiple Vulnerabilities\n\n Original release date: November 29, 2006\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Apple Mac OS X version 10.3.x and 10.4.x\n * Apple Mac OS X Server version 10.3.x and 10.4.x\n * Apple Safari web browser\n\n These vulnerabilities affect both Intel-based and PowerPC-based Apple\n systems. Vulnerabilities in OpenSSL, gzip, and other products are also\n addressed. \n\n\nI. Further details are available in the related vulnerability\n notes. \n\n This security update also addresses previously known vulnerabilities\n in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. The\n OpenSSL vulnerabilities are documented in multiple vulnerability\n notes. Information is also available through the OpenSSL\n vulnerabilities page. Information about the vulnerabilities in gzip is\n available in a series of vulnerability notes. Impact\n\n The impacts of these vulnerabilities vary. For specific details, see\n the appropriate vulnerability notes. Solution\n\nInstall updates\n\n Install Apple Security Update 2006-007. References\n\n * Vulnerability Notes for Apple Security Update 2006-007 -\n \u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e\n\n * Vulnerability Notes for OpenSSL Security Advisory [28th September\n 2006] -\n\u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e\n\n * Vulnerability Note VU#845620 -\n \u003chttp://www.kb.cert.org/vuls/id/845620\u003e\n\n * Vulnerability Note VU#933712 -\n \u003chttp://www.kb.cert.org/vuls/id/933712\u003e\n\n * Vulnerability Note VU#381508 -\n \u003chttp://www.kb.cert.org/vuls/id/381508\u003e\n\n * Vulnerability Note VU#554780 -\n \u003chttp://www.kb.cert.org/vuls/id/554780\u003e\n\n * Vulnerability Note VU#596848 -\n \u003chttp://www.kb.cert.org/vuls/id/596848\u003e\n\n * Vulnerability Note VU#773548 -\n \u003chttp://www.kb.cert.org/vuls/id/773548\u003e\n\n * About the security content of Security Update 2006-007 -\n \u003chttp://docs.info.apple.com/article.html?artnum=304829\u003e\n\n * Mac OS X: Updating your software -\n \u003chttp://docs.info.apple.com/article.html?artnum=106704\u003e\n\n * Apple Downloads - \u003chttp://www.apple.com/support/downloads/\u003e\n\n * OpenSSL: OpenSSL vulnerabilities -\n \u003chttp://www.openssl.org/news/vulnerabilities.html\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/#Safari\u003e\n\n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA06-333A.html\u003e\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA06-333A Feedback VU#191336\" in the\n subject. \n _________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n\n _________________________________________________________________\n\n Revision History\n\n November 29, 2006: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6\nlJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz\niN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7\nxr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf\n8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q\nA580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg==\n=f7N+\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0468"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000202"
},
{
"db": "BID",
"id": "12919"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "38276"
},
{
"db": "PACKETSTORM",
"id": "36841"
},
{
"db": "PACKETSTORM",
"id": "36938"
},
{
"db": "PACKETSTORM",
"id": "37029"
},
{
"db": "PACKETSTORM",
"id": "37094"
},
{
"db": "PACKETSTORM",
"id": "36854"
},
{
"db": "PACKETSTORM",
"id": "36947"
},
{
"db": "PACKETSTORM",
"id": "52708"
}
],
"trust": 5.58
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0468",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "14745",
"trust": 3.2
},
{
"db": "CERT/CC",
"id": "VU#341908",
"trust": 3.2
},
{
"db": "BID",
"id": "12919",
"trust": 2.7
},
{
"db": "BID",
"id": "22083",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "17899",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#773548",
"trust": 1.0
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2007.0014",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2005.0419",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15030",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000202",
"trust": 0.8
},
{
"db": "FREEBSD",
"id": "FREEBSD-SA-05:01.TELNET",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-703",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-731",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101665",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57761",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101671",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57755",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:330",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:327",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-224-1",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20050328 MULTIPLE TELNET CLIENT ENV_OPT_ADD() BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2005:061",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2005:962",
"trust": 0.6
},
{
"db": "SGI",
"id": "20050405-01-P",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200505-503",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#554780",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#933712",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#596848",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#381508",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "21996",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "50178",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38276",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36841",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36938",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37029",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37094",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36854",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36947",
"trust": 0.1
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52708",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "BID",
"id": "12919"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000202"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "38276"
},
{
"db": "PACKETSTORM",
"id": "36841"
},
{
"db": "PACKETSTORM",
"id": "36938"
},
{
"db": "PACKETSTORM",
"id": "37029"
},
{
"db": "PACKETSTORM",
"id": "37094"
},
{
"db": "PACKETSTORM",
"id": "36854"
},
{
"db": "PACKETSTORM",
"id": "36947"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-503"
},
{
"db": "NVD",
"id": "CVE-2005-0468"
}
]
},
"id": "VAR-200505-0162",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4615448
},
"last_update_date": "2024-07-23T22:09:05.800000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "telnet",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/telnet.html"
},
{
"title": "MITKRB5-SA-2005-001",
"trust": 0.8,
"url": "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2005-001-telnet.txt"
},
{
"title": "RHSA-2005:327",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2005-327.html"
},
{
"title": "RHSA-2005:330",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-330.html"
},
{
"title": "Telnet \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306e\u8106\u5f31\u6027\u306b\u3088\u308b SEIL \u30b7\u30ea\u30fc\u30ba\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.seil.jp/seilseries/news/snote/_snote_20050810_01.html"
},
{
"title": "57761",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1"
},
{
"title": "57755",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1"
},
{
"title": "57761",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-3"
},
{
"title": "57755",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-3"
},
{
"title": "TLSA-2005-52",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2005/tlsa-2005-52.txt"
},
{
"title": "RHSA-2005:327",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-327j.html"
},
{
"title": "RHSA-2005:330",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-330j.html"
},
{
"title": "TLSA-2005-52",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2005/tlsa-2005-52j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0468"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.idefense.com/application/poi/display?id=221\u0026type=vulnerabilities"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/12919"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/341908"
},
{
"trust": 2.0,
"url": "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2005-001-telnet.txt"
},
{
"trust": 1.9,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1"
},
{
"trust": 1.9,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/14745/"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-330.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-327.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2005/dsa-703"
},
{
"trust": 1.6,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20050405-01-p"
},
{
"trust": 1.6,
"url": "http://www.ubuntulinux.org/usn/usn-224-1"
},
{
"trust": 1.6,
"url": "http://www.debian.de/security/2005/dsa-731"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17899"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/14745"
},
{
"trust": 1.6,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000962"
},
{
"trust": 1.6,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-05:01.telnet.asc"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2005:061"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9640"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.gzip.org/"
},
{
"trust": 0.8,
"url": "http://www.auscert.org.au/7179"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://web.mit.edu/kerberos/www/...s/mitkrb5-sa-2005-001-telnet.txt "
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1 "
},
{
"trust": 0.8,
"url": "http://www.auscert.org.au/5134"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0468"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23341908"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0468"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15030/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0468"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0468"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0469"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0469"
},
{
"trust": 0.4,
"url": "http://lists.altlinux.ru/pipermail/security-announce/2005-march/000287.html"
},
{
"trust": 0.4,
"url": "http://www.openwall.com/owl/changes-current.shtml"
},
{
"trust": 0.4,
"url": "http://rhn.redhat.com/errata/rhsa-2005-327.html"
},
{
"trust": 0.4,
"url": "http://rhn.redhat.com/errata/rhsa-2005-330.html"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata.html#telnet"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata35.html#telnet"
},
{
"trust": 0.3,
"url": "http://www.pdc.kth.se/heimdal/advisory/2005-04-20/"
},
{
"trust": 0.3,
"url": "http://www.uniras.gov.uk/niscc/docs/br-20051101-00969.html?lang=en"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-088_rhsa-2005-330.pdf"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-132_rhsa-2005-327.pdf"
},
{
"trust": 0.3,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000962"
},
{
"trust": 0.3,
"url": "http://www.f5.com/"
},
{
"trust": 0.3,
"url": "http://www.netbsd.org/"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=301061"
},
{
"trust": 0.3,
"url": "/archive/1/394396"
},
{
"trust": 0.3,
"url": "/archive/1/394490"
},
{
"trust": 0.3,
"url": "/archive/1/394524"
},
{
"trust": 0.3,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.3,
"url": "http://creativecommons.org/licenses/by-sa/2.0"
},
{
"trust": 0.3,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.3,
"url": "http://www.idefense.com/application/poi/display?id=220\u0026type=vulnerabilities"
},
{
"trust": 0.2,
"url": "http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508"
},
{
"trust": 0.1,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4220/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21996/"
},
{
"trust": 0.1,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200504-28.xml"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/poi/teams/vcp.jsp"
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/securitypatch"
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200504-01.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200504-04.xml"
},
{
"trust": 0.1,
"url": "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2005-001-telnet.txt"
},
{
"trust": 0.1,
"url": "http://www.sco.com/support/security/index.html"
},
{
"trust": 0.1,
"url": "http://www.sco.com/support/forums/security.html"
},
{
"trust": 0.1,
"url": "http://web.mit.edu/kerberos/advisories/index.html"
},
{
"trust": 0.1,
"url": "http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt.asc"
},
{
"trust": 0.1,
"url": "http://web.mit.edu/kerberos/index.html"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/845620\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848\u003e"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/news/vulnerabilities.html\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=304829\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/#safari\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=106704\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "BID",
"id": "12919"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000202"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "38276"
},
{
"db": "PACKETSTORM",
"id": "36841"
},
{
"db": "PACKETSTORM",
"id": "36938"
},
{
"db": "PACKETSTORM",
"id": "37029"
},
{
"db": "PACKETSTORM",
"id": "37094"
},
{
"db": "PACKETSTORM",
"id": "36854"
},
{
"db": "PACKETSTORM",
"id": "36947"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-503"
},
{
"db": "NVD",
"id": "CVE-2005-0468"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "BID",
"id": "12919"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000202"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "38276"
},
{
"db": "PACKETSTORM",
"id": "36841"
},
{
"db": "PACKETSTORM",
"id": "36938"
},
{
"db": "PACKETSTORM",
"id": "37029"
},
{
"db": "PACKETSTORM",
"id": "37094"
},
{
"db": "PACKETSTORM",
"id": "36854"
},
{
"db": "PACKETSTORM",
"id": "36947"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-503"
},
{
"db": "NVD",
"id": "CVE-2005-0468"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-19T00:00:00",
"db": "CERT/CC",
"id": "VU#773548"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2005-04-01T00:00:00",
"db": "CERT/CC",
"id": "VU#341908"
},
{
"date": "2005-03-28T00:00:00",
"db": "BID",
"id": "12919"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000202"
},
{
"date": "2006-09-21T23:56:25",
"db": "PACKETSTORM",
"id": "50178"
},
{
"date": "2005-06-24T07:12:08",
"db": "PACKETSTORM",
"id": "38276"
},
{
"date": "2005-03-29T05:19:36",
"db": "PACKETSTORM",
"id": "36841"
},
{
"date": "2005-04-14T07:02:43",
"db": "PACKETSTORM",
"id": "36938"
},
{
"date": "2005-04-17T18:36:49",
"db": "PACKETSTORM",
"id": "37029"
},
{
"date": "2005-04-18T05:54:33",
"db": "PACKETSTORM",
"id": "37094"
},
{
"date": "2005-03-29T19:42:54",
"db": "PACKETSTORM",
"id": "36854"
},
{
"date": "2005-04-14T07:43:25",
"db": "PACKETSTORM",
"id": "36947"
},
{
"date": "2006-12-06T02:47:36",
"db": "PACKETSTORM",
"id": "52708"
},
{
"date": "2005-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-503"
},
{
"date": "2005-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2005-0468"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#773548"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2005-07-28T00:00:00",
"db": "CERT/CC",
"id": "VU#341908"
},
{
"date": "2007-02-22T18:56:00",
"db": "BID",
"id": "12919"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000202"
},
{
"date": "2006-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-503"
},
{
"date": "2017-10-11T01:29:56.217000",
"db": "NVD",
"id": "CVE-2005-0468"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "36841"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-503"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-503"
}
],
"trust": 0.6
}
}
VAR-200503-0071
Vulnerability from variot - Updated: 2024-07-23 21:28The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. There is a vulnerability in the Sun Java Plug-in that could allow a malicious Java applet to bypass restrictions for untrusted applets. Multiple vulnerabilities exist in numerous Oracle products. The impacts of these vulnerabilities are varied and may include remote execution of arbitrary code, the disclosure of sensitive information, and denial-of-service conditions. various Oracle Multiple vulnerabilities exist in the product and its components.Although it depends on the target product, a third party can execute any command or code remotely, leak information in the database, disrupt service operation ( Denial-of-Service,DoS ) Attacks could be made. Reports indicate that it is possible for a malicious website that contains JavaScript code to exploit this vulnerability to load a dangerous Java class and to pass this class to an invoked applet. If a vulnerable version is still installed on the computer, it may be possible for to specify that this version runs the applet instead of an updated version that is not prone to the vulnerability. Users affected by this vulnerability should remove earlier versions of the plug-in. This functionality could also be abused to prompt users to install vulnerable versions of the plug-in, so users should be wary of doing so. This general security weakness has been assigned an individual BID (11757). Various Oracle Database Server, Oracle Enterprise Manager, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite and Applications, Oracle Workflow, Oracle Forms and Reports, Oracle JInitiator, Oracle Developer Suite, and Oracle Express Server are affected by multiple vulnerabilities. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Oracle has released a Critical Patch Update advisory for July 2005 to address these vulnerabilities. This Critical Patch Update addresses the vulnerabilities for supported releases. Earlier, unsupported releases are likely to be affected by the issues as well. The issue is that documents may be served with weaker SSL encryption than configured in Oracle HTTP Server. This could result in a false sense of security. Oracle has not released any further information about this weakness. The first issue can allow an untrusted applet to escalate its privileges to access resources with the privilege level of the user running the applet. This issue occurs only in Internet Explorer running on Windows. The second issue allows an untrusted applet to interfere with another applet embedded in the same web page. This issue occurs in Java running on Windows, Solaris, and Linux. A remote attacker can use this vulnerability to bypass the Java\'\'sandbox\'\' and all restrictions to access restricted resources and systems. BACKGROUND
Java Plug-in technology, included as part of the Java 2 Runtime Environment, Standard Edition (JRE), establishes a connection between popular browsers and the Java platform. This connection enables applets on Web sites to be run within a browser on the desktop.
II.
A number of private Java packages exist within the Java Virtual Machine (VM) and are used internally by the VM. Security restrictions prevent Applets from accessing these packages. Any attempt to access these packages, results in a thrown exception of 'AccessControlException', unless the Applet is signed and the user has chosen to trust the issuer.
III. ANALYSIS
Successful exploitation allows remote attackers to execute hostile Applets that can access, download, upload or execute arbitrary files as well as access the network. A target user must be running a browser on top of a vulnerable Java Virtual Machine to be affected. It is possible for an attacker to create a cross-platform, cross-browser exploit for this vulnerability. Once compromised, an attacker can execute arbitrary code under the privileges of the user who instantiated the vulnerable browser.
IV. DETECTION
iDEFENSE has confirmed the existence of this vulnerability in Java 2 Platform, Standard Edition (J2SE) 1.4.2_01 and 1.4.2_04 from Sun Microsystems. Various browsers such as Internet Explorer, Mozilla and Firefox on both Windows and Unix platforms can be exploited if they are running a vulnerable Java Virtual Machine.
V. Other Java Virtual Machines, such as the Microsoft VM, are available and can be used as an alternative.
VI. VENDOR RESPONSE
This issue has been fixed in J2SE v 1.4.2_06 available at:
[15]http://java.sun.com/j2se/1.4.2/download.html
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2004-1029 to this issue. This is a candidate for inclusion in the CVE list ([16]http://cve.mitre.org), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
06/29/2004 Initial vendor notification 06/30/2004 Initial vendor response 08/16/2004 iDEFENSE clients notified 11/22/2004 Public disclosure
IX. CREDIT
Jouko Pynnonen (jouko[at]iki.fi) is credited with this discovery.
Get paid for vulnerability research [17]http://www.idefense.com/poi/teams/vcp.jsp
X. LEGAL NOTICES
Copyright \xa9 2004 iDEFENSE, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email [18]customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200503-0071",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jre",
"scope": "eq",
"trust": 3.4,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 2.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 2.8,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 1.8,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.4.0_01"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.3.1_07"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "1.3.1_09"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_06"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.0_4"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.0_02"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.1_02"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_03"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_02"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.1_01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.23"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_05"
},
{
"model": "java sdk-rte",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "1.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_03"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.22"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_04"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.1_02"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.0_03"
},
{
"model": "java sdk-rte",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "1.3"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_05"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.1_01"
},
{
"model": "gateway security 5400",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_05"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_06"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.0_02"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.0_04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.11"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_04"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_01"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_07"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.0_01"
},
{
"model": "gateway security 5400",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.1_03"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_03"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_01"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_02"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.0_03"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.2_02"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.4.1_07"
},
{
"model": "jdk",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "1.3.1_01a"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 06",
"scope": "ne",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": "notes",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "6.5.6"
},
{
"model": "notes",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.3.1_12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.1"
},
{
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.2_05"
},
{
"model": "sdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.3.1_12"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.1"
},
{
"model": "sdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.2_05"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "v8.0"
},
{
"model": "gateway security 5400 series",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "v2.0"
},
{
"model": "gateway security 5400 series",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "v2.0.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10g"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10g"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11i"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10g"
},
{
"model": "jinitiator",
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.4.0"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "enterprise manager database control 10g",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "enterprise manager database control 10g",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "jinitiator",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.3.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "8.0.6"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "enterprise manager application server control",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "8.0.6.3"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "workflow",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "11.5.9.5"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jinitiator",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.1.8"
},
{
"model": "enterprise manager application server control",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.4.0"
},
{
"model": "workflow",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "11.5.1"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.6,
"vendor": "hp",
"version": null
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "forms and reports",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "6.0.8.25"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "forms and reports",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "4.5.10.22"
},
{
"model": "express server",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "6.3.4.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "enterprise manager database control 10g",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "java runtime environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "21.4.1"
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java runtime environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "21.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "http server for server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "java runtime environment 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "21.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "http server for server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "http server roll up",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.22"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "java desktop system",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2003"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "http server for apps only .1s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "java runtime environment 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "21.3"
},
{
"model": "java desktop system",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.0"
},
{
"model": "http server for server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "java runtime environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "21.3"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "java sdk/rte for hp-ux pa-risc",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "java sdk/rte for hp-ux pa-risc",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.3"
},
{
"model": "java runtime environment 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "21.3.1"
},
{
"model": "java runtime environment 08",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "21.3.1"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.6"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.5"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.4"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.3"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.2"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.1"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.5"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "collaboration suite release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.4.2"
},
{
"model": "collaboration suite release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.4.1"
},
{
"model": "oracle9i application server web cache",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.12"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.5"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.5"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.3"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.3"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.6"
},
{
"model": "lotus notes",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.4"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "lotus notes fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.5"
},
{
"model": "lotus notes fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.5"
},
{
"model": "lotus notes fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.6"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.3"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.4"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#760344"
},
{
"db": "CERT/CC",
"id": "VU#613562"
},
{
"db": "BID",
"id": "11726"
},
{
"db": "BID",
"id": "14238"
},
{
"db": "BID",
"id": "14279"
},
{
"db": "BID",
"id": "12317"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000876"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-002"
},
{
"db": "NVD",
"id": "CVE-2004-1029"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:java_sdk-rte:1.3:*:hp-ux_pa-risc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_02:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_03:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_06:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_06:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_02:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_03:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1_03:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1_03:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_03:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_03:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update2:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update2:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update1:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update1:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update8:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_02:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_05:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_05:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_06:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_09:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_09:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_03:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_03:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1:update3:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1:update3:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1_07:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update2:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update2:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update5:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update5:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_02:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_02:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_05:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_05:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_02:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_02:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_4:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1_02:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1_02:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_02:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_03:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_05:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_05:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update1:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update2:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update5:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update8:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update8:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_03:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_05:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_07:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_09:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_02:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_03:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1:update3:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1_02:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1_02:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update1:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update2:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update4:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update5:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_01:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_01a:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_04:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_05:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_07:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_07:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_01:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_4:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_4:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1_01:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1_02:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_01:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_04:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_05:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update5:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update5:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update4:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update4:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_03:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_03:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_07:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_07:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_02:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_02:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_04:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1_01:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1_02:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update1:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update1:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update3:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update4:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update4:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:java_sdk-rte:1.4:*:hp-ux_pa-risc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_01:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_03:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_03:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_06:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.3.1_07:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_03:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.0_03:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1_01:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1_01:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.1_03:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_04:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4.2_04:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jdk:1.4:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update3:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update4:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.0:update4:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update1:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1:update1a:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_02:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_02:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_06:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.3.1_06:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_01:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_01:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_04:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.0_04:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1_01:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.1_01:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update3:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4.2:update3:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sun:jre:1.4:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1029"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jouko Pynnonen jouko@iki.fi",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200503-002"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1029",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2004-1029",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-9459",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1029",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#760344",
"trust": 0.8,
"value": "17.55"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#613562",
"trust": 0.8,
"value": "55.60"
},
{
"author": "CNNVD",
"id": "CNNVD-200503-002",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-9459",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#760344"
},
{
"db": "CERT/CC",
"id": "VU#613562"
},
{
"db": "VULHUB",
"id": "VHN-9459"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-002"
},
{
"db": "NVD",
"id": "CVE-2004-1029"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. There is a vulnerability in the Sun Java Plug-in that could allow a malicious Java applet to bypass restrictions for untrusted applets. Multiple vulnerabilities exist in numerous Oracle products. The impacts of these vulnerabilities are varied and may include remote execution of arbitrary code, the disclosure of sensitive information, and denial-of-service conditions. various Oracle Multiple vulnerabilities exist in the product and its components.Although it depends on the target product, a third party can execute any command or code remotely, leak information in the database, disrupt service operation ( Denial-of-Service,DoS ) Attacks could be made. Reports indicate that it is possible for a malicious website that contains JavaScript code to exploit this vulnerability to load a dangerous Java class and to pass this class to an invoked applet. If a vulnerable version is still installed on the computer, it may be possible for to specify that this version runs the applet instead of an updated version that is not prone to the vulnerability. Users affected by this vulnerability should remove earlier versions of the plug-in. This functionality could also be abused to prompt users to install vulnerable versions of the plug-in, so users should be wary of doing so. This general security weakness has been assigned an individual BID (11757). Various Oracle Database Server, Oracle Enterprise Manager, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite and Applications, Oracle Workflow, Oracle Forms and Reports, Oracle JInitiator, Oracle Developer Suite, and Oracle Express Server are affected by multiple vulnerabilities. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. \nOracle has released a Critical Patch Update advisory for July 2005 to address these vulnerabilities. This Critical Patch Update addresses the vulnerabilities for supported releases. Earlier, unsupported releases are likely to be affected by the issues as well. The issue is that documents may be served with weaker SSL encryption than configured in Oracle HTTP Server. \nThis could result in a false sense of security. Oracle has not released any further information about this weakness. \nThe first issue can allow an untrusted applet to escalate its privileges to access resources with the privilege level of the user running the applet. \nThis issue occurs only in Internet Explorer running on Windows. \nThe second issue allows an untrusted applet to interfere with another applet embedded in the same web page. \nThis issue occurs in Java running on Windows, Solaris, and Linux. A remote attacker can use this vulnerability to bypass the Java\\\u0027\\\u0027sandbox\\\u0027\\\u0027 and all restrictions to access restricted resources and systems. BACKGROUND\n\n Java Plug-in technology, included as part of the Java 2 Runtime\n Environment, Standard Edition (JRE), establishes a connection between\n popular browsers and the Java platform. This connection enables\n applets\n on Web sites to be run within a browser on the desktop. \n\n II. \n\n A number of private Java packages exist within the Java Virtual\n Machine\n (VM) and are used internally by the VM. Security restrictions prevent\n Applets from accessing these packages. Any attempt to access these\n packages, results in a thrown exception of \u0027AccessControlException\u0027,\n unless the Applet is signed and the user has chosen to trust the\n issuer. \n\n III. ANALYSIS\n\n Successful exploitation allows remote attackers to execute hostile\n Applets that can access, download, upload or execute arbitrary files\n as\n well as access the network. A target user must be running a browser on\n top of a vulnerable Java Virtual Machine to be affected. It is\n possible\n for an attacker to create a cross-platform, cross-browser exploit for\n this vulnerability. Once compromised, an attacker can execute\n arbitrary\n code under the privileges of the user who instantiated the vulnerable\n browser. \n\n IV. DETECTION\n\n iDEFENSE has confirmed the existence of this vulnerability in Java 2\n Platform, Standard Edition (J2SE) 1.4.2_01 and 1.4.2_04 from Sun\n Microsystems. Various browsers such as Internet Explorer, Mozilla and Firefox\n on\n both Windows and Unix platforms can be exploited if they are running a\n vulnerable Java Virtual Machine. \n\n V. \n Other Java Virtual Machines, such as the Microsoft VM, are available\n and\n can be used as an alternative. \n\n VI. VENDOR RESPONSE\n\n This issue has been fixed in J2SE v 1.4.2_06 available at:\n\n [15]http://java.sun.com/j2se/1.4.2/download.html\n\n VII. CVE INFORMATION\n\n The Common Vulnerabilities and Exposures (CVE) project has assigned\n the\n name CAN-2004-1029 to this issue. This is a candidate for inclusion in\n the CVE list ([16]http://cve.mitre.org), which standardizes names for\n security problems. \n\n VIII. DISCLOSURE TIMELINE\n\n 06/29/2004 Initial vendor notification\n 06/30/2004 Initial vendor response\n 08/16/2004 iDEFENSE clients notified\n 11/22/2004 Public disclosure\n\n IX. CREDIT\n\n Jouko Pynnonen (jouko[at]iki.fi) is credited with this discovery. \n\n Get paid for vulnerability research\n [17]http://www.idefense.com/poi/teams/vcp.jsp\n\n X. LEGAL NOTICES\n\n Copyright \\xa9 2004 iDEFENSE, Inc. \n\n Permission is granted for the redistribution of this alert\n electronically. It may not be edited in any way without the express\n written consent of iDEFENSE. If you wish to reprint the whole or any\n part of this alert in any other medium other than electronically,\n please\n email [18]customerservice@idefense.com for permission. \n\n Disclaimer: The information in the advisory is believed to be accurate\n at the time of publishing based on currently available information. \n Use\n of the information constitutes acceptance for use in an AS IS\n condition. \n There are no warranties with regard to this information. Neither the\n author nor the publisher accepts any liability for any direct,\n indirect,\n or consequential loss or damage arising from use of, or reliance on,\n this information",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1029"
},
{
"db": "CERT/CC",
"id": "VU#760344"
},
{
"db": "CERT/CC",
"id": "VU#613562"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000876"
},
{
"db": "BID",
"id": "11726"
},
{
"db": "BID",
"id": "14238"
},
{
"db": "BID",
"id": "14279"
},
{
"db": "BID",
"id": "12317"
},
{
"db": "VULHUB",
"id": "VHN-9459"
},
{
"db": "PACKETSTORM",
"id": "35118"
}
],
"trust": 5.04
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9459",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9459"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-1029",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "13271",
"trust": 3.3
},
{
"db": "CERT/CC",
"id": "VU#760344",
"trust": 3.3
},
{
"db": "BID",
"id": "12317",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0599",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29035",
"trust": 1.7
},
{
"db": "SREASON",
"id": "61",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#613562",
"trust": 1.6
},
{
"db": "XF",
"id": "18188",
"trust": 1.4
},
{
"db": "BID",
"id": "11726",
"trust": 1.2
},
{
"db": "BID",
"id": "14238",
"trust": 1.1
},
{
"db": "BID",
"id": "14279",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000497",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA05-194A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000876",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200503-002",
"trust": 0.7
},
{
"db": "SUNALERT",
"id": "101523",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57591",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:5674",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20041122 SUN JAVA PLUGIN ARBITRARY PACKAGE ACCESS VULNERABILITY",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2005-02-22",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "35118",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "24763",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-78455",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9459",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#760344"
},
{
"db": "CERT/CC",
"id": "VU#613562"
},
{
"db": "VULHUB",
"id": "VHN-9459"
},
{
"db": "BID",
"id": "11726"
},
{
"db": "BID",
"id": "14238"
},
{
"db": "BID",
"id": "14279"
},
{
"db": "BID",
"id": "12317"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000876"
},
{
"db": "PACKETSTORM",
"id": "35118"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-002"
},
{
"db": "NVD",
"id": "CVE-2004-1029"
}
]
},
"id": "VAR-200503-0071",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9459"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:28:20.494000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX01214",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00897307"
},
{
"title": "HPSBUX01100",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00899041"
},
{
"title": "HPSBUX01214",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux01214.html"
},
{
"title": "HPSBUX01100",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux01100.html"
},
{
"title": "1257249",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"title": "j2sdk",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=45#update_content"
},
{
"title": "jdksetup",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=22#update_content"
},
{
"title": "201660",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201660-1"
},
{
"title": "SYM05-001",
"trust": 0.8,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.01.04.html"
},
{
"title": "SYM05-001",
"trust": 0.8,
"url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.01.04.html"
},
{
"title": "Critical Patch Update - July 2005",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
},
{
"title": "Critical Patch Updates and Security Alerts ",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/alerts.htm"
},
{
"title": "Map of Public Vulnerability to Advisory/Alert",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html"
},
{
"title": "Critical Patch Update - July 2005",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/050715_71/top.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000876"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9459"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"db": "NVD",
"id": "CVE-2004-1029"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://jouko.iki.fi/adv/javaplugin.html"
},
{
"trust": 2.5,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/760344"
},
{
"trust": 2.2,
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2005/feb/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/12317"
},
{
"trust": 1.7,
"url": "http://rpmfind.net/linux/rpm/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/13271"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29035"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/61"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/13271/"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/18188"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5674"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0599"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"trust": 0.8,
"url": "http://java.sun.com/products/plugin/index.jsp"
},
{
"trust": 0.8,
"url": "http://java.sun.com/j2se/desktopjava/jre/index.jsp"
},
{
"trust": 0.8,
"url": "http://java.sun.com/docs/books/tutorial/essential/system/securityintro.html"
},
{
"trust": 0.8,
"url": "http://java.sun.com/j2se/1.5.0/docs/api/java/security/accesscontrolexception.html"
},
{
"trust": 0.8,
"url": "http://java.sun.com/docs/books/tutorial/reflect/"
},
{
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/alerts.htm "
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1029"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-1029"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/11726"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2005/1074"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vn/jvnta05-194a"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14279"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14238"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-194a.html"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/613562"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/0599"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5674"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://java.sun.com/products/plugin/versions.html#answers"
},
{
"trust": 0.3,
"url": "http://java.sun.com"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101799-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57741-1"
},
{
"trust": 0.3,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.01.04.html"
},
{
"trust": 0.3,
"url": "/archive/1/381940"
},
{
"trust": 0.3,
"url": "/archive/1/382281"
},
{
"trust": 0.3,
"url": "/archive/1/382072"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/analysis.htm"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_formsbuilder_temp_file_issue.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_forms_unsecure_temp_file_handling.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_jdeveloper_passes_plaintext_password.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_jdeveloper_plaintext_password.html"
},
{
"trust": 0.3,
"url": "/archive/1/406293"
},
{
"trust": 0.3,
"url": "/archive/1/404966"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/whitepaper/cpu_july_2005_silently_fixed_bugs.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=158\u0026amp;type=vulnerabilities"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/poi/teams/vcp.jsp"
},
{
"trust": 0.1,
"url": "http://java.sun.com/j2se/1.4.2/download.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-1029"
},
{
"trust": 0.1,
"url": "http://java.sun.com/products/plugin/."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#760344"
},
{
"db": "CERT/CC",
"id": "VU#613562"
},
{
"db": "VULHUB",
"id": "VHN-9459"
},
{
"db": "BID",
"id": "11726"
},
{
"db": "BID",
"id": "14238"
},
{
"db": "BID",
"id": "14279"
},
{
"db": "BID",
"id": "12317"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000876"
},
{
"db": "PACKETSTORM",
"id": "35118"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-002"
},
{
"db": "NVD",
"id": "CVE-2004-1029"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#760344"
},
{
"db": "CERT/CC",
"id": "VU#613562"
},
{
"db": "VULHUB",
"id": "VHN-9459"
},
{
"db": "BID",
"id": "11726"
},
{
"db": "BID",
"id": "14238"
},
{
"db": "BID",
"id": "14279"
},
{
"db": "BID",
"id": "12317"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000876"
},
{
"db": "PACKETSTORM",
"id": "35118"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-002"
},
{
"db": "NVD",
"id": "CVE-2004-1029"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-23T00:00:00",
"db": "CERT/CC",
"id": "VU#760344"
},
{
"date": "2005-07-13T00:00:00",
"db": "CERT/CC",
"id": "VU#613562"
},
{
"date": "2005-03-01T00:00:00",
"db": "VULHUB",
"id": "VHN-9459"
},
{
"date": "2004-11-22T00:00:00",
"db": "BID",
"id": "11726"
},
{
"date": "2005-07-12T00:00:00",
"db": "BID",
"id": "14238"
},
{
"date": "2005-07-15T00:00:00",
"db": "BID",
"id": "14279"
},
{
"date": "2005-01-20T00:00:00",
"db": "BID",
"id": "12317"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000876"
},
{
"date": "2004-11-24T07:03:46",
"db": "PACKETSTORM",
"id": "35118"
},
{
"date": "2004-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200503-002"
},
{
"date": "2005-03-01T05:00:00",
"db": "NVD",
"id": "CVE-2004-1029"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-23T00:00:00",
"db": "CERT/CC",
"id": "VU#760344"
},
{
"date": "2005-10-19T00:00:00",
"db": "CERT/CC",
"id": "VU#613562"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9459"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11726"
},
{
"date": "2009-07-12T16:06:00",
"db": "BID",
"id": "14238"
},
{
"date": "2005-07-15T00:00:00",
"db": "BID",
"id": "14279"
},
{
"date": "2008-04-07T16:18:00",
"db": "BID",
"id": "12317"
},
{
"date": "2008-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000497"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000876"
},
{
"date": "2009-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200503-002"
},
{
"date": "2017-10-11T01:29:40.293000",
"db": "NVD",
"id": "CVE-2004-1029"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "11726"
},
{
"db": "BID",
"id": "14238"
},
{
"db": "BID",
"id": "14279"
},
{
"db": "BID",
"id": "12317"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sun Java Plug-in fails to restrict access to private Java packages",
"sources": [
{
"db": "CERT/CC",
"id": "VU#760344"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access Validation Error",
"sources": [
{
"db": "BID",
"id": "11726"
},
{
"db": "BID",
"id": "12317"
}
],
"trust": 0.6
}
}
VAR-200412-0902
Vulnerability from variot - Updated: 2024-07-23 20:51Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. Apple Terminal on Mac OS X fails to sanitize x-man-page URIs, allowing an attacker to execute arbitrary commands. LibTIFF Library TIFFFetchStripThing() Perform memory allocation in functions CheckMalloc() An integer overflow vulnerability exists due to a flaw in the validation of the value passed to the function.LibTIFF Arbitrary code may be executed with the execution authority of the application that uses the library
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0902",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "apple computer",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "10.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "8.0"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.7"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.7.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "9.0"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.6.0"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.5"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "icontrol service manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.3.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.6.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.7"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "12.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 1.0,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.4"
},
{
"model": "icontrol service manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.3.6"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "1.2.1"
},
{
"model": "propack",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.7"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "1.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.8"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "10.0"
},
{
"model": "mn100",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.6"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "icontrol service manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.3.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "icontrol service manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.3"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "integrated management",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.4"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.5"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "cvlan",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "call management system server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "13.0"
},
{
"model": "libtiff",
"scope": "eq",
"trust": 1.0,
"vendor": "libtiff",
"version": "3.5.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:icontrol_service_manager:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:icontrol_service_manager:1.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:interactive_response:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:intuity_audix_lx:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:interactive_response:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:interactive_response:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:call_management_system_server:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:cvlan:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:icontrol_service_manager:1.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:icontrol_service_manager:1.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery credited to infamous41md[at]hotpop.com.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1307",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2004-1307",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9737",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1307",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#356070",
"trust": 0.8,
"value": "22.31"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#539110",
"trust": 0.8,
"value": "5.04"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#706838",
"trust": 0.8,
"value": "9.38"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-081",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9737",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "VULHUB",
"id": "VHN-9737"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. Apple Terminal on Mac OS X fails to sanitize x-man-page URIs, allowing an attacker to execute arbitrary commands. LibTIFF Library TIFFFetchStripThing() Perform memory allocation in functions CheckMalloc() An integer overflow vulnerability exists due to a flaw in the validation of the value passed to the function.LibTIFF Arbitrary code may be executed with the execution authority of the application that uses the library",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1307"
},
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "VULHUB",
"id": "VHN-9737"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#539110",
"trust": 3.3
},
{
"db": "USCERT",
"id": "TA05-136A",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-1307",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "15227",
"trust": 2.4
},
{
"db": "OSVDB",
"id": "16084",
"trust": 0.8
},
{
"db": "BID",
"id": "13502",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#356070",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1012651",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "13607",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "16085",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1013887",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#706838",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "TA05-136A",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:11175",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101677",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "201072",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2005-05-03",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20041221 LIBTIFF STRIPOFFSETS INTEGER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9737",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "VULHUB",
"id": "VHN-9737"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"id": "VAR-200412-0902",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9737"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:51:12.187000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2005-005",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=301528"
},
{
"title": "Security Update 2005-005",
"trust": 0.8,
"url": "http://docs.info.apple.com/jarticle.html?artnum=301528"
},
{
"title": "RHSA-2004:577",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-577.html"
},
{
"title": "101677",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"title": "RHSA-2004:577",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-577j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta05-136a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/539110"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/15227/"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2005/may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"trust": 1.6,
"url": "http://docs.info.apple.com/article.html?artnum=301528"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11175"
},
{
"trust": 0.8,
"url": "http://remahl.se/david/vuln/011/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/13502/"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=16084"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2004/dec/1012651.html"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/13607/"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=240\u0026type=vulnerabilities"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.org/bid/13488"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2005/may/1013887.html"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=16085"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1307"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2005/wr052001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta05-136a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta05-136a/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-1307"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:11175"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=173\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "VULHUB",
"id": "VHN-9737"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#356070"
},
{
"db": "CERT/CC",
"id": "VU#539110"
},
{
"db": "CERT/CC",
"id": "VU#706838"
},
{
"db": "VULHUB",
"id": "VHN-9737"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-06T00:00:00",
"db": "CERT/CC",
"id": "VU#356070"
},
{
"date": "2005-01-20T00:00:00",
"db": "CERT/CC",
"id": "VU#539110"
},
{
"date": "2005-05-16T00:00:00",
"db": "CERT/CC",
"id": "VU#706838"
},
{
"date": "2004-12-21T00:00:00",
"db": "VULHUB",
"id": "VHN-9737"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"date": "2004-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"date": "2004-12-21T05:00:00",
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-16T00:00:00",
"db": "CERT/CC",
"id": "VU#356070"
},
{
"date": "2005-08-23T00:00:00",
"db": "CERT/CC",
"id": "VU#539110"
},
{
"date": "2005-05-24T00:00:00",
"db": "CERT/CC",
"id": "VU#706838"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-9737"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000574"
},
{
"date": "2009-02-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-081"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2004-1307"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Terminal fails to properly sanitize input for \"x-man-page\" URI",
"sources": [
{
"db": "CERT/CC",
"id": "VU#356070"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-081"
}
],
"trust": 0.6
}
}
VAR-200505-0163
Vulnerability from variot - Updated: 2024-07-23 20:48Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. Multiple Telnet clients contain a data length validation flaw which may allow a server to induce arbitrary code execution on the client host. A remote buffer-overflow vulnerability affects multiple vendors' Telnet client. This issue is due to the application's failure to properly validate the length of user-supplied strings before copying them into static process buffers. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
Want a new IT Security job?
Vacant positions at Secunia: http://secunia.com/secunia_vacancies/
TITLE: Sun SEAM Telnet Client Buffer Overflow Vulnerabilities
SECUNIA ADVISORY ID: SA15030
VERIFY ADVISORY: http://secunia.com/advisories/15030/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Sun SEAM 1.x http://secunia.com/product/1006/
DESCRIPTION: Sun has acknowledged some vulnerabilities in SEAM, which can be exploited by malicious people to compromise a vulnerable system.
For more information: SA14745
SOLUTION: The vendor suggests removing the execute permissions from "/usr/krb5/bin/telnet".
ORIGINAL ADVISORY: Sun Microsystems: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1
OTHER REFERENCES: SA14745: http://secunia.com/advisories/14745/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server.
For the old stable distribution (woody) this problem has been fixed in version 0.4e-7.woody.11.
For the stable distribution (sarge) this problem has been fixed in version 0.6.3-10.
For the unstable distribution (sid) this problem has been fixed in version 0.6.3-10.
We recommend that you upgrade your heimdal package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.dsc
Size/MD5 checksum: 1065 8fc37ea432a8120da0f370b0b2c9125b
http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.diff.gz
Size/MD5 checksum: 1295043 b27c9a952ed6a53698d654b2dbca9b52
http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz
Size/MD5 checksum: 2885718 1d27b06ec2f818f5b4ae2b90ca0e9cb8
Architecture independent components:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.11_all.deb
Size/MD5 checksum: 1056336 e6f819c78b38e6c9b854104879a82a76
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.11_all.deb
Size/MD5 checksum: 20298 630b472eea6aef8b53ed678ebd6d9676
Alpha architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 275276 12437fc71585df2debc30260d44881ae
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 61016 e28f3db25cf9fced15d07c9843d0bb7f
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 573726 fcd82b8d22e86f0f67b188e5a182aad9
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 135164 67d1f00e15b893fbd7f1a0009eb9047c
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 181834 7860ca01ee394b8200487356546fe94e
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 39864 f631f57c94a0554e3daa62b6f3029999
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 65534 6b3fa215d70b35e71ec21545d3db48db
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 23892 fc3c8e707764634638083acb5b4b6312
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 43368 269a6e04b6e7db823a237b7af6812eb3
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 41880 0e9ca330caa8ae710f8594d156065e0c
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 33922 2d774846eed21710c9c9cf19e9af2cf8
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 44744 d154ba1ed49d1458ee2707d021d1e8b8
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 31484 d22c13f1da35553ba942274dec958959
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 134054 3261ce8e03209f64748d4e05fcf47bc3
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 65944 5a5aeea7b73b37b3604d9d3d43991881
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 59356 80c67e5e8bba2ffeaad753a6dd5173be
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 28538 700352c1de8dd30a37f95da03d5ad9ce
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_alpha.deb
Size/MD5 checksum: 29424 91458eb256f4d7b446f8d3899f751193
ARM architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 227174 8ab44db32ee205256ca597197eff9427
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 53968 ca664151450031013a9bfb0dd5fb32af
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 441598 25127b23b893ba6515cbb9be7dee0ebd
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 110266 ec3cde13087c74757744ca9bfebe00d5
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 148006 ee02412bfd96d484a147e5e8c06f40ee
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 35538 aa3e74b814fcdb1abb401f11eb8842e1
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 57216 4081aad0b651d131f3424980879bc861
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 23412 03b68670c37f4a4cc8fee59f4023e903
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 38594 7a3315d21fdf7c3854bba5e17bca1e11
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 38298 0f16402f3694c2bb1d4cc4450df540e4
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 31850 3e1bd368481f666f6d7b2ec2dc4ed912
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 40000 024228d74f0a589c73e31688cbb9f3e1
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 29842 9e7ef427e9d3fd277ca8448d3078a2b6
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 112472 3fc814c80adaaace125166bd8cd013d3
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 51960 b48f25ea15d3e65d6444ce5960213d32
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 53414 fdd7b63f63ffea2ef5e4574528419baf
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 28918 a15c818745634dee06c40610b66a92f6
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_arm.deb
Size/MD5 checksum: 29636 e97a487116f2367299decb51cccc098f
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 219936 7cd4a7ae4c56f3a1a4700fea756b62c3
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 52704 a64eea9e99a5dffeb211167f2edfac7b
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 405344 d5d263dba7f36d95ac5344d750abd1f0
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 109934 37fab8f1c45a897a7a063641133789d5
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 144312 21570cc9e367ab0ccb89a011a56b2177
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 35670 039764b15c3a1e18703cc1fa2773c97e
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 59842 4a1a98a52cbc2d86d4c5adf088bec1e3
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 23304 ad9ed998a1ae50e6dd5368c07ed5db7d
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 38682 5170e1500eba0b17baedc95e6e763063
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 38612 425b8857ddb2105a6d2ec9399eeeef4e
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 32068 6cb760663c089906b9c8cc89c1395f34
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 40062 9f9d04c843ae164bbdf28b7d1a4ede7f
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 29712 a375688e6029d5fae6ae4e3662ed88b1
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 111312 1ea1a0a7b36935fa1d3fbaf508530a94
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 51816 935711339e95322f578622bf3271c4fd
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 51696 223796e010ca4be9e927c438ffa921ac
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 27500 4b5382836ff3c4f1bdcff2a30e7a97ba
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_i386.deb
Size/MD5 checksum: 28222 d4ea500c49786252fbb522d32fb78ee3
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 335082 762bb44529ac965fafe57a153375f8cf
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 69096 cf9fd237439d89479af7e813447c7ad5
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 613424 efacfc44d5d6bac9227bc6709e52182c
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 154164 ec762443001df7fe29a3a497ad9c14df
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 210540 d4e2c1c65f0a4f1bc1d20ca1348d3972
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 44222 87a27ba41ffc9ad9d5296ba1133ec8cc
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 82102 a1cabba1e3ab285acc9d0ec414ea5d5c
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 24782 996c48ba78eabc7a24c92eea9abf70bc
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 50174 21abd59f30af1574012e6c75d7f7d7e5
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 48600 b12ccb241bbe65a5acc1009cb41508d8
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 37744 d881400db00426478c525913366d5dcb
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 52210 81a0014eee08020f7f333f2835d089b8
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 35256 49820e0275c2f170d50531d0cf4be224
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 169750 ae2c7d4ccd96a7c495a91bb8272bf872
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 64900 421ce6b03daf43a5ca9769d95c614a34
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 68682 a3b21eb50c8757538bc234e948a3e35a
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 30710 9eb38bbec69e72e52581cd355373ced3
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_ia64.deb
Size/MD5 checksum: 31932 e2fbc77b172c6eb54c12461333f00ef1
HP Precision architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 256874 140bdfc671e9acd9150a6995b247af34
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 57454 caa48211376a98c67e03d068e6fbeb6f
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 516072 ae166665afe33ad8e24ae155e74e7bce
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 119300 8b7fae0ab762cb2522db9b78d8c0d186
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 162998 c4c23fcc53e97f070b5d528eb163af00
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 37784 dbf2fb481981fe63a558447139c5b7bb
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 69388 fbd6ba202c666b7c8b27686fb309f528
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 23946 96ab72df3ae02e9822a52fa4d0fe08c2
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 42206 50ce55dbed833c43a58c7b5913249754
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 43540 8b1c4044113c1021717ef3c5b79686d6
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 34384 ce7f69712e2af6ec72bbddaaa4a4ed9d
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 45178 2148edf895d480b315fd5236a82af8be
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 32060 966345ea7709602258fefcc66b75c2a3
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 139936 a1917b6ae317b87749a7ea8b6c68cc96
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 70198 5350eedbce161c1c2cd09d780a80e8ae
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 60560 722387dd2747e994d49335669ea93449
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 30790 07abee4e10bd0f2834292aa9aed0351c
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_hppa.deb
Size/MD5 checksum: 31656 a2601adf14c97c6339e5eece745b61ed
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 211826 b3a51143513404c3a58869ccdc980352
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 52172 05037589546d7bad9cf0fdc47c9b234a
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 399312 bdec29fdaa096cfb4205448ca30debdf
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 105690 104bd645147011b71b3d4250083df27d
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 138286 5f206db56db8e0c610eb17349f6da5be
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 35156 c55f2924284487b4169a9d52f3b79f18
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 55500 b0b11055a2b744a20688eda87678f24c
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 23424 3e66bc4d54685e4cbafc1a53dcb7e4cf
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 38200 296ae362e7a9483e866f959ad4a5832b
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 37984 aa745d6da276a877a415fd66a06128d8
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 31712 9af44dffde45b673760c7991606eb312
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 39850 606e9fe193e34f3ae1ea864e3a9e21bd
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 29436 ba92cf45fc7bfed068cc3de3d63220ee
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 111036 ade91cc8a12d1d5a3e57e4762a68a060
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 68726 77f24b45977cb9e3e729ee64d4e3ec4b
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 49958 4967192c48b8ad8bc1f0c0b244635616
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 27460 883c720bb718cd60dbe9f38c8792c2e0
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_m68k.deb
Size/MD5 checksum: 28192 88b86afb0a2b04da8785c165402d7727
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 248918 005efbd5408a65d580e0c4d8ed8ed80b
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 55564 4aa128a89c3f5b8dd3529e89e3d27f37
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 505212 d8dda2a0131d90cf29d9e299d28b356b
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 114882 5102fbf99e5f52569a22a2c17748a520
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 160242 cf112ed81fdf868ab6efb07ef93ac2d7
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 37388 6a46e03e6fdbd7e4803ef2fb1370c699
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 58340 086cf69030b957bbe6cd27516f717f29
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 23590 15c7586e6b6cd94e3c3a559e980e5645
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 39534 755f9ee7cd757674e4d569ae01ec9474
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 39014 7199130531d369f8c8bd8178ae66158f
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 32122 8d128559a4e7b55a8309c7ded954ea93
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 40734 cd594016cfb45138345f8d19f824d5b2
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 30376 946da152608b5d49ed90edb152946442
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 120610 42e1d7253a98a12279a61bc3b12bfe10
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 57476 f4e2d9e86dc852068faad25bb8e78ca5
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 53346 974a501c32c765c9063ca0b1bf0100b3
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 28520 fa5ce3789529406ce6c62f6fb24e46b2
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mips.deb
Size/MD5 checksum: 29186 8736a50aa2789aaed507714ebd298240
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 248064 8891058ed6fc8826f4bd57d5b8eb26b1
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 55550 559be15f2dc64fffea360f5281660435
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 499388 8c838954ef0b75815fc8eedb3fc7559f
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 114840 5d87f1b1d7dddf6d4087730b810d3d5d
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 160350 cae061acf36faa4acc76abf8640051f8
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 37308 b14e3b3f5c4ef1c9bb0615a9c2dace69
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 57946 acc5e0cee40880946eb211fb6d395f2c
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 23590 4b376e0c25d261f8eaa64e8a8bbd3d8c
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 39220 5c6c245272b4b80fadd56f2248f7861e
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 38712 e57c37dc5afcb2d09d684b759ac33f77
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 32044 dc3622de31025834023b1c2e68ef3246
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 40354 9ffa12ee944c9def479add6f18db7dc1
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 30352 69ea54f0432371140f802ac1a2e6f1ff
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 119520 307afbe2f26e9db953abb82c7d305799
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 52682 07759311f573f201c3187808f0955b54
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 53410 4033254bfa0482ec101e9de313ba5bfd
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 28588 71be890e75aa25f27cac29437ba3b4cb
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mipsel.deb
Size/MD5 checksum: 29268 8260428b6857d0b2bf127f47d8082f66
PowerPC architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 228262 a5c5faca2967096b1a364c13740d32df
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 53894 552c568c50d62e54a5e96daa2bb87c1c
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 466526 a50ed6bb5e236c8d6db8243734803ea0
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 110132 4c947ba0c94cef3629eaa0f7eac8c2a1
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 149254 722d7ced6894cefd14f68e446af458db
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 36230 dfbe16f671521b1515c9c8c9265a5342
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 57226 cfea58fb03d07ed85d674df21f1c7e7e
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 23580 7d63a22a980a14030126cfa322243ffc
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 39364 f6e7d32e6da45f8d5893e1d681eb9788
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 38630 1a815e315e9650a39f9c685fa8861846
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 31794 b54c265e1578e0f40cc7a683d6b8c742
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 40104 7dd0775da038d1b34428efd6bffa4b6c
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 30246 a7a5c8635a3c1c9b508e8af3dd05d44f
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 118918 2f21bb221eef3fb8ab9caa3006dae794
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 69400 7d1bb7b9e83a7ed9cf53cb5d385e9447
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 53826 fe4212f691d675bf1f682d17329c6c5e
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 28744 0012158f14e5fff7ec9988e2d7939cf6
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_powerpc.deb
Size/MD5 checksum: 29560 58921e138af421a9ea48d7a35b728f01
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 235020 45fae34704d01f03b5e0dd716bf91e90
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 55710 9cd974e488c7bc3a8430d01fe5dd6ad0
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 433342 d6affed884050cffe8776f79ed749897
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 116002 7d68b959b4d7897179273c0d795c4a21
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 153824 6de2ef670834b0b22cde0888637d81a6
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 36982 fc870d47a3a23441cb83452904bed977
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 58358 ccf0873fd87a468e71c2d2745fcc0284
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 23664 6229dd41d0719f3a8b5fbafa81221584
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 41084 ed1f1756f66cfa655b04e77c02308fa3
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 39846 edc6789b94dc803b6e59efb287151162
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 33028 f74bb90f54953af275deadb3a09beedc
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 41900 81aa709bde50ea906d512637db5412df
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 30394 4055618b16374db57fcbe27264e35f61
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 125432 4e1b2fd68cdb66d210b5860870654a81
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 69554 606b376355b9392208cbba9cd43d6e0a
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 54608 a2f3303e3a1bb49e47ed0f68673509b2
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 28688 2df7664e3ff5a1173c62575184c674e8
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_s390.deb
Size/MD5 checksum: 29510 6b28d5ca95a5e09b74989bc1f6f81c14
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 227226 513f1a6c24c6b815470078cc0e2ee72e
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 54026 52d920d2cfcf8e208e3a04afc2983751
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 430544 7819784bedbc84d394ca11ed42c2c9e4
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 107728 c694c5e1d66d5985aaf2bf4eda793ba0
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 151578 07eb106e95368b5dec91521907398d1d
http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 35636 1eab2cc36c7adc947b5e2fa70800e9b8
http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 54854 eb29480cce8645f5bb72f2f2694b2f26
http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 26260 9ddcdbc49b997c4dc903a651e3007877
http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 39100 cf636dca0a94f193f46bcf88db439672
http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 38004 28e82ffa12af5c90df707e686ef29906
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 31738 c70af19b2e2f73f1359208f0f8ce59b6
http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 39884 cb269f527e83ae03a9b2db051a487fa8
http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 29702 925140a648da199ef7338bf415f605db
http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 112400 5c9329c597ca1448ed158e30b4f7895a
http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 58340 473a1c45ba02d9c84bb786ee116a46bd
http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 55444 0272fc78d38e0c1d3dd7176e412504e2
http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 28256 a33d2dbf32502d3f3caf3917e82c5ffe
http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_sparc.deb
Size/MD5 checksum: 28954 28a7aed2ab84250549c5e64ac987e00c
These files will probably be moved into the stable distribution on its next update. BACKGROUND
The TELNET protocol allows virtual network terminals to be connected to over the internet. The initial description of the protocol was given in RFC854 in May 1983. Since then there have been many extra features added including encryption.
II.
The vulnerability specifically exists in the handling of the LINEMODE suboptions, in that there is no size check made on the output, which is stored in a fixed length buffer.
III. It may be possible to automatically launch the telnet command from a webpage, for example:
On opening this page the telnet client may be launched and attempt to connect to the host 'malicious.server'. IV. DETECTION iDEFENSE has confirmed the existence of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. V. WORKAROUND iDEFENSE is currently unaware of any effective workarounds for this vulnerability. VI. VENDOR RESPONSE The following vendors have provided official responses related to this vulnerability. Other vendors may be affected but have not provided an official response. Vulnerable: - ALT Linux All supported ALT Linux distributions include telnet client derived from OpenBSD 3.0. Updated packages with fixes for these issues will be released on March 28, 2005. http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html - Apple Computer, Inc. Component: Telnet Available for: Mac OS X 10.3.8, Mac OS X Server 10.3.8 This is fixed in Security Update 2005-003, which is available at http://docs.info.apple.com/article.html?artnum=61798 - FreeBSD FreeBSD-SA-05:01.telnet security advisory: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc - MIT (Kerberos) This vulnerability is covered in the following upcoming advisory: MITKRB5-SA-2005-001: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt patch against krb5-1.4: http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt - Openwall Project The bugs are fixed starting with telnet package version 3.0-owl2. http://www.openwall.com/Owl/CHANGES-current.shtml - Red Hat, Inc. Red Hat Enterprise Linux ships with telnet and krb5 packages vulnerable to this issue. New telnet and krb5 packages are now available along with our advisory at the URLs below and by using the Red Hat Network 'up2date' tool. Red Hat Enterprise Linux - telnet http://rhn.redhat.com/errata/RHSA-2005-330.html Red Hat Enterprise Linux - krb5 http://rhn.redhat.com/errata/RHSA-2005-327.html - Sun Microsystems Inc. Sun confirms that the telnet(1) vulnerabilities do affect all currently supported versions of Solaris: Solaris 7, 8, 9 and 10 Sun has released a Sun Alert which describes a workaround until patches are available at: http://sunsolve.sun.com Sun Alert #57755 The Sun Alert will be updated with the patch information once it becomes available. Sun patches are available from: http://sunsolve.sun.com/securitypatch Not Vulnerable: - CyberSafe Limited The CyberSafe TrustBroker products, version 3.0 or later, are not vulnerable. - Hewlett-Packard Development Company, L.P. HP-UX and HP Tru64 UNIX are not vulnerable. - InterSoft International, Inc. InterSoft International, Inc. products NetTerm, SecureNetTerm and SNetTerm are not affected by the slc_add_reply() buffer overflow conditions. VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the names CAN-2005-0469 to these issues. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 02/18/2005 Initial vendor notification 03/28/2005 Coordinated public disclosure IX. CREDIT Ga\xebl Delalleau credited with this discovery. Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp Free tools, research and upcoming events http://labs.idefense.com X. LEGAL NOTICES Copyright \xa9 2005 iDEFENSE, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. This is a multi-part message in MIME format. Background ========== netkit-telnetd provides standard Linux telnet client and server. Workaround ========== There is no known workaround at this time. Resolution ========== All netkit-telnetd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/netkit-telnetd-0.17-r6" References ========== [ 1 ] CAN-2005-0469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 [ 2 ] iDEFENSE Advisory 03-28-05 http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200503-36.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.0 --------------enig5AB53435F202A7CF12E5E13A Content-Type: application/pgp-signature; name="signature.asc" Content-Transfer-Encoding: 7bit Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCS97/vcL1obalX08RAqPTAJ0U96lQ6ItuSV4jrDU16XhgSX4fnwCeJ2kS RMB/LUN0B0tNRKR3DBoB0YE= =0wgI -----END PGP SIGNATURE----- --------------enig5AB53435F202A7CF12E5E13A-- . http://creativecommons.org/licenses/by-sa/2.0 Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0163",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mit kerberos team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": "telnet",
"scope": "eq",
"trust": 1.0,
"vendor": "ncsa",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "heimdal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco unix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": "kerberos",
"scope": "lt",
"trust": 0.8,
"vendor": "mit kerberos",
"version": "5 (krb5-1.4.1 )"
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "ver. 2.x firmware version 2.10(jamming) ~ 2.27(ridge)"
},
{
"model": "seil/plus",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "firmware version 1.00(snappy) ~ 1.51(swisssingle)"
},
{
"model": "seil/turbo",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "firmware version 1.10(aberdeen) ~ 1.51(riodell)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "seam",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.0.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.6,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "telnet",
"scope": null,
"trust": 0.6,
"vendor": "ncsa",
"version": null
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "e",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.14"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.0"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.6"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.1"
},
{
"model": "mn100",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.4"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.8"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "irix .19m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "irix e",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.6"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1x86"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "linux enterprise server for s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "linux i686",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6.3"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.27"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix t",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.3"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.16"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.23"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.4"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.12"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.0.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.2"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.0"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.0.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "kerberos -alpha1",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.25"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.17.17"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.2"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.3"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.7"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix g",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "linux alt linux compact",
"scope": "eq",
"trust": 0.3,
"vendor": "alt",
"version": "2.3"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.1"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix xfs",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.3"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "linux alt linux junior",
"scope": "eq",
"trust": 0.3,
"vendor": "alt",
"version": "2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.17"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "irix a",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "gnu/*/linux",
"scope": "eq",
"trust": 0.3,
"vendor": "openwall",
"version": "1.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "seam",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "irix d",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "3-dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.5.3"
},
{
"model": "kerberos -beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "gnu/*/linux -current",
"scope": null,
"trust": 0.3,
"vendor": "openwall",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.24"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.1.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.6"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "gnu/*/linux",
"scope": "eq",
"trust": 0.3,
"vendor": "openwall",
"version": "1.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.2"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "heimdal",
"scope": "ne",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.6.4"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.10"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "irix .19f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "irix t",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.23"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "big-ip",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "irix h",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "irix b",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.9"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.26"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.2"
},
{
"model": "modular messaging s3400",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.24"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "3-dns",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "irix ipr",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.4"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "irix xfs",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0.1"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.520"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "heimdal",
"scope": "eq",
"trust": 0.3,
"vendor": "heimdal",
"version": "0.5.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.15"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "netbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "CERT/CC",
"id": "VU#291924"
},
{
"db": "BID",
"id": "12918"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000203"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-613"
},
{
"db": "NVD",
"id": "CVE-2005-0469"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ncsa:telnet:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0469"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gael DelalleauiDEFENSE Labs labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-613"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0469",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2005-0469",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0469",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#341908",
"trust": 0.8,
"value": "29.95"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#291924",
"trust": 0.8,
"value": "12.60"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-613",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "CERT/CC",
"id": "VU#291924"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000203"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-613"
},
{
"db": "NVD",
"id": "CVE-2005-0469"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. Multiple Telnet clients contain a data length validation flaw which may allow a server to induce arbitrary code execution on the client host. A remote buffer-overflow vulnerability affects multiple vendors\u0027 Telnet client. This issue is due to the application\u0027s failure to properly validate the length of user-supplied strings before copying them into static process buffers. \nAn attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation. \n\n----------------------------------------------------------------------\n\nWant a new IT Security job?\n\nVacant positions at Secunia:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nSun SEAM Telnet Client Buffer Overflow Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA15030\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15030/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nSun SEAM 1.x\nhttp://secunia.com/product/1006/\n\nDESCRIPTION:\nSun has acknowledged some vulnerabilities in SEAM, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nFor more information:\nSA14745\n\nSOLUTION:\nThe vendor suggests removing the execute permissions from\n\"/usr/krb5/bin/telnet\". \n\nORIGINAL ADVISORY:\nSun Microsystems:\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1\n\nOTHER REFERENCES:\nSA14745:\nhttp://secunia.com/advisories/14745/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Heimdal, a free implementation\nof Kerberos 5, also contains such a client. This can lead to the\nexecution of arbitrary code when connected to a malicious server. \n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.4e-7.woody.11. \n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.6.3-10. \n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.6.3-10. \n\nWe recommend that you upgrade your heimdal package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.dsc\n Size/MD5 checksum: 1065 8fc37ea432a8120da0f370b0b2c9125b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.diff.gz\n Size/MD5 checksum: 1295043 b27c9a952ed6a53698d654b2dbca9b52\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz\n Size/MD5 checksum: 2885718 1d27b06ec2f818f5b4ae2b90ca0e9cb8\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.11_all.deb\n Size/MD5 checksum: 1056336 e6f819c78b38e6c9b854104879a82a76\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.11_all.deb\n Size/MD5 checksum: 20298 630b472eea6aef8b53ed678ebd6d9676\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 275276 12437fc71585df2debc30260d44881ae\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 61016 e28f3db25cf9fced15d07c9843d0bb7f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 573726 fcd82b8d22e86f0f67b188e5a182aad9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 135164 67d1f00e15b893fbd7f1a0009eb9047c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 181834 7860ca01ee394b8200487356546fe94e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 39864 f631f57c94a0554e3daa62b6f3029999\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 65534 6b3fa215d70b35e71ec21545d3db48db\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 23892 fc3c8e707764634638083acb5b4b6312\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 43368 269a6e04b6e7db823a237b7af6812eb3\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 41880 0e9ca330caa8ae710f8594d156065e0c\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 33922 2d774846eed21710c9c9cf19e9af2cf8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 44744 d154ba1ed49d1458ee2707d021d1e8b8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 31484 d22c13f1da35553ba942274dec958959\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 134054 3261ce8e03209f64748d4e05fcf47bc3\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 65944 5a5aeea7b73b37b3604d9d3d43991881\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 59356 80c67e5e8bba2ffeaad753a6dd5173be\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 28538 700352c1de8dd30a37f95da03d5ad9ce\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 29424 91458eb256f4d7b446f8d3899f751193\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 227174 8ab44db32ee205256ca597197eff9427\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 53968 ca664151450031013a9bfb0dd5fb32af\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 441598 25127b23b893ba6515cbb9be7dee0ebd\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 110266 ec3cde13087c74757744ca9bfebe00d5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 148006 ee02412bfd96d484a147e5e8c06f40ee\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 35538 aa3e74b814fcdb1abb401f11eb8842e1\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 57216 4081aad0b651d131f3424980879bc861\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 23412 03b68670c37f4a4cc8fee59f4023e903\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 38594 7a3315d21fdf7c3854bba5e17bca1e11\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 38298 0f16402f3694c2bb1d4cc4450df540e4\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 31850 3e1bd368481f666f6d7b2ec2dc4ed912\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 40000 024228d74f0a589c73e31688cbb9f3e1\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 29842 9e7ef427e9d3fd277ca8448d3078a2b6\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 112472 3fc814c80adaaace125166bd8cd013d3\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 51960 b48f25ea15d3e65d6444ce5960213d32\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 53414 fdd7b63f63ffea2ef5e4574528419baf\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 28918 a15c818745634dee06c40610b66a92f6\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 29636 e97a487116f2367299decb51cccc098f\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 219936 7cd4a7ae4c56f3a1a4700fea756b62c3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 52704 a64eea9e99a5dffeb211167f2edfac7b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 405344 d5d263dba7f36d95ac5344d750abd1f0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 109934 37fab8f1c45a897a7a063641133789d5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 144312 21570cc9e367ab0ccb89a011a56b2177\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 35670 039764b15c3a1e18703cc1fa2773c97e\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 59842 4a1a98a52cbc2d86d4c5adf088bec1e3\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 23304 ad9ed998a1ae50e6dd5368c07ed5db7d\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 38682 5170e1500eba0b17baedc95e6e763063\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 38612 425b8857ddb2105a6d2ec9399eeeef4e\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 32068 6cb760663c089906b9c8cc89c1395f34\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 40062 9f9d04c843ae164bbdf28b7d1a4ede7f\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 29712 a375688e6029d5fae6ae4e3662ed88b1\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 111312 1ea1a0a7b36935fa1d3fbaf508530a94\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 51816 935711339e95322f578622bf3271c4fd\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 51696 223796e010ca4be9e927c438ffa921ac\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 27500 4b5382836ff3c4f1bdcff2a30e7a97ba\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 28222 d4ea500c49786252fbb522d32fb78ee3\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 335082 762bb44529ac965fafe57a153375f8cf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 69096 cf9fd237439d89479af7e813447c7ad5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 613424 efacfc44d5d6bac9227bc6709e52182c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 154164 ec762443001df7fe29a3a497ad9c14df\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 210540 d4e2c1c65f0a4f1bc1d20ca1348d3972\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 44222 87a27ba41ffc9ad9d5296ba1133ec8cc\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 82102 a1cabba1e3ab285acc9d0ec414ea5d5c\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 24782 996c48ba78eabc7a24c92eea9abf70bc\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 50174 21abd59f30af1574012e6c75d7f7d7e5\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 48600 b12ccb241bbe65a5acc1009cb41508d8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 37744 d881400db00426478c525913366d5dcb\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 52210 81a0014eee08020f7f333f2835d089b8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 35256 49820e0275c2f170d50531d0cf4be224\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 169750 ae2c7d4ccd96a7c495a91bb8272bf872\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 64900 421ce6b03daf43a5ca9769d95c614a34\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 68682 a3b21eb50c8757538bc234e948a3e35a\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 30710 9eb38bbec69e72e52581cd355373ced3\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 31932 e2fbc77b172c6eb54c12461333f00ef1\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 256874 140bdfc671e9acd9150a6995b247af34\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 57454 caa48211376a98c67e03d068e6fbeb6f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 516072 ae166665afe33ad8e24ae155e74e7bce\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 119300 8b7fae0ab762cb2522db9b78d8c0d186\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 162998 c4c23fcc53e97f070b5d528eb163af00\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 37784 dbf2fb481981fe63a558447139c5b7bb\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 69388 fbd6ba202c666b7c8b27686fb309f528\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 23946 96ab72df3ae02e9822a52fa4d0fe08c2\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 42206 50ce55dbed833c43a58c7b5913249754\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 43540 8b1c4044113c1021717ef3c5b79686d6\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 34384 ce7f69712e2af6ec72bbddaaa4a4ed9d\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 45178 2148edf895d480b315fd5236a82af8be\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 32060 966345ea7709602258fefcc66b75c2a3\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 139936 a1917b6ae317b87749a7ea8b6c68cc96\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 70198 5350eedbce161c1c2cd09d780a80e8ae\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 60560 722387dd2747e994d49335669ea93449\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 30790 07abee4e10bd0f2834292aa9aed0351c\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 31656 a2601adf14c97c6339e5eece745b61ed\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 211826 b3a51143513404c3a58869ccdc980352\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 52172 05037589546d7bad9cf0fdc47c9b234a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 399312 bdec29fdaa096cfb4205448ca30debdf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 105690 104bd645147011b71b3d4250083df27d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 138286 5f206db56db8e0c610eb17349f6da5be\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 35156 c55f2924284487b4169a9d52f3b79f18\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 55500 b0b11055a2b744a20688eda87678f24c\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 23424 3e66bc4d54685e4cbafc1a53dcb7e4cf\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 38200 296ae362e7a9483e866f959ad4a5832b\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 37984 aa745d6da276a877a415fd66a06128d8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 31712 9af44dffde45b673760c7991606eb312\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 39850 606e9fe193e34f3ae1ea864e3a9e21bd\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 29436 ba92cf45fc7bfed068cc3de3d63220ee\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 111036 ade91cc8a12d1d5a3e57e4762a68a060\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 68726 77f24b45977cb9e3e729ee64d4e3ec4b\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 49958 4967192c48b8ad8bc1f0c0b244635616\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 27460 883c720bb718cd60dbe9f38c8792c2e0\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 28192 88b86afb0a2b04da8785c165402d7727\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 248918 005efbd5408a65d580e0c4d8ed8ed80b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 55564 4aa128a89c3f5b8dd3529e89e3d27f37\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 505212 d8dda2a0131d90cf29d9e299d28b356b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 114882 5102fbf99e5f52569a22a2c17748a520\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 160242 cf112ed81fdf868ab6efb07ef93ac2d7\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 37388 6a46e03e6fdbd7e4803ef2fb1370c699\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 58340 086cf69030b957bbe6cd27516f717f29\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 23590 15c7586e6b6cd94e3c3a559e980e5645\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 39534 755f9ee7cd757674e4d569ae01ec9474\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 39014 7199130531d369f8c8bd8178ae66158f\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 32122 8d128559a4e7b55a8309c7ded954ea93\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 40734 cd594016cfb45138345f8d19f824d5b2\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 30376 946da152608b5d49ed90edb152946442\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 120610 42e1d7253a98a12279a61bc3b12bfe10\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 57476 f4e2d9e86dc852068faad25bb8e78ca5\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 53346 974a501c32c765c9063ca0b1bf0100b3\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 28520 fa5ce3789529406ce6c62f6fb24e46b2\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 29186 8736a50aa2789aaed507714ebd298240\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 248064 8891058ed6fc8826f4bd57d5b8eb26b1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 55550 559be15f2dc64fffea360f5281660435\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 499388 8c838954ef0b75815fc8eedb3fc7559f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 114840 5d87f1b1d7dddf6d4087730b810d3d5d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 160350 cae061acf36faa4acc76abf8640051f8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 37308 b14e3b3f5c4ef1c9bb0615a9c2dace69\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 57946 acc5e0cee40880946eb211fb6d395f2c\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 23590 4b376e0c25d261f8eaa64e8a8bbd3d8c\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 39220 5c6c245272b4b80fadd56f2248f7861e\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 38712 e57c37dc5afcb2d09d684b759ac33f77\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 32044 dc3622de31025834023b1c2e68ef3246\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 40354 9ffa12ee944c9def479add6f18db7dc1\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 30352 69ea54f0432371140f802ac1a2e6f1ff\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 119520 307afbe2f26e9db953abb82c7d305799\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 52682 07759311f573f201c3187808f0955b54\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 53410 4033254bfa0482ec101e9de313ba5bfd\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 28588 71be890e75aa25f27cac29437ba3b4cb\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 29268 8260428b6857d0b2bf127f47d8082f66\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 228262 a5c5faca2967096b1a364c13740d32df\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 53894 552c568c50d62e54a5e96daa2bb87c1c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 466526 a50ed6bb5e236c8d6db8243734803ea0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 110132 4c947ba0c94cef3629eaa0f7eac8c2a1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 149254 722d7ced6894cefd14f68e446af458db\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 36230 dfbe16f671521b1515c9c8c9265a5342\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 57226 cfea58fb03d07ed85d674df21f1c7e7e\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 23580 7d63a22a980a14030126cfa322243ffc\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 39364 f6e7d32e6da45f8d5893e1d681eb9788\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 38630 1a815e315e9650a39f9c685fa8861846\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 31794 b54c265e1578e0f40cc7a683d6b8c742\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 40104 7dd0775da038d1b34428efd6bffa4b6c\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 30246 a7a5c8635a3c1c9b508e8af3dd05d44f\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 118918 2f21bb221eef3fb8ab9caa3006dae794\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 69400 7d1bb7b9e83a7ed9cf53cb5d385e9447\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 53826 fe4212f691d675bf1f682d17329c6c5e\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 28744 0012158f14e5fff7ec9988e2d7939cf6\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 29560 58921e138af421a9ea48d7a35b728f01\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 235020 45fae34704d01f03b5e0dd716bf91e90\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 55710 9cd974e488c7bc3a8430d01fe5dd6ad0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 433342 d6affed884050cffe8776f79ed749897\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 116002 7d68b959b4d7897179273c0d795c4a21\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 153824 6de2ef670834b0b22cde0888637d81a6\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 36982 fc870d47a3a23441cb83452904bed977\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 58358 ccf0873fd87a468e71c2d2745fcc0284\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 23664 6229dd41d0719f3a8b5fbafa81221584\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 41084 ed1f1756f66cfa655b04e77c02308fa3\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 39846 edc6789b94dc803b6e59efb287151162\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 33028 f74bb90f54953af275deadb3a09beedc\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 41900 81aa709bde50ea906d512637db5412df\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 30394 4055618b16374db57fcbe27264e35f61\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 125432 4e1b2fd68cdb66d210b5860870654a81\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 69554 606b376355b9392208cbba9cd43d6e0a\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 54608 a2f3303e3a1bb49e47ed0f68673509b2\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 28688 2df7664e3ff5a1173c62575184c674e8\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 29510 6b28d5ca95a5e09b74989bc1f6f81c14\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 227226 513f1a6c24c6b815470078cc0e2ee72e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 54026 52d920d2cfcf8e208e3a04afc2983751\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 430544 7819784bedbc84d394ca11ed42c2c9e4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 107728 c694c5e1d66d5985aaf2bf4eda793ba0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 151578 07eb106e95368b5dec91521907398d1d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 35636 1eab2cc36c7adc947b5e2fa70800e9b8\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 54854 eb29480cce8645f5bb72f2f2694b2f26\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 26260 9ddcdbc49b997c4dc903a651e3007877\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 39100 cf636dca0a94f193f46bcf88db439672\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 38004 28e82ffa12af5c90df707e686ef29906\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 31738 c70af19b2e2f73f1359208f0f8ce59b6\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 39884 cb269f527e83ae03a9b2db051a487fa8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 29702 925140a648da199ef7338bf415f605db\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 112400 5c9329c597ca1448ed158e30b4f7895a\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 58340 473a1c45ba02d9c84bb786ee116a46bd\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 55444 0272fc78d38e0c1d3dd7176e412504e2\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 28256 a33d2dbf32502d3f3caf3917e82c5ffe\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 28954 28a7aed2ab84250549c5e64ac987e00c\n\n These files will probably be moved into the stable distribution on\n its next update. BACKGROUND\n\nThe TELNET protocol allows virtual network terminals to be connected to\nover the internet. The initial description of the protocol was given in\nRFC854 in May 1983. Since then there have been many extra features added\nincluding encryption. \n\nII. \n\nThe vulnerability specifically exists in the handling of the LINEMODE\nsuboptions, in that there is no size check made on the output, which is\nstored in a fixed length buffer. \n\nIII. It may be \npossible to automatically launch the telnet command from a webpage, for \nexample:\n\n\u003chtml\u003e\u003cbody\u003e\n\u003ciframe src=\u0027telnet://malicious.server/\u0027\u003e\n\u003c/body\u003e\n\nOn opening this page the telnet client may be launched and attempt to \nconnect to the host \u0027malicious.server\u0027. \n\nIV. DETECTION\n\niDEFENSE has confirmed the existence of the vulnerability in the telnet \nclient included in the Kerberos V5 Release 1.3.6 package and the client \nincluded in the SUNWtnetc package of Solaris 5.9. \n\nV. WORKAROUND\n\niDEFENSE is currently unaware of any effective workarounds for this \nvulnerability. \n\nVI. VENDOR RESPONSE\n\nThe following vendors have provided official responses related to this\nvulnerability. Other vendors may be affected but have not provided an\nofficial response. \n\nVulnerable:\n\n- ALT Linux\nAll supported ALT Linux distributions include telnet client derived from\nOpenBSD 3.0. Updated packages with fixes for\nthese issues will be released on March 28, 2005. \nhttp://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html\n\n- Apple Computer, Inc. \nComponent: Telnet\nAvailable for: Mac OS X 10.3.8, Mac OS X Server 10.3.8\nThis is fixed in Security Update 2005-003, which is available at\nhttp://docs.info.apple.com/article.html?artnum=61798\n\n- FreeBSD\nFreeBSD-SA-05:01.telnet security advisory:\nftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc\n\n- MIT (Kerberos)\nThis vulnerability is covered in the following upcoming advisory:\nMITKRB5-SA-2005-001:\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt\npatch against krb5-1.4:\n http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt\n\n- Openwall Project\nThe bugs are fixed starting with telnet package version 3.0-owl2. \n http://www.openwall.com/Owl/CHANGES-current.shtml\n\n- Red Hat, Inc. \nRed Hat Enterprise Linux ships with telnet and krb5 packages vulnerable\nto this issue. New telnet and krb5 packages are now available along\nwith our advisory at the URLs below and by using the Red Hat Network\n\u0027up2date\u0027 tool. \n Red Hat Enterprise Linux - telnet\n http://rhn.redhat.com/errata/RHSA-2005-330.html\n Red Hat Enterprise Linux - krb5\n http://rhn.redhat.com/errata/RHSA-2005-327.html\n\n- Sun Microsystems Inc. \nSun confirms that the telnet(1) vulnerabilities do affect all\ncurrently supported versions of Solaris:\n Solaris 7, 8, 9 and 10\nSun has released a Sun Alert which describes a workaround until patches\nare available at:\n http://sunsolve.sun.com\n Sun Alert #57755 \nThe Sun Alert will be updated with the patch information once it becomes\navailable. Sun patches are available from:\n http://sunsolve.sun.com/securitypatch\n\nNot Vulnerable:\n\n- CyberSafe Limited\nThe CyberSafe TrustBroker products, version 3.0 or later, are not vulnerable. \n\n- Hewlett-Packard Development Company, L.P. \nHP-UX and HP Tru64 UNIX are not vulnerable. \n\n- InterSoft International, Inc. \nInterSoft International, Inc. products NetTerm, SecureNetTerm and\nSNetTerm are not affected by the slc_add_reply() buffer overflow\nconditions. \n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nnames CAN-2005-0469 to these issues. This is a candidate for inclusion\nin the CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n02/18/2005 Initial vendor notification\n03/28/2005 Coordinated public disclosure\n\nIX. CREDIT\n\nGa\\xebl Delalleau credited with this discovery. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2005 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. This is a multi-part message in MIME format. \n\nBackground\n==========\n\nnetkit-telnetd provides standard Linux telnet client and server. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll netkit-telnetd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/netkit-telnetd-0.17-r6\"\n\nReferences\n==========\n\n [ 1 ] CAN-2005-0469\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469\n [ 2 ] iDEFENSE Advisory 03-28-05\n\nhttp://www.idefense.com/application/poi/display?id=220\u0026type=vulnerabilities\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200503-36.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2005 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n\n\n--------------enig5AB53435F202A7CF12E5E13A\nContent-Type: application/pgp-signature;\n\tname=\"signature.asc\"\nContent-Transfer-Encoding: 7bit\nContent-Description: OpenPGP digital signature\nContent-Disposition: attachment;\n\tfilename=\"signature.asc\"\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.1 (GNU/Linux)\n\niD8DBQFCS97/vcL1obalX08RAqPTAJ0U96lQ6ItuSV4jrDU16XhgSX4fnwCeJ2kS\nRMB/LUN0B0tNRKR3DBoB0YE=\n=0wgI\n-----END PGP SIGNATURE-----\n\n--------------enig5AB53435F202A7CF12E5E13A--\n. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0469"
},
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "CERT/CC",
"id": "VU#291924"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000203"
},
{
"db": "BID",
"id": "12918"
},
{
"db": "PACKETSTORM",
"id": "37506"
},
{
"db": "PACKETSTORM",
"id": "38922"
},
{
"db": "PACKETSTORM",
"id": "38276"
},
{
"db": "PACKETSTORM",
"id": "36840"
},
{
"db": "PACKETSTORM",
"id": "36914"
},
{
"db": "PACKETSTORM",
"id": "37029"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "14745",
"trust": 4.0
},
{
"db": "NVD",
"id": "CVE-2005-0469",
"trust": 3.2
},
{
"db": "BID",
"id": "12918",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#291924",
"trust": 2.4
},
{
"db": "AUSCERT",
"id": "ESB-2005.0419",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#341908",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "17899",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "15030",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000203",
"trust": 0.8
},
{
"db": "FREEBSD",
"id": "FREEBSD-SA-05:01.TELNET",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57761",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "57755",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101665",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "101671",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20050328 MULTIPLE TELNET CLIENT SLC_ADD_REPLY() BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-731",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-699",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-703",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-697",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:330",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:327",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-224-1",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2005:061",
"trust": 0.6
},
{
"db": "SGI",
"id": "20050405-01-P",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200503-36",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200505-613",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "37506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38922",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38276",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36840",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36914",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37029",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "CERT/CC",
"id": "VU#291924"
},
{
"db": "BID",
"id": "12918"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000203"
},
{
"db": "PACKETSTORM",
"id": "37506"
},
{
"db": "PACKETSTORM",
"id": "38922"
},
{
"db": "PACKETSTORM",
"id": "38276"
},
{
"db": "PACKETSTORM",
"id": "36840"
},
{
"db": "PACKETSTORM",
"id": "36914"
},
{
"db": "PACKETSTORM",
"id": "37029"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-613"
},
{
"db": "NVD",
"id": "CVE-2005-0469"
}
]
},
"id": "VAR-200505-0163",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4615448
},
"last_update_date": "2024-07-23T20:48:54.841000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "telnet",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/telnet.html"
},
{
"title": "MITKRB5-SA-2005-001",
"trust": 0.8,
"url": "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2005-001-telnet.txt"
},
{
"title": "RHSA-2005:327",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2005-327.html"
},
{
"title": "RHSA-2005:330",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-330.html"
},
{
"title": "Telnet \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306e\u8106\u5f31\u6027\u306b\u3088\u308b SEIL \u30b7\u30ea\u30fc\u30ba\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.seil.jp/seilseries/news/snote/_snote_20050810_01.html"
},
{
"title": "57761",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1"
},
{
"title": "57755",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1"
},
{
"title": "57761",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-3"
},
{
"title": "57755",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-3"
},
{
"title": "TLSA-2005-52",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2005/tlsa-2005-52.txt"
},
{
"title": "RHSA-2005:327",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-327j.html"
},
{
"title": "RHSA-2005:330",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-330j.html"
},
{
"title": "TLSA-2005-52",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2005/tlsa-2005-52j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000203"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0469"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.idefense.com/application/poi/display?id=220\u0026type=vulnerabilities"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/14745/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/12918"
},
{
"trust": 2.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1"
},
{
"trust": 2.0,
"url": "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2005-001-telnet.txt"
},
{
"trust": 1.9,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1"
},
{
"trust": 1.6,
"url": "http://web.mit.edu/kerberos/www/...s/mitkrb5-sa-2005-001-telnet.txt "
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1 "
},
{
"trust": 1.6,
"url": "http://www.auscert.org.au/5134"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/291924"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-330.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2005-327.html"
},
{
"trust": 1.6,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-36.xml"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2005/dsa-703"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2005/dsa-699"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2005/dsa-697"
},
{
"trust": 1.6,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20050405-01-p"
},
{
"trust": 1.6,
"url": "http://www.ubuntulinux.org/usn/usn-224-1"
},
{
"trust": 1.6,
"url": "http://www.debian.de/security/2005/dsa-731"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17899"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/14745"
},
{
"trust": 1.6,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-05:01.telnet.asc"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2005:061"
},
{
"trust": 1.2,
"url": "https://rhn.redhat.com/errata/rhsa-2005-327.html"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9708"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15030/"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=221\u0026type=vulnerabilities"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0469"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23291924/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0469"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/341908"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0469"
},
{
"trust": 0.4,
"url": "http://lists.altlinux.ru/pipermail/security-announce/2005-march/000287.html"
},
{
"trust": 0.4,
"url": "http://www.openwall.com/owl/changes-current.shtml"
},
{
"trust": 0.4,
"url": "http://rhn.redhat.com/errata/rhsa-2005-330.html"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata.html#telnet"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata35.html#telnet"
},
{
"trust": 0.3,
"url": "http://www.pdc.kth.se/heimdal/advisory/2005-04-20/"
},
{
"trust": 0.3,
"url": "http://www.uniras.gov.uk/niscc/docs/br-20051101-00969.html?lang=en"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-088_rhsa-2005-330.pdf"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-132_rhsa-2005-327.pdf"
},
{
"trust": 0.3,
"url": "http://www.f5.com/"
},
{
"trust": 0.3,
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?type=vulnerabilities\u0026id=220"
},
{
"trust": 0.3,
"url": "http://www.netbsd.org/"
},
{
"trust": 0.3,
"url": "ftp://ftp.uk.linux.org/pub/linux/networking/netkit/"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=301061"
},
{
"trust": 0.3,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.3,
"url": "http://creativecommons.org/licenses/by-sa/2.0"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0469"
},
{
"trust": 0.3,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0468"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0468"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1006/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mips.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200504-28.xml"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/poi/teams/vcp.jsp"
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com/securitypatch"
},
{
"trust": 0.1,
"url": "http://sunsolve.sun.com"
},
{
"trust": 0.1,
"url": "http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=61798"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200503-36.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200504-04.xml"
},
{
"trust": 0.1,
"url": "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2005-001-telnet.txt"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "CERT/CC",
"id": "VU#291924"
},
{
"db": "BID",
"id": "12918"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000203"
},
{
"db": "PACKETSTORM",
"id": "37506"
},
{
"db": "PACKETSTORM",
"id": "38922"
},
{
"db": "PACKETSTORM",
"id": "38276"
},
{
"db": "PACKETSTORM",
"id": "36840"
},
{
"db": "PACKETSTORM",
"id": "36914"
},
{
"db": "PACKETSTORM",
"id": "37029"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-613"
},
{
"db": "NVD",
"id": "CVE-2005-0469"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#341908"
},
{
"db": "CERT/CC",
"id": "VU#291924"
},
{
"db": "BID",
"id": "12918"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000203"
},
{
"db": "PACKETSTORM",
"id": "37506"
},
{
"db": "PACKETSTORM",
"id": "38922"
},
{
"db": "PACKETSTORM",
"id": "38276"
},
{
"db": "PACKETSTORM",
"id": "36840"
},
{
"db": "PACKETSTORM",
"id": "36914"
},
{
"db": "PACKETSTORM",
"id": "37029"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-613"
},
{
"db": "NVD",
"id": "CVE-2005-0469"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-04-01T00:00:00",
"db": "CERT/CC",
"id": "VU#341908"
},
{
"date": "2005-03-29T00:00:00",
"db": "CERT/CC",
"id": "VU#291924"
},
{
"date": "2005-03-28T00:00:00",
"db": "BID",
"id": "12918"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000203"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37506"
},
{
"date": "2005-07-28T06:36:03",
"db": "PACKETSTORM",
"id": "38922"
},
{
"date": "2005-06-24T07:12:08",
"db": "PACKETSTORM",
"id": "38276"
},
{
"date": "2005-03-29T05:18:19",
"db": "PACKETSTORM",
"id": "36840"
},
{
"date": "2005-04-14T06:14:55",
"db": "PACKETSTORM",
"id": "36914"
},
{
"date": "2005-04-17T18:36:49",
"db": "PACKETSTORM",
"id": "37029"
},
{
"date": "2005-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-613"
},
{
"date": "2005-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2005-0469"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-07-28T00:00:00",
"db": "CERT/CC",
"id": "VU#341908"
},
{
"date": "2005-12-22T00:00:00",
"db": "CERT/CC",
"id": "VU#291924"
},
{
"date": "2007-02-22T18:56:00",
"db": "BID",
"id": "12918"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000203"
},
{
"date": "2006-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-613"
},
{
"date": "2017-10-11T01:29:56.293000",
"db": "NVD",
"id": "CVE-2005-0469"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "36840"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-613"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Telnet Clients vulnerable to buffer overflow via the env_opt_add() function in telnet.c",
"sources": [
{
"db": "CERT/CC",
"id": "VU#341908"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-613"
}
],
"trust": 0.6
}
}
VAR-200310-0072
Vulnerability from variot - Updated: 2024-07-23 19:31The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. sendmail A buffer overflow vulnerability was discovered in the email address parsing process. This vulnerability CERT Advisory CA-2003-07, CA-2003-12 This is a new vulnerability that differs from the vulnerability reported in. As for the vulnerability, there is a possibility that a third party may obtain administrator authority from a remote location. This problem, sendmail Occurs by receiving a message with a maliciously configured email address. For this reason, LAN Is running on a host sendmail Even other MTA (Mail Transfer Agent) If you receive a malicious message relayed from, you may be affected by the vulnerability.Service operation interruption (denial-of-service, DoS) An attacker or a remote third party may gain administrative privileges. This issue is different than the vulnerability described in BID 7230. Sendmail is one of the most popular mail transfer agents (MTAs) on the Internet. The local exploitation method on Linux can use recipient.c and sendtolist() to overwrite the pointer with the data submitted by the user. When calling the free() function, the command may be redirected, and the attacker can construct a malicious email message and submit it to Sendmail for analysis. Execute arbitrary commands on the system with Sendmail process privileges. There may also be other exploit methods, and it is also possible to exploit this vulnerability remotely
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200310-0072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.5"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.1"
},
{
"model": "advanced server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.8,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.8,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.8,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "0.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "0.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk5_bl23"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk3_bl3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk6_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk2_bl2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk4_bl22"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk2_bl22"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "pro",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk5_bl19"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk7_bl18"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk4_bl18"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk8_bl22"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk1_bl1"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.19m"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.18f"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.18m"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.17m"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk3_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.1a"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "8.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.17f"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.19f"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk1_bl1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk4_bl21"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk6_bl20"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "pro",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.21f"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk3_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.9"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.21m"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.20f"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.20m"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm eserver",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sendmail consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "openlinux",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "3.1.1 (server)"
},
{
"model": "open unix",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "8.0.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "3.0.x (solaris"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "linux"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "systemwalker it budgetmgr",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix edition )"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "for nt",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.6.x"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "systemwalker listcreator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.12.9 and earlier"
},
{
"model": "for nt",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "version 3.0.x"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "7.1.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2.xj (windows nt/2000 edition )"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2.x (solaris"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "openbsd",
"scope": "lt",
"trust": 0.8,
"vendor": "openbsd",
"version": "version"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "linux"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix edition )"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "windows nt/2000"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "1.3 (windows 2000 edition )"
},
{
"model": "teamware office",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.8,
"vendor": "sgi",
"version": "6.5 (6.5.15 - 6.5.21f)"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.1.x (solaris"
},
{
"model": "openlinux",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "3.1.1 (workstation)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "3.1.x (solaris"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.8,
"vendor": "fore tune",
"version": "5.0"
},
{
"model": "cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "interstage office square",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "gnu/linux",
"scope": "eq",
"trust": 0.8,
"vendor": "debian",
"version": "3.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.1.x (hp-ux edition )"
},
{
"model": "freebsd",
"scope": "lt",
"trust": 0.8,
"vendor": "freebsd",
"version": "version"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.8,
"vendor": "fore tune",
"version": "4.3.1"
},
{
"model": "gnu/linux",
"scope": "lt",
"trust": 0.8,
"vendor": "debian",
"version": "version"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "systemwalker listworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.0.x (solaris"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "s390 linux edition )"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "1.2 (solaris"
},
{
"model": "systemwalker ip netmgr",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "s390 linux edition )"
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0.7"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "inc sendmail pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "inc sendmail pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.9"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5x86"
},
{
"model": "sh3",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "linux rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux a",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "tru64 b pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 b pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 g pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 g pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f pk8",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f pk7",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "consortium sendmail",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:advanced_message_server:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:advanced_message_server:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_pro:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.20f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.20m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.21f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.21m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_pro:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.19f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.19m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk4_bl21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk5_bl23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_advanced_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michal Zalewski\u203b lcamtuf@echelon.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0694",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2003-0694",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-7519",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0694",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#784980",
"trust": 0.8,
"value": "36.72"
},
{
"author": "CNNVD",
"id": "CNNVD-200310-019",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-7519",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2003-0694",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. sendmail A buffer overflow vulnerability was discovered in the email address parsing process. This vulnerability CERT Advisory CA-2003-07, CA-2003-12 This is a new vulnerability that differs from the vulnerability reported in. As for the vulnerability, there is a possibility that a third party may obtain administrator authority from a remote location. This problem, sendmail Occurs by receiving a message with a maliciously configured email address. For this reason, LAN Is running on a host sendmail Even other MTA (Mail Transfer Agent) If you receive a malicious message relayed from, you may be affected by the vulnerability.Service operation interruption (denial-of-service, DoS) An attacker or a remote third party may gain administrative privileges. This issue is different than the vulnerability described in BID 7230. Sendmail is one of the most popular mail transfer agents (MTAs) on the Internet. The local exploitation method on Linux can use recipient.c and sendtolist() to overwrite the pointer with the data submitted by the user. When calling the free() function, the command may be redirected, and the attacker can construct a malicious email message and submit it to Sendmail for analysis. Execute arbitrary commands on the system with Sendmail process privileges. There may also be other exploit methods, and it is also possible to exploit this vulnerability remotely",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0694"
},
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#784980",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2003-0694",
"trust": 2.9
},
{
"db": "BID",
"id": "8641",
"trust": 1.3
},
{
"db": "XF",
"id": "13204",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019",
"trust": 0.7
},
{
"db": "CONECTIVA",
"id": "CLA-2003:742",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:284",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:283",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-25",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20030917 ZALEWSKI ADVISORY - SENDMAIL 8.12.9 PRESCAN BUG",
"trust": 0.6
},
{
"db": "SCO",
"id": "SCOSA-2004.11",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:092",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 GLSA: SENDMAIL (200309-13)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 [SLACKWARE-SECURITY] SENDMAIL VULNERABILITIES FIXED (SSA:2003-260-02)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 SENDMAIL 8.12.9 PRESCAN BUG (A NEW ONE) [CAN-2003-0694]",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030919 [OPENPKG-SA-2003.041] OPENPKG SECURITY ADVISORY (SENDMAIL)",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:603",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2975",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:572",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20030917 SENDMAIL 8.12.9 PRESCAN BUG (A NEW ONE) [CAN-2003-0694]",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-384",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-7519",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2003-0694",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"id": "VAR-200310-0072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7519"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:31:47.530000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ca-2003-25",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/cert/cert2003.html#ca-2003-25"
},
{
"title": "DSA-384-1",
"trust": 0.8,
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"title": "FreeBSD-SA-03:13.sendmail ",
"trust": 0.8,
"url": "http://security.freebsd.org/advisories/freebsd-sa-03:13.sendmail.asc"
},
{
"title": "HPSBUX00281",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01035741"
},
{
"title": "IY48657",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy48657"
},
{
"title": "IY48659",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy48659"
},
{
"title": "IY48658",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy48658"
},
{
"title": "MSS-OAR-E01-2003.1473.1",
"trust": 0.8,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2003.1473.1"
},
{
"title": "sendmail (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=150"
},
{
"title": "NetBSD-SA2003-016",
"trust": 0.8,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2003-016.txt.asc"
},
{
"title": "018: SECURITY FIX: September 17, 2003",
"trust": 0.8,
"url": "http://www.openbsd.org/errata32.html#sendmail4"
},
{
"title": "005: SECURITY FIX: September 17, 2003",
"trust": 0.8,
"url": "http://www.openbsd.org/errata33.html#sendmail"
},
{
"title": "RHSA-2003:283",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-283.html"
},
{
"title": "RHSA-2003:284",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-284.html"
},
{
"title": "CSSA-2003-036.0",
"trust": 0.8,
"url": "ftp://ftp.sco.com/pub/security/openlinux/cssa-2003-036.0.txt"
},
{
"title": "CSSA-2003-SCO.23.1",
"trust": 0.8,
"url": "ftp://ftp.sco.com/pub/updates/unixware/cssa-2003-sco.23/cssa-2003-sco.23.txt"
},
{
"title": "8.12.10",
"trust": 0.8,
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"title": "2003-9-17",
"trust": 0.8,
"url": "http://www.sendmail.com/security/"
},
{
"title": "20030903-01-P",
"trust": 0.8,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030903-01-p.asc"
},
{
"title": "56922",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56922-1"
},
{
"title": "56860",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56860-1"
},
{
"title": "56922",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56922-3"
},
{
"title": "56860",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56860-3"
},
{
"title": "XTR Sendmail Security Update 1.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026amp;nav=patchpage"
},
{
"title": "550 Sendmail Security Update 0.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "4 Sendmail Security Update 2.0.2",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-52",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-52.txt"
},
{
"title": "Sendmail Inc. Information for VU#784980",
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/aamn-5rhq64"
},
{
"title": "M500-012",
"trust": 0.8,
"url": "ftp://ftp.foretune.co.jp/pub/bsdos/patches-5.0/m500-012.ia32"
},
{
"title": "M431-011",
"trust": 0.8,
"url": "ftp://ftp.foretune.co.jp/pub/bsdos/patches-4.3.1/i386/m431-011"
},
{
"title": "RHSA-2003:283",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-283j.html"
},
{
"title": "RHSA-2003:284",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-284j.html"
},
{
"title": "TLSA-2003-52",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-52j.txt"
},
{
"title": "Debian Security Advisories: DSA-384-1 sendmail -- buffer overflows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=243b978e3f17d13dd590ac7cfc4a472f"
},
{
"title": "cumes",
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes "
},
{
"title": "x0rzEQGRP",
"trust": 0.1,
"url": "https://github.com/happysmack/x0rzeqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/nekkidso/eqgrp "
},
{
"title": "test",
"trust": 0.1,
"url": "https://github.com/devkosov/test "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/hackcrypto/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ninja-tw1st/eqgrp "
},
{
"title": "leaked2",
"trust": 0.1,
"url": "https://github.com/kongjiexi/leaked2 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/391861737/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/muhammd/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/r3k1ng/shadowbrokersfiles "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ckmaenn/eqgrp "
},
{
"title": "EQGRP_Linux",
"trust": 0.1,
"url": "https://github.com/cybernetix-s3c/eqgrp_linux "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/iha114/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/antiscammerarmy/shadowbrokersfiles "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/thetrentusdev/shadowbrokerstuff "
},
{
"title": "bdhglopoj",
"trust": 0.1,
"url": "https://github.com/maxcvnd/bdhglopoj "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/shakenetwork/shadowbrokerstuff "
},
{
"title": "x0rz-EQGRP",
"trust": 0.1,
"url": "https://github.com/r3p3r/x0rz-eqgrp "
},
{
"title": "ShadowBrokersStuff",
"trust": 0.1,
"url": "https://github.com/thetrentus/shadowbrokersstuff "
},
{
"title": "EQ1",
"trust": 0.1,
"url": "https://github.com/thepevertedspartan/eq1 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/badbug6/eqgrp "
},
{
"title": "EQGRP-nasa",
"trust": 0.1,
"url": "https://github.com/soldie/eqgrp-nasa "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/mofty/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/thetrentus/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/namangangwar/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/x0rz/eqgrp "
},
{
"title": "SB--.-HACK-the-EQGRP-1",
"trust": 0.1,
"url": "https://github.com/cipherreborn/sb--.-hack-the-eqgrp-1 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.cert.org/advisories/ca-2003-25.html"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"trust": 2.6,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html"
},
{
"trust": 2.6,
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:092"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-283.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-284.html"
},
{
"trust": 1.8,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2004.11/scosa-2004.11.txt"
},
{
"trust": 1.8,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2975"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a572"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a603"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/8641"
},
{
"trust": 0.8,
"url": "http://archives.neohapsis.com/archives/sendmail/2003-q3/0002.html"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org/patches/parse8.359.2.8"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-149.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0694"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13204"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr033901.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr034001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-25"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-25"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0694"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030918_190150.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:603"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:572"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2975"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/servers/aix/"
},
{
"trust": 0.3,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000746"
},
{
"trust": 0.3,
"url": "http://www.sendmail.org/"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56860"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56922"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/qube3.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v4.0g/t64kit0020132-v40gb22-es-20031001.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-553-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-563-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-586-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-594-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "/archive/1/337839"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106383437615742\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106381604923204\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106382859407683\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106398718909274\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000742"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-384"
},
{
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-17T00:00:00",
"db": "CERT/CC",
"id": "VU#784980"
},
{
"date": "2003-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-7519"
},
{
"date": "2003-10-06T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"date": "2003-09-17T00:00:00",
"db": "BID",
"id": "8641"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"date": "2003-09-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"date": "2003-10-06T04:00:00",
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-29T00:00:00",
"db": "CERT/CC",
"id": "VU#784980"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-7519"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"date": "2009-07-11T23:56:00",
"db": "BID",
"id": "8641"
},
{
"date": "2007-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"date": "2006-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sendmail prescan() buffer overflow vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "8641"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
}
],
"trust": 0.9
}
}
VAR-200406-0158
Vulnerability from variot - Updated: 2024-07-23 19:28Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. The Linux kernel contains a denial-of-service vulnerability that allows local users to disable affected hosts. Linux Kernel Stores the process state of the floating point unit / Used to restore FSAVE/FRSTOR There are deficiencies in the handling of instructions. This issue is due to a design error that causes the kernel to fail to properly handle floating-point exceptions. This issue may be leveraged by an attacker to cause the affected system to crash, denying service to legitimate users. Although only select Linux kernels are reported to be affected, it is likely that various other versions are vulnerable as well. These issues were found during a recent audit of the Linux kernel source. The following drivers are reportedly affected by these issues: aironet asus_acpi decnet mpu401 msnd pss These issues may reportedly allow attackers to access kernel memory or gain escalated privileges on the affected computer. Local attackers can exploit these vulnerabilities to elevate privileges or conduct denial-of-service attacks on the system. The affected device drivers are: aironet, asus_acpi, decnet, mpu401, msnd, and pss. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1069-1 security@debian.org http://www.debian.org/security/ Martin Schulze, Dann Frazier May 20th, 2006 http://www.debian.org/security/faq
Package : kernel-source-2.4.18,kernel-image-2.4.18-1-alpha,kernel-image-2.4.18-1-i386,kernel-image-2.4.18-hppa,kernel-image-2.4.18-powerpc-xfs,kernel-patch-2.4.18-powerpc,kernel-patch-benh Vulnerability : several Problem-Type : local/remote Debian-specific: no CVE IDs : CVE-2004-0427 CVE-2005-0489 CVE-2004-0394 CVE-2004-0447 CVE-2004-0554 CVE-2004-0565 CVE-2004-0685 CVE-2005-0001 CVE-2004-0883 CVE-2004-0949 CVE-2004-1016 CVE-2004-1333 CVE-2004-0997 CVE-2004-1335 CVE-2004-1017 CVE-2005-0124 CVE-2005-0528 CVE-2003-0984 CVE-2004-1070 CVE-2004-1071 CVE-2004-1072 CVE-2004-1073 CVE-2004-1074 CVE-2004-0138 CVE-2004-1068 CVE-2004-1234 CVE-2005-0003 CVE-2004-1235 CVE-2005-0504 CVE-2005-0384 CVE-2005-0135
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
CVE-2004-0394
A buffer overflow in the panic handling code has been found.
CVE-2004-0565
An information leak in the context switch code has been found on
the IA64 architecture.
CVE-2004-0685
Unsafe use of copy_to_user in USB drivers may disclose sensitive
information.
CVE-2005-0001
A race condition in the i386 page fault handler may allow privilege
escalation.
CVE-2004-0883
Multiple vulnerabilities in the SMB filesystem code may allow denial
of service of information disclosure.
CVE-2004-0949
An information leak discovered in the SMB filesystem code.
CVE-2004-0997
A local privilege escalation in the MIPS assembly code has been found.
CVE-2004-1335
A memory leak in the ip_options_get() function may lead to denial of
service.
CVE-2004-1017
Multiple overflows exist in the io_edgeport driver which might be usable
as a denial of service attack vector.
CVE-2005-0124
Bryan Fulton reported a bounds checking bug in the coda_pioctl function
which may allow local users to execute arbitrary code or trigger a denial
of service attack.
CVE-2005-0528
A local privilege escalation in the mremap function has been found
CVE-2003-0984
Inproper initialization of the RTC may disclose information.
CVE-2004-1070
Insufficient input sanitising in the load_elf_binary() function may
lead to privilege escalation.
CVE-2004-1071
Incorrect error handling in the binfmt_elf loader may lead to privilege
escalation.
CVE-2004-1072
A buffer overflow in the binfmt_elf loader may lead to privilege
escalation or denial of service.
CVE-2004-1073
The open_exec function may disclose information.
CVE-2004-1074
The binfmt code is vulnerable to denial of service through malformed
a.out binaries.
CVE-2004-1068
A programming error in the unix_dgram_recvmsg() function may lead to
privilege escalation.
CVE-2004-1234
The ELF loader is vulnerable to denial of service through malformed
binaries.
CVE-2005-0003
Crafted ELF binaries may lead to privilege escalation, due to
insufficient checking of overlapping memory regions.
CVE-2004-1235
A race condition in the load_elf_library() and binfmt_aout() functions
may allow privilege escalation.
CVE-2005-0504
An integer overflow in the Moxa driver may lead to privilege escalation.
The following matrix explains which kernel version for which architecture fix the problems mentioned above:
Debian 3.0 (woody)
Source 2.4.18-14.4
Alpha architecture 2.4.18-15woody1
Intel IA-32 architecture 2.4.18-13.2
HP Precision architecture 62.4
PowerPC architecture 2.4.18-1woody6
PowerPC architecture/XFS 20020329woody1
PowerPC architecture/benh 20020304woody1
Sun Sparc architecture 22woody1
We recommend that you upgrade your kernel package immediately and reboot the machine.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get dist-upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEb9YGXm3vHE4uyloRAkhXAJ0e1RmUxVZSbQICFa/j07oKPfWRVwCeMrhj wYGegwosZg6xi3oI77opLQY= =eu/T -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.dsc
Size/MD5 checksum: 692 27f44a0eec5837b0b01d26c6cff392be
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.tar.gz
Size/MD5 checksum: 27768 6c719a6343c9ea0dad44a736b3842504
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.dsc
Size/MD5 checksum: 792 d7c89c90fad77944ca1c5a18327f31dd
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.tar.gz
Size/MD5 checksum: 1013866 21b4b677a7a319442c8fe8a4c72eb4c2
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.dsc
Size/MD5 checksum: 672 4c353db091e8edc4395e46cf8d39ec42
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.diff.gz
Size/MD5 checksum: 71071 7012adde9ba9a573e1be66f0d258721a
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19.orig.tar.gz
Size/MD5 checksum: 32000211 237896fbb45ae652cc9c5cecc9b746da
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.18-sparc_22woody1_all.deb
Size/MD5 checksum: 1521850 75d23c7c54094b1d25d3b708fd644407
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.19-sparc_26woody1_all.deb
Size/MD5 checksum: 1547874 c6881b25e3a5967e0f6f9c351fb88962
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5_all.deb
Size/MD5 checksum: 1014564 0e89364c2816f5f4519256a8ea367ab6
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-doc-2.4.19_2.4.19-4.woody3_all.deb
Size/MD5 checksum: 1785490 c66cef9e87d9a89caeee02af31e3c96d
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3_all.deb
Size/MD5 checksum: 25902158 321403201a198371fd55c9b8ac4583f7
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u_22woody1_sparc.deb
Size/MD5 checksum: 3923058 db7bbd997410667bec4ac713d81d60ea
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u-smp_22woody1_sparc.deb
Size/MD5 checksum: 4044796 106fcb86485531d96b4fdada61b71405
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u_26woody1_sparc.deb
Size/MD5 checksum: 3831424 347b0c290989f0cc99f3b336c156f61d
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u-smp_26woody1_sparc.deb
Size/MD5 checksum: 3952220 f7dd8326c0ae0b0dee7c46e24023d0a2
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-headers-2.4.19_2.4.19-0.020911.1.woody5_mips.deb
Size/MD5 checksum: 3890804 7348a8cd3961190aa2a19f562c96fe2f
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r4k-ip22_2.4.19-0.020911.1.woody5_mips.deb
Size/MD5 checksum: 2080618 d52d00e7097ae0c8f4ccb6f34656361d
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r5k-ip22_2.4.19-0.020911.1.woody5_mips.deb
Size/MD5 checksum: 2080830 db7141d3c0d86a43659176f974599cc2
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/mips-tools_2.4.19-0.020911.1.woody5_mips.deb
Size/MD5 checksum: 15816 c31e3b72d6eac6f3f99f75ea838e0bf9
These files will probably be moved into the stable distribution on its next update
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200406-0158",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 2.2,
"vendor": "suse",
"version": "8.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 2.2,
"vendor": "suse",
"version": "8.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.4.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.4.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.4.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.4.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.4.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 1.6,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "8"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "email server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "3.1"
},
{
"model": "linux firewall cd",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "9.0"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "s3400"
},
{
"model": "s8700",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "linux connectivity server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "8.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.6.0"
},
{
"model": "linux admin-cd for firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "s8300",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8.2"
},
{
"model": "office server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "linux database server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8700",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": "linux office server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "intuity audix",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.0"
},
{
"model": "email server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "iii"
},
{
"model": "s8300",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "linux office server",
"scope": null,
"trust": 0.6,
"vendor": "s u s e",
"version": null
},
{
"model": "linux firewall on cd",
"scope": null,
"trust": 0.6,
"vendor": "s u s e",
"version": null
},
{
"model": "linux database server",
"scope": "eq",
"trust": 0.6,
"vendor": "s u s e",
"version": "0"
},
{
"model": "linux connectivity server",
"scope": null,
"trust": 0.6,
"vendor": "s u s e",
"version": null
},
{
"model": "linux admin-cd for firewall",
"scope": null,
"trust": 0.6,
"vendor": "s u s e",
"version": null
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel -rc2",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel -rc1",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "2.6"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.6,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.6,
"vendor": "avaya",
"version": null
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.6,
"vendor": "avaya",
"version": null
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.6,
"vendor": "avaya",
"version": null
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.6,
"vendor": "avaya",
"version": null
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.6,
"vendor": "avaya",
"version": null
},
{
"model": "s3400 message application server",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.6,
"vendor": "avaya",
"version": null
},
{
"model": "enterprise server -u1",
"scope": "eq",
"trust": 0.3,
"vendor": "tinysofa",
"version": "1.0"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "tinysofa",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.20"
},
{
"model": "secure professional",
"scope": "eq",
"trust": 0.3,
"vendor": "engarde",
"version": "1.5"
},
{
"model": "secure community",
"scope": "eq",
"trust": 0.3,
"vendor": "engarde",
"version": "2.0"
},
{
"model": "enterprise server -u2",
"scope": "ne",
"trust": 0.3,
"vendor": "tinysofa",
"version": "1.0"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.2.19"
},
{
"model": "linux kernel pre6-gentoo",
"scope": "ne",
"trust": 0.3,
"vendor": "gentoo",
"version": "2.4.26"
},
{
"model": "linux kernel -rc3-gentoo",
"scope": "ne",
"trust": 0.3,
"vendor": "gentoo",
"version": "2.4.26"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "suse email server iii",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "suse email server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "3.1"
},
{
"model": "office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973654"
},
{
"db": "BID",
"id": "10538"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000225"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-053"
},
{
"db": "NVD",
"id": "CVE-2004-0554"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_firewall_cd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_email_server:iii:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_email_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_office_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0554"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Viro",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-053"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0554",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2004-0554",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-8984",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0554",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#973654",
"trust": 0.8,
"value": "11.81"
},
{
"author": "CNNVD",
"id": "CNNVD-200408-053",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-8984",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973654"
},
{
"db": "VULHUB",
"id": "VHN-8984"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000225"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-053"
},
{
"db": "NVD",
"id": "CVE-2004-0554"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a \"crash.c\" program. The Linux kernel contains a denial-of-service vulnerability that allows local users to disable affected hosts. Linux Kernel Stores the process state of the floating point unit / Used to restore FSAVE/FRSTOR There are deficiencies in the handling of instructions. This issue is due to a design error that causes the kernel to fail to properly handle floating-point exceptions. \nThis issue may be leveraged by an attacker to cause the affected system to crash, denying service to legitimate users. \nAlthough only select Linux kernels are reported to be affected, it is likely that various other versions are vulnerable as well. These issues were found during a recent audit of the Linux kernel source. \nThe following drivers are reportedly affected by these issues:\naironet\nasus_acpi\ndecnet\nmpu401\nmsnd\npss\nThese issues may reportedly allow attackers to access kernel memory or gain escalated privileges on the affected computer. Local attackers can exploit these vulnerabilities to elevate privileges or conduct denial-of-service attacks on the system. The affected device drivers are: aironet, asus_acpi, decnet, mpu401, msnd, and pss. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1069-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze, Dann Frazier\nMay 20th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-source-2.4.18,kernel-image-2.4.18-1-alpha,kernel-image-2.4.18-1-i386,kernel-image-2.4.18-hppa,kernel-image-2.4.18-powerpc-xfs,kernel-patch-2.4.18-powerpc,kernel-patch-benh\nVulnerability : several\nProblem-Type : local/remote\nDebian-specific: no\nCVE IDs : CVE-2004-0427 CVE-2005-0489 CVE-2004-0394 CVE-2004-0447 CVE-2004-0554 CVE-2004-0565 CVE-2004-0685 CVE-2005-0001 CVE-2004-0883 CVE-2004-0949 CVE-2004-1016 CVE-2004-1333 CVE-2004-0997 CVE-2004-1335 CVE-2004-1017 CVE-2005-0124 CVE-2005-0528 CVE-2003-0984 CVE-2004-1070 CVE-2004-1071 CVE-2004-1072 CVE-2004-1073 CVE-2004-1074 CVE-2004-0138 CVE-2004-1068 CVE-2004-1234 CVE-2005-0003 CVE-2004-1235 CVE-2005-0504 CVE-2005-0384 CVE-2005-0135\n\nSeveral local and remote vulnerabilities have been discovered in the Linux\nkernel that may lead to a denial of service or the execution of arbitrary\ncode. \n\n CVE-2004-0394\n\n A buffer overflow in the panic handling code has been found. \n\n CVE-2004-0565\n\n An information leak in the context switch code has been found on\n the IA64 architecture. \n\n CVE-2004-0685\n\n Unsafe use of copy_to_user in USB drivers may disclose sensitive\n information. \n\n CVE-2005-0001\n\n A race condition in the i386 page fault handler may allow privilege\n escalation. \n\n CVE-2004-0883\n\n Multiple vulnerabilities in the SMB filesystem code may allow denial\n of service of information disclosure. \n\n CVE-2004-0949\n\n An information leak discovered in the SMB filesystem code. \n\n CVE-2004-0997\n\n A local privilege escalation in the MIPS assembly code has been found. \n \n CVE-2004-1335\n \n A memory leak in the ip_options_get() function may lead to denial of\n service. \n \n CVE-2004-1017\n\n Multiple overflows exist in the io_edgeport driver which might be usable\n as a denial of service attack vector. \n \n CVE-2005-0124\n\n Bryan Fulton reported a bounds checking bug in the coda_pioctl function\n which may allow local users to execute arbitrary code or trigger a denial\n of service attack. \n\n CVE-2005-0528\n\n A local privilege escalation in the mremap function has been found\n\n CVE-2003-0984\n\n Inproper initialization of the RTC may disclose information. \n\n CVE-2004-1070\n\n Insufficient input sanitising in the load_elf_binary() function may\n lead to privilege escalation. \n\n CVE-2004-1071\n\n Incorrect error handling in the binfmt_elf loader may lead to privilege\n escalation. \n\n CVE-2004-1072\n\n A buffer overflow in the binfmt_elf loader may lead to privilege\n escalation or denial of service. \n\n CVE-2004-1073\n\n The open_exec function may disclose information. \n\n CVE-2004-1074\n\n The binfmt code is vulnerable to denial of service through malformed\n a.out binaries. \n\n CVE-2004-1068\n\n A programming error in the unix_dgram_recvmsg() function may lead to\n privilege escalation. \n\n CVE-2004-1234\n\n The ELF loader is vulnerable to denial of service through malformed\n binaries. \n\n CVE-2005-0003\n\n Crafted ELF binaries may lead to privilege escalation, due to \n insufficient checking of overlapping memory regions. \n\n CVE-2004-1235\n\n A race condition in the load_elf_library() and binfmt_aout() functions\n may allow privilege escalation. \n\n CVE-2005-0504\n\n An integer overflow in the Moxa driver may lead to privilege escalation. \n\nThe following matrix explains which kernel version for which architecture\nfix the problems mentioned above:\n\n Debian 3.0 (woody)\n Source 2.4.18-14.4\n Alpha architecture 2.4.18-15woody1\n Intel IA-32 architecture 2.4.18-13.2\n HP Precision architecture 62.4 \n PowerPC architecture 2.4.18-1woody6\n PowerPC architecture/XFS 20020329woody1 \n PowerPC architecture/benh 20020304woody1\n Sun Sparc architecture 22woody1 \n\nWe recommend that you upgrade your kernel package immediately and reboot\nthe machine. \n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get dist-upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.3 (GNU/Linux)\n\niD8DBQFEb9YGXm3vHE4uyloRAkhXAJ0e1RmUxVZSbQICFa/j07oKPfWRVwCeMrhj\nwYGegwosZg6xi3oI77opLQY=\n=eu/T\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.dsc\n Size/MD5 checksum: 692 27f44a0eec5837b0b01d26c6cff392be\n http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.tar.gz\n Size/MD5 checksum: 27768 6c719a6343c9ea0dad44a736b3842504\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.dsc\n Size/MD5 checksum: 792 d7c89c90fad77944ca1c5a18327f31dd\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.tar.gz\n Size/MD5 checksum: 1013866 21b4b677a7a319442c8fe8a4c72eb4c2\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.dsc\n Size/MD5 checksum: 672 4c353db091e8edc4395e46cf8d39ec42\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.diff.gz\n Size/MD5 checksum: 71071 7012adde9ba9a573e1be66f0d258721a\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19.orig.tar.gz\n Size/MD5 checksum: 32000211 237896fbb45ae652cc9c5cecc9b746da\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.18-sparc_22woody1_all.deb\n Size/MD5 checksum: 1521850 75d23c7c54094b1d25d3b708fd644407\n http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.19-sparc_26woody1_all.deb\n Size/MD5 checksum: 1547874 c6881b25e3a5967e0f6f9c351fb88962\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5_all.deb\n Size/MD5 checksum: 1014564 0e89364c2816f5f4519256a8ea367ab6\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-doc-2.4.19_2.4.19-4.woody3_all.deb\n Size/MD5 checksum: 1785490 c66cef9e87d9a89caeee02af31e3c96d\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3_all.deb\n Size/MD5 checksum: 25902158 321403201a198371fd55c9b8ac4583f7\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u_22woody1_sparc.deb\n Size/MD5 checksum: 3923058 db7bbd997410667bec4ac713d81d60ea\n http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u-smp_22woody1_sparc.deb\n Size/MD5 checksum: 4044796 106fcb86485531d96b4fdada61b71405\n http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u_26woody1_sparc.deb\n Size/MD5 checksum: 3831424 347b0c290989f0cc99f3b336c156f61d\n http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u-smp_26woody1_sparc.deb\n Size/MD5 checksum: 3952220 f7dd8326c0ae0b0dee7c46e24023d0a2\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-headers-2.4.19_2.4.19-0.020911.1.woody5_mips.deb\n Size/MD5 checksum: 3890804 7348a8cd3961190aa2a19f562c96fe2f\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r4k-ip22_2.4.19-0.020911.1.woody5_mips.deb\n Size/MD5 checksum: 2080618 d52d00e7097ae0c8f4ccb6f34656361d\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r5k-ip22_2.4.19-0.020911.1.woody5_mips.deb\n Size/MD5 checksum: 2080830 db7141d3c0d86a43659176f974599cc2\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/mips-tools_2.4.19-0.020911.1.woody5_mips.deb\n Size/MD5 checksum: 15816 c31e3b72d6eac6f3f99f75ea838e0bf9\n\n These files will probably be moved into the stable distribution on\n its next update",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0554"
},
{
"db": "CERT/CC",
"id": "VU#973654"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000225"
},
{
"db": "BID",
"id": "10538"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "VULHUB",
"id": "VHN-8984"
},
{
"db": "PACKETSTORM",
"id": "46506"
},
{
"db": "PACKETSTORM",
"id": "46508"
},
{
"db": "PACKETSTORM",
"id": "46509"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-8984",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8984"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0554",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#973654",
"trust": 3.3
},
{
"db": "BID",
"id": "10538",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "20202",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "20338",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "20162",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "20163",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "11861",
"trust": 1.6
},
{
"db": "XF",
"id": "16412",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000225",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200408-053",
"trust": 0.7
},
{
"db": "DEBIAN",
"id": "DSA-1069",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1070",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1082",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1067",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2004:255",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2004:260",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2004:062",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2004:845",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040620 TSSA-2004-011 - KERNEL",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:9426",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2915",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2004:017",
"trust": 0.6
},
{
"db": "TRUSTIX",
"id": "2004-0034",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2004-186",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200407-02",
"trust": 0.6
},
{
"db": "ENGARDE",
"id": "ESA-20040621-005",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[LINUX-KERNEL] 20040609 TIMER + FPU STUFF LOCKS MY CONSOLE RACE",
"trust": 0.6
},
{
"db": "BID",
"id": "10566",
"trust": 0.3
},
{
"db": "EXPLOIT-DB",
"id": "306",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-8984",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46508",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46509",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973654"
},
{
"db": "VULHUB",
"id": "VHN-8984"
},
{
"db": "BID",
"id": "10538"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000225"
},
{
"db": "PACKETSTORM",
"id": "46506"
},
{
"db": "PACKETSTORM",
"id": "46508"
},
{
"db": "PACKETSTORM",
"id": "46509"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-053"
},
{
"db": "NVD",
"id": "CVE-2004-0554"
}
]
},
"id": "VAR-200406-0158",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8984"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:28:41.684000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "kernel_30",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/kernel_30.html"
},
{
"title": "kernel_se20",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/kernel_se20.html"
},
{
"title": "RHSA-2004:260",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-260.html"
},
{
"title": "RHSA-2004:255",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-255.html"
},
{
"title": "TLSA-2004-18",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2004/tlsa-2004-18.txt"
},
{
"title": "RHSA-2004:260",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-260j.html"
},
{
"title": "RHSA-2004:255",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-255j.html"
},
{
"title": "TLSA-2004-18",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2004/tlsa-2004-18j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000225"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0554"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/10538"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/973654"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"trust": 1.7,
"url": "http://lwn.net/articles/91155/"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:062"
},
{
"trust": 1.7,
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=15905"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2004-255.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2004-260.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/20162"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/20163"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/20202"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/20338"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2004_17_kernel.html"
},
{
"trust": 1.7,
"url": "http://www.trustix.net/errata/2004/0034/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/11861/"
},
{
"trust": 1.6,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/16412"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2915"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9426"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16412"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=108786114032681\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=108793699910896\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=linux-kernel\u0026m=108681568931323\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0554"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0554"
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2004-255.html"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:9426"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=linux-kernel\u0026m=108681568931323\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108793699910896\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108786114032681\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2915"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-260.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-327.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0489"
},
{
"trust": 0.3,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0394"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0427"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0554"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0447"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0124"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0001"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0997"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0565"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-1333"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0984"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0949"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0883"
},
{
"trust": 0.3,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.3,
"url": "http://security.debian.org/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0685"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-1016"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0528"
},
{
"trust": 0.3,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-1017"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-1335"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108786114032681\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000845"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=108793699910896\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=linux-kernel\u0026amp;m=108681568931323\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-doc-2.4.16_2.4.16-1woody3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419woody1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419woody1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-headers-2.4.16_20040419woody1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419woody1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r5k-ip22_2.4.19-0.020911.1.woody5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-doc-2.4.19_2.4.19-4.woody3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u_26woody1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/mips-tools_2.4.19-0.020911.1.woody5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r4k-ip22_2.4.19-0.020911.1.woody5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.18-sparc_22woody1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u-smp_22woody1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-headers-2.4.19_2.4.19-0.020911.1.woody5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u_22woody1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.19-sparc_26woody1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u-smp_26woody1_sparc.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#973654"
},
{
"db": "VULHUB",
"id": "VHN-8984"
},
{
"db": "BID",
"id": "10538"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000225"
},
{
"db": "PACKETSTORM",
"id": "46506"
},
{
"db": "PACKETSTORM",
"id": "46508"
},
{
"db": "PACKETSTORM",
"id": "46509"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-053"
},
{
"db": "NVD",
"id": "CVE-2004-0554"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#973654"
},
{
"db": "VULHUB",
"id": "VHN-8984"
},
{
"db": "BID",
"id": "10538"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000225"
},
{
"db": "PACKETSTORM",
"id": "46506"
},
{
"db": "PACKETSTORM",
"id": "46508"
},
{
"db": "PACKETSTORM",
"id": "46509"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-053"
},
{
"db": "NVD",
"id": "CVE-2004-0554"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-06-15T00:00:00",
"db": "CERT/CC",
"id": "VU#973654"
},
{
"date": "2004-08-06T00:00:00",
"db": "VULHUB",
"id": "VHN-8984"
},
{
"date": "2004-06-14T00:00:00",
"db": "BID",
"id": "10538"
},
{
"date": "2004-06-18T00:00:00",
"db": "BID",
"id": "10566"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000225"
},
{
"date": "2006-05-22T06:29:12",
"db": "PACKETSTORM",
"id": "46506"
},
{
"date": "2006-05-22T06:33:40",
"db": "PACKETSTORM",
"id": "46508"
},
{
"date": "2006-05-22T06:34:27",
"db": "PACKETSTORM",
"id": "46509"
},
{
"date": "2004-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-053"
},
{
"date": "2004-08-06T04:00:00",
"db": "NVD",
"id": "CVE-2004-0554"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-23T00:00:00",
"db": "CERT/CC",
"id": "VU#973654"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-8984"
},
{
"date": "2010-08-05T19:46:00",
"db": "BID",
"id": "10538"
},
{
"date": "2007-01-17T21:30:00",
"db": "BID",
"id": "10566"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000225"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-053"
},
{
"date": "2017-10-11T01:29:28.200000",
"db": "NVD",
"id": "CVE-2004-0554"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "10538"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-053"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel Multiple Device Driver Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "10566"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-053"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "10566"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-053"
}
],
"trust": 0.9
}
}
VAR-200303-0122
Vulnerability from variot - Updated: 2024-03-01 20:03Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. sendmail A buffer overflow vulnerability was discovered in message processing. The vulnerability could allow a third party to gain administrative privileges remotely. This problem, sendmail is caused by receiving a message with maliciously constructed header information. For this reason, LAN is running on a host installed within sendmail Even other MTA (Mail Transfer Agent) You may be affected by the vulnerability if you receive a malicious message relayed from .A third party may be able to remotely obtain administrator privileges. Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component. Successful attackers may exploit this vulnerability to gain control of affected servers. Reportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid. Sendmail 5.2 to 8.12.7 are affected. Administrators are advised to upgrade to 8.12.8 or to apply patches to earlier versions of the 8.12.x tree. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\% to 75\% of the total. Many UNIX and Linux workstations run Sendmail by default. When an email header contains an address or address list (eg \"From\", \"To\", \"CC\"), Sendmail will attempt to check whether the provided address or address list is valid. Sendmail does this using the crackaddr() function, which is located in the headers.c file in the Sendmail source tree. Sendmail will check this buffer and stop adding data to it if it is found to be full. Sendmail goes through several safety checks to ensure that characters are interpreted correctly. On most Unix or Linux systems, Sendmail runs as the root user. Because the attack code can be included in what appears to be a normal email message, it can easily penetrate many common packet filtering devices or firewalls without being detected. Successful exploitation of an unpatched sendmail system leaves no messages in the syslog. However, on patched systems, attempts to exploit this vulnerability leave the following log message: Dropped invalid comments from header address This vulnerability affects both the commercial and open source versions of Sendmail, and is also reported to have been tested in the lab environment has been successfully exploited
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200303-0122",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.6"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "sendmail",
"scope": "gte",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.0"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "gte",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "5.0"
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "4.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "alphaserver sc",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.0"
},
{
"model": "platform sa",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "1.0"
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "alphaserver sc",
"scope": null,
"trust": 0.9,
"vendor": "hp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bsd os",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sco group sco linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sco group sco unixware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sendmail consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xerox",
"version": null
},
{
"model": "bsd/os",
"scope": null,
"trust": 0.8,
"vendor": "\u30d5\u30a9\u30a2 \u30c1\u30e5\u30fc\u30f3",
"version": null
},
{
"model": "ux4800\u30b7\u30ea\u30fc\u30ba",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "sendmail",
"scope": null,
"trust": 0.8,
"vendor": "sendmail consortium",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "sun cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "systemwalker perfmgr",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "teamware office",
"scope": "eq",
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "sun cobalt raq3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "sendmail switch",
"scope": null,
"trust": 0.8,
"vendor": "\u30bb\u30f3\u30c9\u30e1\u30fc\u30eb\u793e",
"version": null
},
{
"model": "up-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "sun cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "interstage collaborationring pm",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "irix",
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": "netbsd",
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": "sun linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "turbolinux workstation",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "unixware",
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": "interstage collaborationring tpm",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "sendmail pro",
"scope": null,
"trust": 0.8,
"vendor": "\u30bb\u30f3\u30c9\u30e1\u30fc\u30eb\u793e",
"version": null
},
{
"model": "sendmail for nt",
"scope": null,
"trust": 0.8,
"vendor": "\u30bb\u30f3\u30c9\u30e1\u30fc\u30eb\u793e",
"version": null
},
{
"model": "turbolinux advanced server",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "systemwalker it budgetmgr",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "apple mac os x",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "aix",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "hi-ux/we2",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
},
{
"model": "open unix",
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": "trendmicro interscan viruswall",
"scope": null,
"trust": 0.8,
"vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
"version": null
},
{
"model": "sun cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "internet navigware server",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "openlinux",
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": "hp-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"model": "interstage office square",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "red hat enterprise linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "sun solaris",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "red hat linux advanced workstation",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "turbolinux server",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "sun cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "red hat linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "ews-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "11.04"
},
{
"model": "river systems platform sa",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "1.0"
},
{
"model": "river systems bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "5.0"
},
{
"model": "river systems bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "4.3.1"
},
{
"model": "river systems bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "4.2"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "lx50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq xtr",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3"
},
{
"model": "cobalt qube",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3"
},
{
"model": "cobalt manageraq3 3000r-mr",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt cacheraq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "freeware",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "1.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "5.65"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "5.61"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "5.59"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.1"
},
{
"model": "open unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "8.0"
},
{
"model": "z/os v1r4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "z/os v1r2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "os/390 v2r8",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "os/390 v2r10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mvs",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "inc sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "inc sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "inc sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "consortium sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "consortium sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "consortium sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "consortium sendmail",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "gnu/*/linux",
"scope": "ne",
"trust": 0.3,
"vendor": "openwall",
"version": "1.0"
},
{
"model": "networks junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "networks junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.11.6",
"versionStartIncluding": "8.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.9.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.12.8",
"versionStartIncluding": "8.12.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:alphaserver_sc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:platform_sa:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISS X-Force\u203b xforce@iss.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1337",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2002-1337",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-5722",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1337",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#398025",
"trust": 0.8,
"value": "66.00"
},
{
"author": "CNNVD",
"id": "CNNVD-200303-038",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-5722",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. sendmail A buffer overflow vulnerability was discovered in message processing. The vulnerability could allow a third party to gain administrative privileges remotely. This problem, sendmail is caused by receiving a message with maliciously constructed header information. For this reason, LAN is running on a host installed within sendmail Even other MTA (Mail Transfer Agent) You may be affected by the vulnerability if you receive a malicious message relayed from .A third party may be able to remotely obtain administrator privileges. Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component. Successful attackers may exploit this vulnerability to gain control of affected servers. \nReportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid. \nSendmail 5.2 to 8.12.7 are affected. Administrators are advised to upgrade to 8.12.8 or to apply patches to earlier versions of the 8.12.x tree. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\\\\% to 75\\\\% of the total. Many UNIX and Linux workstations run Sendmail by default. When an email header contains an address or address list (eg \\\"From\\\", \\\"To\\\", \\\"CC\\\"), Sendmail will attempt to check whether the provided address or address list is valid. Sendmail does this using the crackaddr() function, which is located in the headers.c file in the Sendmail source tree. Sendmail will check this buffer and stop adding data to it if it is found to be full. Sendmail goes through several safety checks to ensure that characters are interpreted correctly. On most Unix or Linux systems, Sendmail runs as the root user. Because the attack code can be included in what appears to be a normal email message, it can easily penetrate many common packet filtering devices or firewalls without being detected. Successful exploitation of an unpatched sendmail system leaves no messages in the syslog. However, on patched systems, attempts to exploit this vulnerability leave the following log message: Dropped invalid comments from header address This vulnerability affects both the commercial and open source versions of Sendmail, and is also reported to have been tested in the lab environment has been successfully exploited",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1337"
},
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "VULHUB",
"id": "VHN-5722"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5722",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5722"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1337",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#398025",
"trust": 3.3
},
{
"db": "BID",
"id": "6991",
"trust": 2.8
},
{
"db": "XF",
"id": "10748",
"trust": 1.4
},
{
"db": "XF",
"id": "11653",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038",
"trust": 0.7
},
{
"db": "CALDERA",
"id": "CSSA-2003-SCO.5",
"trust": 0.6
},
{
"db": "CALDERA",
"id": "CSSA-2003-SCO.6",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:074",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:073",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:227",
"trust": 0.6
},
{
"db": "HP",
"id": "HPSBUX0302-246",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030303 FWD: APPLE-SA-2003-03-03 SENDMAIL",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030304 [LSD] TECHNICAL ANALYSIS OF THE REMOTE SENDMAIL VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030304 GLSA: SENDMAIL (200303-4)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030303 SENDMAIL 8.12.8 AVAILABLE",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-07",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2222",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "IY40500",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "IY40502",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "IY40501",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2003:571",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:028",
"trust": 0.6
},
{
"db": "SGI",
"id": "20030301-01-P",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-257",
"trust": 0.6
},
{
"db": "ISS",
"id": "20030303 REMOTE SENDMAIL HEADER PROCESSING VULNERABILITY",
"trust": 0.6
},
{
"db": "NETBSD",
"id": "NETBSD-SA2003-002",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-76118",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76119",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22314",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22313",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "411",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5722",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"id": "VAR-200303-0122",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5722"
}
],
"trust": 0.41392874999999996
},
"last_update_date": "2024-03-01T20:03:34.039000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HS03-001 Fujitsu CERT\u00a0Advisory information",
"trust": 0.8,
"url": "http://www.debian.org/security/2003/dsa-257"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.iss.net/issen/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"trust": 2.8,
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"trust": 2.8,
"url": "http://www.cert.org/advisories/ca-2003-07.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/6991"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=iy40500\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=iy40501\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=iy40502\u0026apar=only"
},
{
"trust": 1.7,
"url": "ftp://ftp.sco.com/pub/updates/unixware/cssa-2003-sco.5"
},
{
"trust": 1.7,
"url": "ftp://ftp.sco.com/pub/updates/openserver/cssa-2003-sco.6"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"trust": 1.7,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2003:028"
},
{
"trust": 1.7,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2003-002.txt.asc"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-073.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-074.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-227.html"
},
{
"trust": 1.7,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-p"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"trust": 1.1,
"url": "http://www.sendmail.org"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2222"
},
{
"trust": 0.8,
"url": "http://www.sendmail.com/security/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.org/archive/1/313757/2003-03-01/2003-03-07/0"
},
{
"trust": 0.8,
"url": "http://www.nipc.gov/warnings/advisories/2003/03-004.htm"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-07"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1337"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2003/at030002.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031001.txt"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030314_190827.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030305_170302.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20030303sendmail.html"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-048.shtml"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/sendmailheader_xforce.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/10748"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/11653"
},
{
"trust": 0.6,
"url": "http://ftp.support.compaq.com/patches/public/readmes/unix/t64v51ab21-c0103500-17099-es-20030226.readme"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2222"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2003.0794.1"
},
{
"trust": 0.3,
"url": "http://www.slackware.org/lists/archive/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.286398"
},
{
"trust": 0.3,
"url": "http://www.sendmail.org/"
},
{
"trust": 0.3,
"url": "ftp://ftp1.support.compaq.com/public/unix/v4.0g/t64v40gb17-c0028100-16887-es-20030211.readme"
},
{
"trust": 0.3,
"url": "ftp://ftp1.support.compaq.com/public/unix/v4.0f/duv40fb18-c0092200-16888-es-20030211.readme"
},
{
"trust": 0.3,
"url": "http://ftp1.support.compaq.com/public/unix/v5.0a/t64v50ab17-c0031300-16884-es-20030211.readme"
},
{
"trust": 0.3,
"url": "ftp://ftp1.support.compaq.com/public/unix/v5.1/t64v51b19-c0169100-16882-es-20030211.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/readmes/unix/t64v51bb1-c0003900-16874-es-20030211.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/readmes/unix/t64v51b20-c0169800-16980-es-20030218.readme"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51181"
},
{
"trust": 0.3,
"url": "http://www.sendmail.com"
},
{
"trust": 0.3,
"url": "/archive/1/313757"
},
{
"trust": 0.3,
"url": "/archive/1/313795"
},
{
"trust": 0.3,
"url": "/archive/1/313841"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-03T00:00:00",
"db": "CERT/CC",
"id": "VU#398025"
},
{
"date": "2003-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-5722"
},
{
"date": "2003-03-02T00:00:00",
"db": "BID",
"id": "6991"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"date": "2003-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"date": "2003-03-07T05:00:00",
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-15T00:00:00",
"db": "CERT/CC",
"id": "VU#398025"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-5722"
},
{
"date": "2007-09-22T00:30:00",
"db": "BID",
"id": "6991"
},
{
"date": "2024-03-01T01:52:00",
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"date": "2006-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"date": "2024-02-09T03:19:11.660000",
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Remote Buffer Overflow in Sendmail",
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6991"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
}
],
"trust": 0.9
}
}
VAR-200308-0014
Vulnerability from variot - Updated: 2024-02-28 22:37Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. A function originally derived from 4.4BSD, realpath(3), contains a vulnerability that may permit a malicious user to gain root access to the server. This function was derived from the FreeBSD 3.x tree. Other applications and operating systems that use or were derived from this code base may be affected. This problem was originally reported to affect WU-FTPd. It has been discoved to affect various BSD implementations as well. WU-FTPD is implemented in fb_realpath() In the function, the size of the buffer for handling the path is MAXPATHLEN However, the length of the path actually delivered is longer than that. (MAXPATHLEN+1) , one shift (off-by-one) A buffer overflow vulnerability exists.root Arbitrary commands may be executed with sufficient privileges. The 'realpath()' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that was reported to affect the implementation of 'realpath()' in WU-FTPD has lead to the discovery that at least one implementation of the C library is also vulnerable. FreeBSD has announced that the off-by-one stack- buffer-overflow vulnerability is present in their libc. Other systems are also likely vulnerable. Reportedly, this vulnerability has been successfully exploited against WU-FTPD to execute arbitrary instructions. NOTE: Patching the C library alone may not remove all instances of this vulnerability. Statically linked programs may need to be rebuilt with a patched version of the C library. Also, some applications may implement their own version of 'realpath()'. These applications would require their own patches. FreeBSD has published a large list of applications that use 'realpath()'. Administrators of FreeBSD and other systems are urged to review it. For more information, see the advisory 'FreeBSD-SA-03:08.realpath'. The realpath(3) function is used to determine the absolute path name of the rule in the given path name. The realpath(3) function is part of the FreeBSD standard C language library file. If the parsed pathname is 1024 bytes long and contains two directory separators, the buffer passed to the realpath(3) function can be overwritten with a single NUL byte. Applications that typically use the realpath(3) function can cause denial of service, or execute arbitrary code and privilege escalation attacks. sftp-server(8) is part of OpenSSH, and realpath(3) is used to process the chdir command. 1 cdparanoia-3.9. Synopsis: wu-ftpd fb_realpath() off-by-one bug Product: wu-ftpd Version: 2.5.0 <= 2.6.2 Vendor: http://www.wuftpd.org/
URL: http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0466 Author: Wojciech Purczynski cliph@isec.pl Janusz Niewiadomski funkysh@isec.pl Date: July 31, 2003
Issue:
Wu-ftpd FTP server contains remotely exploitable off-by-one bug. A local or remote attacker could exploit this vulnerability to gain root privileges on a vulnerable system.
Details:
An off-by-one bug exists in fb_realpath() function. The overflowed buffer lies on the stack.
The bug results from misuse of rootd variable in the calculation of length of a concatenated string:
------8<------cut-here------8<------ / * Join the two strings together, ensuring that the right thing * happens if the last component is empty, or the dirname is root. / if (resolved[0] == '/' && resolved[1] == '\0') rootd = 1; else rootd = 0;
if (*wbuf) {
if (strlen(resolved) + strlen(wbuf) + rootd + 1 > MAXPATHLEN) {
errno = ENAMETOOLONG;
goto err1;
}
if (rootd == 0)
(void) strcat(resolved, "/");
(void) strcat(resolved, wbuf);
}
------8<------cut-here------8<------
Since the path is constructed from current working directory and a file name specified as an parameter to various FTP commands attacker needs to create deep directory structure. This may occur for example if wu-ftpd is compiled with some versions of Linux kernel where PATH_MAX (and MAXPATHLEN accordingly) is defined to be exactly 4095 characters. In such cases, the buffer is padded with an extra byte because of variable alignment which is a result of code optimization.
Linux 2.2.x and some early 2.4.x kernel versions defines PATH_MAX to be 4095 characters, thus only wu-ftpd binaries compiled on 2.0.x or later 2.4.x kernels are affected. We believe that exploitation of other little-endian systems is also possible.
Impact:
Authenticated local user or anonymous FTP user with write-access could execute arbitrary code with root privileges.
Vendor Status:
June 1, 2003 security@wu-ftpd.org has been notified June 9, 2003 Request for confirmation of receipt sent to security@wu-ftpd.org June 11, 2003 Response received from Kent Landfield July 3, 2003 Request for status update sent July 19, 2003 vendor-sec list notified July 31, 2003 Coordinated public disclosure
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0466 to this issue.
-- Janusz Niewiadomski iSEC Security Research http://isec.pl/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200308-0014",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "solaris",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "9.0"
},
{
"model": "wu ftpd",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.6.1-16"
},
{
"model": "freebsd",
"scope": "lte",
"trust": 1.0,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "netbsd",
"scope": "gte",
"trust": 1.0,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "openbsd",
"scope": "gte",
"trust": 1.0,
"vendor": "openbsd",
"version": "2.0"
},
{
"model": "netbsd",
"scope": "lte",
"trust": 1.0,
"vendor": "netbsd",
"version": "1.6.1"
},
{
"model": "freebsd",
"scope": "gte",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "wu-ftpd",
"scope": "lte",
"trust": 1.0,
"vendor": "wuftpd",
"version": "2.6.2"
},
{
"model": "wu-ftpd",
"scope": "gte",
"trust": 1.0,
"vendor": "wuftpd",
"version": "2.5.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "openbsd",
"scope": "lte",
"trust": 1.0,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "immunix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wu ftpd group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.2"
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.3"
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.1"
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "8.0"
},
{
"model": "wu-ftpd",
"scope": null,
"trust": 0.8,
"vendor": "university of washington",
"version": null
},
{
"model": "hp-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"model": "asianux server",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30a4\u30d0\u30fc\u30c8\u30e9\u30b9\u30c8\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "university wu-ftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "washington",
"version": "2.6.2"
},
{
"model": "university wu-ftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "washington",
"version": "2.6.1"
},
{
"model": "university wu-ftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "washington",
"version": "2.6.0"
},
{
"model": "university wu-ftpd",
"scope": "eq",
"trust": 0.3,
"vendor": "washington",
"version": "2.5.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.9.1"
},
{
"model": "wu-ftpd-2.6.2-8.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "wu-ftpd-2.6.2-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "wu-ftpd-2.6.1-18.ia64.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "wu-ftpd-2.6.1-18.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "wu-ftpd-2.6.1-16.ppc.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "wu-ftpd-2.6.1-16.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.9"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.7"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.6"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.4"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "-stablepre2001-07-20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#743092"
},
{
"db": "BID",
"id": "8315"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000237"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-136"
},
{
"db": "NVD",
"id": "CVE-2003-0466"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:wu_ftpd:2.6.1-16:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:wu_ftpd:2.6.1-16:*:powerpc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:washington_university:wu-ftpd:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:washington_university:wu-ftpd:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:wu_ftpd:2.6.1-18:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:wu_ftpd:2.6.1-18:*:ia64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:washington_university:wu-ftpd:2.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:washington_university:wu-ftpd:2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:wu_ftpd:2.6.2-5:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:wu_ftpd:2.6.2-8:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.8:pre-release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0466"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Janusz Niewiadomski\u203b funkysh@isec.pl\u203bWojciech Purczynski\u203b cliph@isec.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200308-136"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0466",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2003-0466",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-7294",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2003-0466",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0466",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#743092",
"trust": 0.8,
"value": "6.75"
},
{
"author": "CNNVD",
"id": "CNNVD-200308-136",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-7294",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#743092"
},
{
"db": "VULHUB",
"id": "VHN-7294"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000237"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-136"
},
{
"db": "NVD",
"id": "CVE-2003-0466"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. A function originally derived from 4.4BSD,\u00a0realpath(3), contains a vulnerability that may permit a malicious user to gain root access to the server. This function was derived from the FreeBSD 3.x tree. Other applications and operating systems that use or were derived from this code base may be affected. This problem was originally reported to affect WU-FTPd. It has been discoved to affect various BSD implementations as well. WU-FTPD is implemented in fb_realpath() In the function, the size of the buffer for handling the path is MAXPATHLEN However, the length of the path actually delivered is longer than that. (MAXPATHLEN+1) , one shift (off-by-one) A buffer overflow vulnerability exists.root Arbitrary commands may be executed with sufficient privileges. The \u0027realpath()\u0027 function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as \u0027/\u0027, \u0027./\u0027, \u0027../\u0027, or symbolic links. A vulnerability that was reported to affect the implementation of \u0027realpath()\u0027 in WU-FTPD has lead to the discovery that at least one implementation of the C library is also vulnerable. FreeBSD has announced that the off-by-one stack- buffer-overflow vulnerability is present in their libc. Other systems are also likely vulnerable. \nReportedly, this vulnerability has been successfully exploited against WU-FTPD to execute arbitrary instructions. \nNOTE: Patching the C library alone may not remove all instances of this vulnerability. Statically linked programs may need to be rebuilt with a patched version of the C library. Also, some applications may implement their own version of \u0027realpath()\u0027. These applications would require their own patches. FreeBSD has published a large list of applications that use \u0027realpath()\u0027. Administrators of FreeBSD and other systems are urged to review it. For more information, see the advisory \u0027FreeBSD-SA-03:08.realpath\u0027. The realpath(3) function is used to determine the absolute path name of the rule in the given path name. The realpath(3) function is part of the FreeBSD standard C language library file. If the parsed pathname is 1024 bytes long and contains two directory separators, the buffer passed to the realpath(3) function can be overwritten with a single NUL byte. Applications that typically use the realpath(3) function can cause denial of service, or execute arbitrary code and privilege escalation attacks. sftp-server(8) is part of OpenSSH, and realpath(3) is used to process the chdir command. 1 cdparanoia-3.9. \nSynopsis:\twu-ftpd fb_realpath() off-by-one bug\nProduct:\twu-ftpd\nVersion: \t2.5.0 \u003c= 2.6.2\nVendor:\t\thttp://www.wuftpd.org/\n\nURL:\t\thttp://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt\nCVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0466\nAuthor:\t\tWojciech Purczynski \u003ccliph@isec.pl\u003e\n\t\tJanusz Niewiadomski \u003cfunkysh@isec.pl\u003e\nDate:\t\tJuly 31, 2003 \n\n\nIssue:\n======\n\nWu-ftpd FTP server contains remotely exploitable off-by-one bug. A local\nor remote attacker could exploit this vulnerability to gain root\nprivileges on a vulnerable system. \n\n\nDetails:\n========\n\nAn off-by-one bug exists in fb_realpath() function. \nThe overflowed buffer lies on the stack. \n\nThe bug results from misuse of rootd variable in the calculation of\nlength of a concatenated string:\n\n------8\u003c------cut-here------8\u003c------\n /*\n * Join the two strings together, ensuring that the right thing\n * happens if the last component is empty, or the dirname is root. \n */\n if (resolved[0] == \u0027/\u0027 \u0026\u0026 resolved[1] == \u0027\\0\u0027)\n rootd = 1;\n else\n rootd = 0;\n\n if (*wbuf) {\n if (strlen(resolved) + strlen(wbuf) + rootd + 1 \u003e MAXPATHLEN) {\n errno = ENAMETOOLONG;\n goto err1;\n }\n if (rootd == 0)\n (void) strcat(resolved, \"/\");\n (void) strcat(resolved, wbuf);\n }\n------8\u003c------cut-here------8\u003c------\n\nSince the path is constructed from current working directory and a file\nname specified as an parameter to various FTP commands attacker needs to\ncreate deep directory structure. This may occur for example if wu-ftpd is compiled\nwith some versions of Linux kernel where PATH_MAX (and MAXPATHLEN \naccordingly) is defined to be exactly 4095 characters. In such cases,\nthe buffer is padded with an extra byte because of variable alignment \nwhich is a result of code optimization. \n\nLinux 2.2.x and some early 2.4.x kernel versions defines PATH_MAX to be \n4095 characters, thus only wu-ftpd binaries compiled on 2.0.x or later 2.4.x\nkernels are affected. We believe that exploitation of other\nlittle-endian systems is also possible. \n \n\nImpact:\n=======\n\nAuthenticated local user or anonymous FTP user with write-access could\nexecute arbitrary code with root privileges. \n\n\nVendor Status:\n==============\n\nJune 1, 2003\tsecurity@wu-ftpd.org has been notified\nJune 9, 2003\tRequest for confirmation of receipt sent to security@wu-ftpd.org\nJune 11, 2003\tResponse received from Kent Landfield\nJuly 3, 2003 Request for status update sent\nJuly 19, 2003\tvendor-sec list notified\nJuly 31, 2003\tCoordinated public disclosure\n\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0466 to this issue. \n\n-- \nJanusz Niewiadomski\niSEC Security Research\nhttp://isec.pl/\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0466"
},
{
"db": "CERT/CC",
"id": "VU#743092"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000237"
},
{
"db": "BID",
"id": "8315"
},
{
"db": "VULHUB",
"id": "VHN-7294"
},
{
"db": "PACKETSTORM",
"id": "31479"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-7294",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7294"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0466",
"trust": 3.7
},
{
"db": "CERT/CC",
"id": "VU#743092",
"trust": 3.3
},
{
"db": "BID",
"id": "8315",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "9423",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "9447",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "9446",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "9535",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1007380",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "6602",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "9406",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000237",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200308-136",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20030731 WU-FTPD FB_REALPATH() OFF-BY-ONE BUG",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030804 WU-FTPD-2.6.2 OFF-BY-ONE REMOTE EXPLOIT.",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060214 RE: LATEST WU-FTPD EXPLOIT :-S",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060213 LATEST WU-FTPD EXPLOIT :-S",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030804 OFF-BY-ONE BUFFER OVERFLOW VULNERABILITY IN BSD LIBC REALPATH(3)",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:245",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:246",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20030731 WU-FTPD FB_REALPATH() OFF-BY-ONE BUG",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2003:032",
"trust": 0.6
},
{
"db": "NETBSD",
"id": "NETBSD-SA2003-011.TXT.ASC",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "1001257",
"trust": 0.6
},
{
"db": "TURBO",
"id": "TLSA-2003-46",
"trust": 0.6
},
{
"db": "IMMUNIX",
"id": "IMNX-2003-7+-019-01",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:080",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:1970",
"trust": 0.6
},
{
"db": "XF",
"id": "12785",
"trust": 0.6
},
{
"db": "FREEBSD",
"id": "FREEBSD-SA-03:08",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-357",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31479",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "22976",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22974",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22975",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-62739",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76759",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76761",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76760",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-7294",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#743092"
},
{
"db": "VULHUB",
"id": "VHN-7294"
},
{
"db": "BID",
"id": "8315"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000237"
},
{
"db": "PACKETSTORM",
"id": "31479"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-136"
},
{
"db": "NVD",
"id": "CVE-2003-0466"
}
]
},
"id": "VAR-200308-0014",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7294"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-28T22:37:56.784000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "245",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/wu-ftpd.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000237"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-193",
"trust": 1.0
},
{
"problemtype": "Determination of boundary conditions (CWE-193) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000237"
},
{
"db": "NVD",
"id": "CVE-2003-0466"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/8315"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/743092"
},
{
"trust": 2.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2003-011.txt.asc"
},
{
"trust": 2.0,
"url": "http://www.turbolinux.com/security/tlsa-2003-46.txt"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/424852/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/425061/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2003/dsa-357"
},
{
"trust": 1.7,
"url": "http://download.immunix.org/immunixos/7+/updates/errata/imnx-2003-7+-019-01"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:080"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/6602"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-245.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-246.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1007380"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/9423"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/9446"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/9447"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/9535"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1970"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12785"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=105967301604815\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106001410028809\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106001702232325\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=106002488209129\u0026w=2"
},
{
"trust": 0.9,
"url": "http://www.wuftpd.org/"
},
{
"trust": 0.8,
"url": "http://www.secunia.com/advisories/9406/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0466"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/12785"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106002488209129\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106001702232325\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106001410028809\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=105967301604815\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1970"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56121"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://www.wu-ftpd.org"
},
{
"trust": 0.3,
"url": "/archive/1/331295"
},
{
"trust": 0.3,
"url": "/archive/1/331723"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=105967301604815\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106002488209129\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106001702232325\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106001410028809\u0026amp;w=2"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0466"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0466"
},
{
"trust": 0.1,
"url": "http://isec.pl/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#743092"
},
{
"db": "VULHUB",
"id": "VHN-7294"
},
{
"db": "BID",
"id": "8315"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000237"
},
{
"db": "PACKETSTORM",
"id": "31479"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-136"
},
{
"db": "NVD",
"id": "CVE-2003-0466"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#743092"
},
{
"db": "VULHUB",
"id": "VHN-7294"
},
{
"db": "BID",
"id": "8315"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000237"
},
{
"db": "PACKETSTORM",
"id": "31479"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-136"
},
{
"db": "NVD",
"id": "CVE-2003-0466"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#743092"
},
{
"date": "2003-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-7294"
},
{
"date": "2003-07-31T00:00:00",
"db": "BID",
"id": "8315"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000237"
},
{
"date": "2003-08-05T16:57:23",
"db": "PACKETSTORM",
"id": "31479"
},
{
"date": "2003-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200308-136"
},
{
"date": "2003-08-27T04:00:00",
"db": "NVD",
"id": "CVE-2003-0466"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-08-15T00:00:00",
"db": "CERT/CC",
"id": "VU#743092"
},
{
"date": "2018-05-03T00:00:00",
"db": "VULHUB",
"id": "VHN-7294"
},
{
"date": "2007-05-15T19:08:00",
"db": "BID",
"id": "8315"
},
{
"date": "2024-02-28T04:21:00",
"db": "JVNDB",
"id": "JVNDB-2003-000237"
},
{
"date": "2007-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200308-136"
},
{
"date": "2024-02-08T15:50:15.020000",
"db": "NVD",
"id": "CVE-2003-0466"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200308-136"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "realpath(3) function contains off-by-one buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#743092"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "8315"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-136"
}
],
"trust": 0.9
}
}
VAR-200203-0011
Vulnerability from variot - Updated: 2024-02-26 22:51Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. OpenSSH is a program used to provide secure connection and communications between client and servers. Channels are used to segregate differing traffic between the client and the server. OpenSSH is a suite implementing the SSH protocol. It includes client and server software, and supports ssh and sftp. It was initially developed for BSD, but is also widely used for Linux, Solaris, and other UNIX-like operating systems. A vulnerability has been announced in some versions of OpenSSH. A malicious client may exploit this vulnerability by connecting to a vulnerable server. Valid credentials are believed to be required, since the exploitable condition reportedly occurs after successful authentication. An examination of the code suggests this, but it has not been confirmed by the maintainer. Administrators should assume that this can be exploited without authentication and should patch vulnerable versions immediately. It encrypts and transmits all network communications, thereby avoiding attacks at many network layers, and is a very useful network connection tool. A user with a legal login account can use this vulnerability to obtain the root authority of the host. To implement X11, TCP and proxy forwarding, OpenSSH multiplexes multiple "channels" on a single TCP connection. The program may mistakenly use memory data outside the normal range, and an attacker with a legitimate login account logs in After entering the system, this vulnerability can be exploited to allow sshd to execute arbitrary commands with root privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200203-0011",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "1.0.1"
},
{
"model": "openssh",
"scope": "lt",
"trust": 1.0,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.0,
"vendor": "trustix",
"version": "1.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "7.0"
},
{
"model": "mandrake single network firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "7.2"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.0,
"vendor": "engardelinux",
"version": "1.0.1"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "ecommerce"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "graficas"
},
{
"model": "openssh",
"scope": "gte",
"trust": 1.0,
"vendor": "openbsd",
"version": "2.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 1.0,
"vendor": "openpkg",
"version": "1.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.0,
"vendor": "trustix",
"version": "1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7.1"
},
{
"model": "immunix",
"scope": "eq",
"trust": 1.0,
"vendor": "immunix",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.0,
"vendor": "trustix",
"version": "1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "6.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "5.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bsdi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "caldera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engarde",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix",
"version": null
},
{
"model": "hp-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.0"
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.2"
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.1"
},
{
"model": "openssh",
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.2"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.2"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.1"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.9.9"
},
{
"model": "p2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.9"
},
{
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.9"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.9"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.5.2"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.5.1"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.5"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.3"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.2"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.1.1"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.8"
},
{
"model": "openssh",
"scope": "ne",
"trust": 0.3,
"vendor": "openssh",
"version": "3.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:graficas:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openpkg:openpkg:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:ecommerce:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joost Pol\u203b joost@pine.nl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0083",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2002-0083",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-4478",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2002-0083",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0083",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#408419",
"trust": 0.8,
"value": "25.65"
},
{
"author": "CNNVD",
"id": "CNNVD-200203-034",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-4478",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. OpenSSH is a program used to provide secure connection and communications between client and servers. Channels are used to segregate differing traffic between the client and the server. OpenSSH is a suite implementing the SSH protocol. It includes client and server software, and supports ssh and sftp. It was initially developed for BSD, but is also widely used for Linux, Solaris, and other UNIX-like operating systems. \nA vulnerability has been announced in some versions of OpenSSH. A malicious client may exploit this vulnerability by connecting to a vulnerable server. Valid credentials are believed to be required, since the exploitable condition reportedly occurs after successful authentication. An examination of the code suggests this, but it has not been confirmed by the maintainer. \nAdministrators should assume that this can be exploited without authentication and should patch vulnerable versions immediately. It encrypts and transmits all network communications, thereby avoiding attacks at many network layers, and is a very useful network connection tool. A user with a legal login account can use this vulnerability to obtain the root authority of the host. To implement X11, TCP and proxy forwarding, OpenSSH multiplexes multiple \"channels\" on a single TCP connection. The program may mistakenly use memory data outside the normal range, and an attacker with a legitimate login account logs in After entering the system, this vulnerability can be exploited to allow sshd to execute arbitrary commands with root privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0083"
},
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "VULHUB",
"id": "VHN-4478"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-4478",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4478"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0083",
"trust": 3.6
},
{
"db": "BID",
"id": "4241",
"trust": 3.0
},
{
"db": "CERT/CC",
"id": "VU#408419",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "730",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "21314",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-75148",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-4478",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"id": "VAR-200203-0011",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4478"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-26T22:51:43.141000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "043",
"trust": 0.8,
"url": "http://www.openbsd.org/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-193",
"trust": 1.0
},
{
"problemtype": "Determination of boundary conditions (CWE-193) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-189",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/4241"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
},
{
"trust": 1.1,
"url": "http://online.securityfocus.com/archive/1/264657"
},
{
"trust": 1.1,
"url": "http://www.calderasystems.com/support/security/advisories/cssa-2002-012.0.txt"
},
{
"trust": 1.1,
"url": "ftp://stage.caldera.com/pub/security/openserver/cssa-2002-sco.10/cssa-2002-sco.10.txt"
},
{
"trust": 1.1,
"url": "ftp://stage.caldera.com/pub/security/openunix/cssa-2002-sco.11/cssa-2002-sco.11.txt"
},
{
"trust": 1.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2002/dsa-119"
},
{
"trust": 1.1,
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
},
{
"trust": 1.1,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-02:13.openssh.asc"
},
{
"trust": 1.1,
"url": "http://online.securityfocus.com/advisories/3960"
},
{
"trust": 1.1,
"url": "http://www.linux-mandrake.com/en/security/2002/mdksa-2002-019.php"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2002-004.txt.asc"
},
{
"trust": 1.1,
"url": "http://www.osvdb.org/730"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2002-043.html"
},
{
"trust": 1.1,
"url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
},
{
"trust": 1.1,
"url": "http://www.iss.net/security_center/static/8383.php"
},
{
"trust": 0.8,
"url": "http://www.pine.nl/advisories/pine-cert-20020301.txt"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/4241"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0083"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/408419"
},
{
"trust": 0.3,
"url": "http://support.coresecurity.com/impact/exploits/44711fd6971e717073942524961d8e3e.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-03-07T00:00:00",
"db": "CERT/CC",
"id": "VU#408419"
},
{
"date": "2002-03-15T00:00:00",
"db": "VULHUB",
"id": "VHN-4478"
},
{
"date": "2002-03-07T00:00:00",
"db": "BID",
"id": "4241"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"date": "2002-03-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"date": "2002-03-15T05:00:00",
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-04-02T00:00:00",
"db": "CERT/CC",
"id": "VU#408419"
},
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-4478"
},
{
"date": "2007-11-05T15:25:00",
"db": "BID",
"id": "4241"
},
{
"date": "2024-02-26T07:51:00",
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"date": "2006-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"date": "2024-02-02T02:52:51.803000",
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSH contains a one-off overflow of an array in the channel handling code",
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
}
],
"trust": 0.6
}
}
VAR-200108-0064
Vulnerability from variot - Updated: 2023-12-18 13:21Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. This vulnerability is now being actively exploited. A worm is known to be circulating around the Internet. Exposure:
Remote root compromise through buffer handling flaws
Confirmed vulnerable:
Up-to-date Debian 3.0 woody (issue is Debian-specific) Debian netkit-telnet-ssl-0.17.24+0.1 package Debian netkit-telnet-ssl-0.17.17+0.1 package
Mitigating factors:
Telnet service must be running and accessible to the attacker. Nowadays, telnet service presence on newly deployed Linux hosts is relatively low. The service is still used for LAN access from other unix platforms, and to host various non-shell services (such as MUDs).
Problem description:
Netkit telnetd implementation shipped with Debian Linux appears to be lacking the AYT vulnerability patch. This patch was devised by Red Hat (?) and incorporated into Debian packages, but later dropped.
This exposes the platform to a remote root problem discovered by scut of TESO back in 2001 (CVE-2001-0554), as well as to other currently unpublished flaws associated with the old buffer handling code, and elliminated by the Red Hat's overhaul of buffer handling routines.
Based on a review of package changelogs, my best guess is that the patch was accidentally dropped by Christoph Martin in December 2001, but I have not researched the matter any further.
Vendor response:
I have contacted Debian security staff on August 29, and received a confirmation of the problem from Matt Zimmerman shortly thereafter.
Since this is not a new flaw, I did not plan to release my own advisory, hoping they will release a DSA bulletin and fix the problem. Three weeks have passed, however, and Debian did not indicate any clear intent to release the information any time soon. They did release nine other advisories in the meantime, some of which were of lesser importance.
As such, I believe it is a good idea to bring the problem to public attention, particularly since those running telnetd were and are, unbeknownst to them, vulnerable to existing exploits.
Workaround:
Disable telnet service if not needed; manually apply Red Hat netkit patches, or compile the daemon from Red Hat sources.
Note that netkit as such is no longer maintained by the author, and hence obtaining the most recent source tarball (0.17) is NOT sufficient. You may also examine other less popular telnetd implementations, but be advised that almost all are heavily based on the original code, and not always up-to-date with security fixes for that codebase.
PS. Express your outrage: http://eprovisia.coredump.cx
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200108-0064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "catalyst csx",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "60005.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.9,
"vendor": "netbsd",
"version": "1.3.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.9,
"vendor": "netbsd",
"version": "1.3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.9,
"vendor": "netbsd",
"version": "1.2"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 1.5,
"vendor": "cisco",
"version": "30002.5.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.7"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.6"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.4"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "2.0"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 1.3,
"vendor": "netkit",
"version": "0.12"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 1.3,
"vendor": "netkit",
"version": "0.11"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 1.3,
"vendor": "netkit",
"version": "0.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.3.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.0"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.7.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.4"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "2.2"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.3"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.0.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.1"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.2.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "kerberos 5",
"scope": "eq",
"trust": 1.0,
"vendor": "mit",
"version": "1.1.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.6.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.0.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.8"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.2"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.3"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.2.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "7.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "60006.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "60005.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "50006.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "40006.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "40005.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bsdi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "caldera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mit kerberos team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "redhat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.5.1 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.5.1 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.24"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "30003.0.3"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "50005.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "40005.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "40005.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "8.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.5"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.17"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.16"
},
{
"model": "linux netkit",
"scope": "eq",
"trust": 0.3,
"vendor": "netkit",
"version": "0.14"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.2"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.2"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.1.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.1"
},
{
"model": "kerberos",
"scope": "eq",
"trust": 0.3,
"vendor": "mit",
"version": "51.0"
},
{
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux sis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.x"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.x"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0"
},
{
"model": "vpn concentrator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30002.0"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.1"
},
{
"model": "catalyst pan",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.3"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2(0.111)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.2(0.110)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.1(2.13)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.4"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.4(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(9)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(8)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(5)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(12)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(11)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5(10)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4.1"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.4"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(5)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.2(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.1(1)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(9)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(8)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(7)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(6)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(5)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(4)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(3)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(2)"
},
{
"model": "catalyst",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40004.5(10)"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.2"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.1"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0.1"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "bsdi",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "openbsd",
"scope": "ne",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.9"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.6"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.5"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.4"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.3"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.2"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.5"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.4"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.2"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.1"
},
{
"model": "vpn concentrator",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "30003.0.4"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8500"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60007.1(2)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60006.3(4)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "60005.5(13)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50006.3(4)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.5(13)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50004.5"
},
{
"model": "catalyst 4908g-l3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 4840g",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4800"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4200"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40007.1(2)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40006.3(4)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "40005.5(13)"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3900"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3550"
},
{
"model": "catalyst xl",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3500"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2950"
},
{
"model": "catalyst 2948g-l3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst xl",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "catalyst lre xl",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2900"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2820"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "catalyst",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netkit:linux_netkit:0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netkit:linux_netkit:0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netkit:linux_netkit:0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2:current:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0554"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TESO Security Advisory",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
],
"trust": 0.6
},
"cve": "CVE-2001-0554",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2001-0554",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2001-0554",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#745371",
"trust": 0.8,
"value": "74.81"
},
{
"author": "CNNVD",
"id": "CNNVD-200108-082",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2001-0554",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. \nThis vulnerability is now being actively exploited. A worm is known to be circulating around the Internet. \nExposure:\n\n Remote root compromise through buffer handling flaws\n\nConfirmed vulnerable:\n\n Up-to-date Debian 3.0 woody (issue is Debian-specific)\n Debian netkit-telnet-ssl-0.17.24+0.1 package\n Debian netkit-telnet-ssl-0.17.17+0.1 package\n\nMitigating factors:\n\n Telnet service must be running and accessible to the attacker. \n Nowadays, telnet service presence on newly deployed Linux hosts is\n relatively low. The service is still used for LAN access from other unix\n platforms, and to host various non-shell services (such as MUDs). \n\nProblem description:\n\n Netkit telnetd implementation shipped with Debian Linux appears to be\n lacking the AYT vulnerability patch. This patch was devised by Red Hat\n (?) and incorporated into Debian packages, but later dropped. \n\n This exposes the platform to a remote root problem discovered by scut of\n TESO back in 2001 (CVE-2001-0554), as well as to other currently\n unpublished flaws associated with the old buffer handling code, and\n elliminated by the Red Hat\u0027s overhaul of buffer handling routines. \n\n Based on a review of package changelogs, my best guess is that the patch\n was accidentally dropped by Christoph Martin in December 2001, but I\n have not researched the matter any further. \n\nVendor response:\n\n I have contacted Debian security staff on August 29, and received a\n confirmation of the problem from Matt Zimmerman shortly thereafter. \n\n Since this is not a new flaw, I did not plan to release my own advisory,\n hoping they will release a DSA bulletin and fix the problem. Three weeks\n have passed, however, and Debian did not indicate any clear intent to\n release the information any time soon. They did release nine other\n advisories in the meantime, some of which were of lesser importance. \n\n As such, I believe it is a good idea to bring the problem to public\n attention, particularly since those running telnetd were and are,\n unbeknownst to them, vulnerable to existing exploits. \n\nWorkaround:\n\n Disable telnet service if not needed; manually apply Red Hat\n netkit patches, or compile the daemon from Red Hat sources. \n\n Note that netkit as such is no longer maintained by the author, and\n hence obtaining the most recent source tarball (0.17) is NOT\n sufficient. You may also examine other less popular telnetd\n implementations, but be advised that almost all are heavily based on the\n original code, and not always up-to-date with security fixes for that\n codebase. \n\n\nPS. Express your outrage: http://eprovisia.coredump.cx",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "PACKETSTORM",
"id": "34414"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=21018",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2001-0554"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3064",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2001-0554",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "809",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#745371",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "21018",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2001-0554",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "34414",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "PACKETSTORM",
"id": "34414"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"id": "VAR-200108-0064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3056849
},
"last_update_date": "2023-12-18T13:21:23.131000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ibm.com/jp/"
},
{
"title": "Debian Security Advisories: DSA-075-1 netkit-telnet-ssl -- remote exploit",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a05118c557d210031007d9bc57bfeb01"
},
{
"title": "Cisco: Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20020903-vpn3k-vulnerability"
},
{
"title": "Cisco: Cisco CatOS Telnet Buffer Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20020129-catos-telrcv"
},
{
"title": "git-and-crumpets",
"trust": 0.1,
"url": "https://github.com/siddicky/git-and-crumpets "
},
{
"title": "DC-4-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-4-vulnhub-walkthrough "
},
{
"title": "DC-2-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-2-vulnhub-walkthrough "
},
{
"title": "DC-1-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-1-vulnhub-walkthrough "
},
{
"title": "Basic-Pentesting-2",
"trust": 0.1,
"url": "https://github.com/vshaliii/basic-pentesting-2 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0554"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.cert.org/advisories/ca-2001-21.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/3064"
},
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml"
},
{
"trust": 1.9,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-01:49.telnetd.asc"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/197804"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/199496"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/203000"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/199541"
},
{
"trust": 1.7,
"url": "http://www.ciac.org/ciac/bulletins/l-131.shtml"
},
{
"trust": 1.7,
"url": "http://www.calderasystems.com/support/security/advisories/cssa-2001-030.0.txt"
},
{
"trust": 1.7,
"url": "http://ftp.support.compaq.com/patches/.new/html/ssrt0745u.shtml"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000413"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2001/dsa-070"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2001/dsa-075"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/advisories/3476"
},
{
"trust": 1.7,
"url": "http://www.linux-mandrake.com/en/security/2001/mdksa-2001-068.php3"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2001-099.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2001-100.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/809"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875"
},
{
"trust": 1.1,
"url": "ftp://stage.caldera.com/pub/security/openserver/cssa-2001-sco.10/cssa-2001-sco.10.txt"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2001-012.txt.asc"
},
{
"trust": 1.1,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-p"
},
{
"trust": 0.8,
"url": "http://www.team-teso.net/advisories/teso-advisory-011.tar.gz"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0554"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0554"
},
{
"trust": 0.3,
"url": "/archive/1/375743"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-075"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/21018/"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/745371"
},
{
"trust": 0.1,
"url": "http://eprovisia.coredump.cx."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2001-0554"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "PACKETSTORM",
"id": "34414"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#745371"
},
{
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"db": "BID",
"id": "3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"db": "PACKETSTORM",
"id": "34414"
},
{
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-07-24T00:00:00",
"db": "CERT/CC",
"id": "VU#745371"
},
{
"date": "2001-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"date": "2001-07-18T00:00:00",
"db": "BID",
"id": "3064"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"date": "2004-09-21T08:00:52",
"db": "PACKETSTORM",
"id": "34414"
},
{
"date": "2001-08-14T04:00:00",
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"date": "2001-07-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-04-16T00:00:00",
"db": "CERT/CC",
"id": "VU#745371"
},
{
"date": "2020-01-21T00:00:00",
"db": "VULMON",
"id": "CVE-2001-0554"
},
{
"date": "2001-07-18T00:00:00",
"db": "BID",
"id": "3064"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000115"
},
{
"date": "2022-01-21T14:48:42.473000",
"db": "NVD",
"id": "CVE-2001-0554"
},
{
"date": "2022-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "34414"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vendor telnet daemons vulnerable to buffer overflow via crafted protocol options",
"sources": [
{
"db": "CERT/CC",
"id": "VU#745371"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200108-082"
}
],
"trust": 0.6
}
}
VAR-200303-0010
Vulnerability from variot - Updated: 2023-12-18 13:10OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal). Cryptographic libraries and applications do not provide adequate defense against a side-channel timing attack against RSA private keys. Such an attack has been shown to be practical using currently available hardware on systems and networks with sufficiently low variance in latency. OpenSSL so RSA Is used for the encryption algorithm, RSA There is a vulnerability that is subject to timing attacks that can analyze the private key by measuring and analyzing the processing time when generating the private key in the format.The server's private key may be obtained. A side-channel attack in the OpenSSL implementation has been published in a recent paper that may ultimately result in an active adversary gaining the RSA private key of a target server. The attack involves analysis of the timing of certain operations during client-server session key negotiation
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200303-0010",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "stunnel",
"scope": "eq",
"trust": 1.9,
"vendor": "stunnel",
"version": "4.04"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.9,
"vendor": "stunnel",
"version": "4.03"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.9,
"vendor": "stunnel",
"version": "4.02"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.9,
"vendor": "stunnel",
"version": "4.01"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.9,
"vendor": "stunnel",
"version": "3.22"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.9,
"vendor": "stunnel",
"version": "3.21"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.9,
"vendor": "stunnel",
"version": "3.19"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.9,
"vendor": "stunnel",
"version": "3.18"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.9,
"vendor": "stunnel",
"version": "3.20"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.6,
"vendor": "stunnel",
"version": "4.0"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.17"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.16"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.15"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.14"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.13"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.12"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.11"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.9"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.8"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.7"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 1.3,
"vendor": "stunnel",
"version": "3.10"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 1.3,
"vendor": "openpkg",
"version": "1.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 1.3,
"vendor": "openpkg",
"version": "1.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 1.0,
"vendor": "openpkg",
"version": "*"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "covalent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "crypto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "foundry",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fressh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnu libgcrypt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnu tls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sorceror linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stunnel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sco group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cryptlib",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "esoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mod ssl",
"version": null
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.44"
},
{
"model": "openssh",
"scope": "lte",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.5"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.2"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.4"
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "4.0.4"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "4.0.3"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "4.0.2"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "4.0.1"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.4.8"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.4.7"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.4.6"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.4.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.4.4"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.4.3"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.4.2"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.4.1"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.4"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.3.4"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.3.3"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.3.2"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.3.1"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.3"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.2.2"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.2.1"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.2"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.1.2"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.1.1"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.1"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "3.0"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "2.4"
},
{
"model": "cobalt raq xtr",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "cobalt qube",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "4.00"
},
{
"model": "communications security ipsec express toolkit",
"scope": null,
"trust": 0.3,
"vendor": "ssh",
"version": null
},
{
"model": "communications security certificate/tls toolkit",
"scope": null,
"trust": 0.3,
"vendor": "ssh",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "mgetty-sendfax-1.1.14-8.i386.rpm",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.2"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "oracle9i application server .1s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "mod ssl",
"scope": "eq",
"trust": 0.3,
"vendor": "mod ssl",
"version": "2.8.14"
},
{
"model": "igateway",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "3.2"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.5"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.4"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.3"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.2"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.1"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.0"
},
{
"model": "libgcrypt",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "1.1.12"
},
{
"model": "libgcrypt",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "1.1.11"
},
{
"model": "libgcrypt",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "1.1.10"
},
{
"model": "libgcrypt",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "1.1.9"
},
{
"model": "libgcrypt",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "1.1.8"
},
{
"model": "networks ironview",
"scope": null,
"trust": 0.3,
"vendor": "foundry",
"version": null
},
{
"model": "big-ip blade controller ptf-01",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "crypto++ library",
"scope": "eq",
"trust": 0.3,
"vendor": "crypto",
"version": "5.0"
},
{
"model": "crypto++ library",
"scope": "eq",
"trust": 0.3,
"vendor": "crypto",
"version": "4.2"
},
{
"model": "fast start server",
"scope": "eq",
"trust": 0.3,
"vendor": "covalent",
"version": "3.3"
},
{
"model": "fast start server",
"scope": "eq",
"trust": 0.3,
"vendor": "covalent",
"version": "3.2"
},
{
"model": "fast start server",
"scope": "eq",
"trust": 0.3,
"vendor": "covalent",
"version": "3.1"
},
{
"model": "enterprise ready server",
"scope": "eq",
"trust": 0.3,
"vendor": "covalent",
"version": "2.3"
},
{
"model": "enterprise ready server",
"scope": "eq",
"trust": 0.3,
"vendor": "covalent",
"version": "2.2"
},
{
"model": "enterprise ready server",
"scope": "eq",
"trust": 0.3,
"vendor": "covalent",
"version": "2.1"
},
{
"model": "associates etrust security command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "openvms vax",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.3"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.3"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2.1"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2-2"
},
{
"model": "openvms -1h2 alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2"
},
{
"model": "openvms -1h1 alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2"
},
{
"model": "openvms vax",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.1-2"
},
{
"model": "openvms vax",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.1"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.1"
},
{
"model": "openvms vax",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "6.2"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "6.2"
},
{
"model": "openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "6.2"
},
{
"model": "securecrt",
"scope": "ne",
"trust": 0.3,
"vendor": "vandyke",
"version": "4.0.5"
},
{
"model": "project openssl b",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl j",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssh",
"scope": "ne",
"trust": 0.3,
"vendor": "openssh",
"version": "3.6.1"
},
{
"model": "hp-ux apache-based web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.0.07.01"
},
{
"model": "crypto++ library",
"scope": "ne",
"trust": 0.3,
"vendor": "crypto",
"version": "5.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#997481"
},
{
"db": "BID",
"id": "7101"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000098"
},
{
"db": "NVD",
"id": "CVE-2003-0147"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0147"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Brumley and Dan Boneh.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0147",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2003-0147",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0147",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#997481",
"trust": 0.8,
"value": "9.42"
},
{
"author": "CNNVD",
"id": "CNNVD-200303-116",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#997481"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000098"
},
{
"db": "NVD",
"id": "CVE-2003-0147"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server\u0027s private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms (\"Karatsuba\" and normal). Cryptographic libraries and applications do not provide adequate defense against a side-channel timing attack against RSA private keys. Such an attack has been shown to be practical using currently available hardware on systems and networks with sufficiently low variance in latency. OpenSSL so RSA Is used for the encryption algorithm, RSA There is a vulnerability that is subject to timing attacks that can analyze the private key by measuring and analyzing the processing time when generating the private key in the format.The server\u0027s private key may be obtained. A side-channel attack in the OpenSSL implementation has been published in a recent paper that may ultimately result in an active adversary gaining the RSA private key of a target server. The attack involves analysis of the timing of certain operations during client-server session key negotiation",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0147"
},
{
"db": "CERT/CC",
"id": "VU#997481"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000098"
},
{
"db": "BID",
"id": "7101"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0147",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#997481",
"trust": 1.8
},
{
"db": "BID",
"id": "7101",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000098",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200303-116",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#997481"
},
{
"db": "BID",
"id": "7101"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000098"
},
{
"db": "NVD",
"id": "CVE-2003-0147"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
]
},
"id": "VAR-200303-0010",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4615448
},
"last_update_date": "2023-12-18T13:10:54.856000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.apache.org/"
},
{
"title": "HPSBUX00280",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00954663"
},
{
"title": "HPSBUX0304-255",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0304-255"
},
{
"title": "HPSBUX0309-280",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0309-280.html"
},
{
"title": "HPSBUX0304-255",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0304-255.html"
},
{
"title": "secadv_20030317",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20030317.txt"
},
{
"title": "RHSA-2003:205",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-205.html"
},
{
"title": "RHSA-2003:102",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-102.html"
},
{
"title": "RHSA-2003:101",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-101.html"
},
{
"title": "56380",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56380-1"
},
{
"title": "56380",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56380-3"
},
{
"title": "4 Apache \u0026amp; SSL Security 2.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026amp;nav=patchpage"
},
{
"title": "XTR Apache \u0026amp; SSL Security 1.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026amp;nav=patchpage"
},
{
"title": "550 Apache \u0026amp; SSL Security 0.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-22",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-22.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"title": "RHSA-2003:205",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-205j.html"
},
{
"title": "RHSA-2003:102",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-102j.html"
},
{
"title": "RHSA-2003:101",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-101j.html"
},
{
"title": "TLSA-2003-22",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-22j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000098"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0147"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.openssl.org/news/secadv_20030317.txt"
},
{
"trust": 1.1,
"url": "http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html"
},
{
"trust": 1.0,
"url": "ftp://ftp.sco.com/pub/security/openlinux/cssa-2003-014.0.txt"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-i"
},
{
"trust": 1.0,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0130.html"
},
{
"trust": 1.0,
"url": "http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf"
},
{
"trust": 1.0,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000625"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104766550528628\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104792570615648\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104819602408063\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104829040921835\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104861762028637\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2003/dsa-288"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-23.xml"
},
{
"trust": 1.0,
"url": "http://www.kb.cert.org/vuls/id/997481"
},
{
"trust": 1.0,
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:035"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2003.019.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2003-101.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2003-102.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/316165/30/25370/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a466"
},
{
"trust": 0.8,
"url": "http://ietf.org/rfc/rfc2246.txt"
},
{
"trust": 0.8,
"url": "http://wp.netscape.com/eng/ssl3/draft302.txt"
},
{
"trust": 0.8,
"url": "http://www.cryptography.com/resources/whitepapers/timingattacks.pdf"
},
{
"trust": 0.8,
"url": "http://www.bell-labs.com/user/bleichen/papers/chosen.ps"
},
{
"trust": 0.8,
"url": "ftp://ftp.rsasecurity.com/pub/pdfs/bull-2.pdf"
},
{
"trust": 0.8,
"url": "ftp://ftp.rsasecurity.com/pub/pdfs/bulletn5.pdf"
},
{
"trust": 0.8,
"url": "http://link.springer.de/link/service/series/0558/papers/1070/10700001.pdf"
},
{
"trust": 0.8,
"url": "http://islab.oregonstate.edu/documents/people/blaze/quantize.shar"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0147"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0147"
},
{
"trust": 0.8,
"url": "http://www.securiteam.com/unixfocus/5fp0c209fe.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/7101"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.eskimo.com/~weidai/cryptlib.html"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata31.html#kadmin"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata32.html"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/ip/deploy/ias/index.html"
},
{
"trust": 0.3,
"url": "http://metalink.oracle.com"
},
{
"trust": 0.3,
"url": "http://www.covalent.net/support/rotate.php?page=109"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"trust": 0.3,
"url": "/archive/1/315884"
},
{
"trust": 0.3,
"url": "/archive/1/315904"
},
{
"trust": 0.3,
"url": "/archive/1/315292"
},
{
"trust": 0.3,
"url": "/archive/1/315069"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#997481"
},
{
"db": "BID",
"id": "7101"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000098"
},
{
"db": "NVD",
"id": "CVE-2003-0147"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#997481"
},
{
"db": "BID",
"id": "7101"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000098"
},
{
"db": "NVD",
"id": "CVE-2003-0147"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-25T00:00:00",
"db": "CERT/CC",
"id": "VU#997481"
},
{
"date": "2003-03-14T00:00:00",
"db": "BID",
"id": "7101"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000098"
},
{
"date": "2003-03-31T05:00:00",
"db": "NVD",
"id": "CVE-2003-0147"
},
{
"date": "2003-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#997481"
},
{
"date": "2009-07-11T21:06:00",
"db": "BID",
"id": "7101"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000098"
},
{
"date": "2018-10-19T15:29:26.540000",
"db": "NVD",
"id": "CVE-2003-0147"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL Timing Attack RSA Private Key Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "7101"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "7101"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-116"
}
],
"trust": 0.9
}
}
VAR-200303-0118
Vulnerability from variot - Updated: 2023-12-18 12:40The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack.". SSL/TLS implementations that respond distinctively to an incorrect PKCS #1 v1.5 encoded SSL/TLS version number expose the premaster secret to a modified Bleichenbacher attack. An attacker could decrypt a given SSL/TLS session or forge a signature on behalf of a vulnerable application's private RSA key. OpenSSL In RSA Is used for the encryption algorithm, PKCS#1 Secret value shared across the session between the client and server due to inadequate version number handling in the process ) There is a vulnerability that leaks.There is a possibility of decrypting the encrypted communication content. A problem with OpenSSL may leak sensitive information. A user could abuse the response of vulnerable servers to act as an oracle. By sending a large number of adaptive attacks, the possibility exists for a remote user to create a choice of ciphertext encrypted with the private key of the server. OpenSSL Security Advisory [19 March 2003]
Klima-Pokorny-Rosa attack on RSA in SSL/TLS
Czech cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa have come up with an extension of the "Bleichenbacher attack" on RSA with PKCS #1 v1.5 padding as used in SSL 3.0 and TLS 1.0. Note that the server's RSA key is not compromised in this attack. OpenSSL releases up to 0.9.6i and 0.9.7a are vulnerable. The enclosed patch modifies SSL/TLS server behaviour to avoid the vulnerability.
Security Patch
The following patch can be applied to OpenSSL releases 0.9.6b up to 0.9.6i, 0.9.7, and 0.9.7a.
--- s3_srvr.c 29 Nov 2002 11:31:51 -0000 1.85.2.14 +++ s3_srvr.c 19 Mar 2003 18:00:00 -0000 @@ -1447,7 +1447,7 @@ if (i != SSL_MAX_MASTER_KEY_LENGTH) { al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); + / SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); / }
if ((al == -1) && !((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
@@ -1463,30 +1463,29 @@ (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff)))) { al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); - goto f_err; + / SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); / + + / The Klima-Pokorny-Rosa extension of Bleichenbacher's attack + * (https://eprint.iacr.org/2003/052/) exploits the version + * number check as a "bad version oracle" -- an alert would + * reveal that the plaintext corresponding to some ciphertext + * made up by the adversary is properly formatted except + * that the version number is wrong. To avoid such attacks, + * we should treat this just like any other decryption error. / + p[0] = (char)(int) "CAN-2003-0131 patch 2003-03-19"; } }
if (al != -1)
{
-#if 0 - goto f_err; -#else / Some decryption failure -- use random value instead as countermeasure * against Bleichenbacher's attack on PKCS #1 v1.5 RSA padding - * (see RFC 2246, section 7.4.7.1). - * But note that due to length and protocol version checking, the - * attack is impractical anyway (see section 5 in D. Bleichenbacher: - * "Chosen Ciphertext Attacks Against Protocols Based on the RSA - * Encryption Standard PKCS #1", CRYPTO '98, LNCS 1462, pp. 1-12). - / + * (see RFC 2246, section 7.4.7.1). / ERR_clear_error(); i = SSL_MAX_MASTER_KEY_LENGTH; p[0] = s->client_version >> 8; p[1] = s->client_version & 0xff; RAND_pseudo_bytes(p+2, i-2); / should be RAND_bytes, but we cannot work around a failure */ -#endif }
s->session->master_key_length=
References
Report "Attacking RSA-based Sessions in SSL/TLS" by V. Klima, O. Pokorny, and T. Rosa: https://eprint.iacr.org/2003/052/
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0131 to this issue. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0131
URL for this Security Advisory: https://www.openssl.org/news/secadv_20030319.txt
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200303-0118",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnu tls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mirapoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sorceror linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "esoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mod ssl",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.2"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.4"
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "cobalt raq xtr",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "cobalt qube",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "oracle9i application server .1s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.4"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.3"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.2"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.1"
},
{
"model": "transport layer security library",
"scope": "eq",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.0"
},
{
"model": "big-ip blade controller ptf-01",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "associates etrust security command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "openvms vax",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.3"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.3"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2.1"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2-2"
},
{
"model": "openvms -1h2 alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2"
},
{
"model": "openvms -1h1 alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2"
},
{
"model": "openvms vax",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.2"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.1-2"
},
{
"model": "openvms vax",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.1"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "7.1"
},
{
"model": "openvms vax",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "6.2"
},
{
"model": "openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "6.2"
},
{
"model": "openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "project openssl b",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl j",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "hp-ux apache-based web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.0.07.01"
},
{
"model": "hp-ux apache-based web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.0.03.01"
},
{
"model": "apache-based web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.3.27.02"
},
{
"model": "transport layer security library",
"scope": "ne",
"trust": 0.3,
"vendor": "gnu",
"version": "0.8.5"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#888801"
},
{
"db": "BID",
"id": "7148"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000095"
},
{
"db": "NVD",
"id": "CVE-2003-0131"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0131"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery credited to Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa.",
"sources": [
{
"db": "BID",
"id": "7148"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
],
"trust": 0.9
},
"cve": "CVE-2003-0131",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2003-0131",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0131",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#888801",
"trust": 0.8,
"value": "4.05"
},
{
"author": "CNNVD",
"id": "CNNVD-200303-076",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#888801"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000095"
},
{
"db": "NVD",
"id": "CVE-2003-0131"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the \"Klima-Pokorny-Rosa attack.\". SSL/TLS implementations that respond distinctively to an incorrect PKCS #1 v1.5 encoded SSL/TLS version number expose the premaster secret to a modified Bleichenbacher attack. An attacker could decrypt a given SSL/TLS session or forge a signature on behalf of a vulnerable application\u0027s private RSA key. OpenSSL In RSA Is used for the encryption algorithm, PKCS#1 Secret value shared across the session between the client and server due to inadequate version number handling in the process ) There is a vulnerability that leaks.There is a possibility of decrypting the encrypted communication content. A problem with OpenSSL may leak sensitive information. A user could abuse the response of vulnerable servers to act as an oracle. By sending a large number of adaptive attacks, the possibility exists for a remote user to create a choice of ciphertext encrypted with the private key of the server. OpenSSL Security Advisory [19 March 2003]\n\nKlima-Pokorny-Rosa attack on RSA in SSL/TLS\n===========================================\n\nCzech cryptologists Vlastimil Klima, Ondrej Pokorny, and Tomas Rosa\nhave come up with an extension of the \"Bleichenbacher attack\" on RSA\nwith PKCS #1 v1.5 padding as used in SSL 3.0 and TLS 1.0. \nNote that the server\u0027s RSA key is not compromised in this attack. \nOpenSSL releases up to 0.9.6i and 0.9.7a are vulnerable. The enclosed\npatch modifies SSL/TLS server behaviour to avoid the vulnerability. \n\n\nSecurity Patch\n--------------\n\nThe following patch can be applied to OpenSSL releases 0.9.6b up to 0.9.6i,\n0.9.7, and 0.9.7a. \n\n--- s3_srvr.c\t29 Nov 2002 11:31:51 -0000\t1.85.2.14\n+++ s3_srvr.c\t19 Mar 2003 18:00:00 -0000\n@@ -1447,7 +1447,7 @@\n \t\tif (i != SSL_MAX_MASTER_KEY_LENGTH)\n \t\t\t{\n \t\t\tal=SSL_AD_DECODE_ERROR;\n-\t\t\tSSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);\n+\t\t\t/* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */\n \t\t\t}\n \n \t\tif ((al == -1) \u0026\u0026 !((p[0] == (s-\u003eclient_version\u003e\u003e8)) \u0026\u0026 (p[1] == (s-\u003eclient_version \u0026 0xff))))\n@@ -1463,30 +1463,29 @@\n \t\t\t\t(p[0] == (s-\u003eversion\u003e\u003e8)) \u0026\u0026 (p[1] == (s-\u003eversion \u0026 0xff))))\n \t\t\t\t{\n \t\t\t\tal=SSL_AD_DECODE_ERROR;\n-\t\t\t\tSSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER);\n-\t\t\t\tgoto f_err;\n+\t\t\t\t/* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */\n+\n+\t\t\t\t/* The Klima-Pokorny-Rosa extension of Bleichenbacher\u0027s attack\n+\t\t\t\t * (https://eprint.iacr.org/2003/052/) exploits the version\n+\t\t\t\t * number check as a \"bad version oracle\" -- an alert would\n+\t\t\t\t * reveal that the plaintext corresponding to some ciphertext\n+\t\t\t\t * made up by the adversary is properly formatted except\n+\t\t\t\t * that the version number is wrong. To avoid such attacks,\n+\t\t\t\t * we should treat this just like any other decryption error. */\n+\t\t\t\tp[0] = (char)(int) \"CAN-2003-0131 patch 2003-03-19\";\n \t\t\t\t}\n \t\t\t}\n \n \t\tif (al != -1)\n \t\t\t{\n-#if 0\n-\t\t\tgoto f_err;\n-#else\n \t\t\t/* Some decryption failure -- use random value instead as countermeasure\n \t\t\t * against Bleichenbacher\u0027s attack on PKCS #1 v1.5 RSA padding\n-\t\t\t * (see RFC 2246, section 7.4.7.1). \n-\t\t\t * But note that due to length and protocol version checking, the\n-\t\t\t * attack is impractical anyway (see section 5 in D. Bleichenbacher:\n-\t\t\t * \"Chosen Ciphertext Attacks Against Protocols Based on the RSA\n-\t\t\t * Encryption Standard PKCS #1\", CRYPTO \u002798, LNCS 1462, pp. 1-12). \n-\t\t\t */\n+\t\t\t * (see RFC 2246, section 7.4.7.1). */\n \t\t\tERR_clear_error();\n \t\t\ti = SSL_MAX_MASTER_KEY_LENGTH;\n \t\t\tp[0] = s-\u003eclient_version \u003e\u003e 8;\n \t\t\tp[1] = s-\u003eclient_version \u0026 0xff;\n \t\t\tRAND_pseudo_bytes(p+2, i-2); /* should be RAND_bytes, but we cannot work around a failure */\n-#endif\n \t\t\t}\n \t\n \t\ts-\u003esession-\u003emaster_key_length=\n\n\nReferences\n----------\n\nReport \"Attacking RSA-based Sessions in SSL/TLS\" by V. Klima, O. Pokorny,\nand T. Rosa:\nhttps://eprint.iacr.org/2003/052/\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0131 to this issue. \nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0131\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20030319.txt\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0131"
},
{
"db": "CERT/CC",
"id": "VU#888801"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000095"
},
{
"db": "BID",
"id": "7148"
},
{
"db": "PACKETSTORM",
"id": "169675"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0131",
"trust": 2.8
},
{
"db": "BID",
"id": "7148",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#888801",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000095",
"trust": 0.8
},
{
"db": "XF",
"id": "11586",
"trust": 0.6
},
{
"db": "TRUSTIX",
"id": "2003-0013",
"trust": 0.6
},
{
"db": "CALDERA",
"id": "CSSA-2003-014.0",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-288",
"trust": 0.6
},
{
"db": "SGI",
"id": "20030501-01-I",
"trust": 0.6
},
{
"db": "NETBSD",
"id": "NETBSD-SA2003-007",
"trust": 0.6
},
{
"db": "OPENPKG",
"id": "OPENPKG-SA-2003.026",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030327 IMMUNIX SECURED OS 7+ OPENSSL UPDATE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030319 [OPENSSL ADVISORY] KLIMA-POKORNY-ROSA ATTACK ON PKCS #1 V1.5 PADDING",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030324 GLSA: OPENSSL (200303-20)",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:035",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2003:024",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:461",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:102",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:101",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200303-20",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2003:625",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200303-076",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "169675",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#888801"
},
{
"db": "BID",
"id": "7148"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000095"
},
{
"db": "PACKETSTORM",
"id": "169675"
},
{
"db": "NVD",
"id": "CVE-2003-0131"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
]
},
"id": "VAR-200303-0118",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4615448
},
"last_update_date": "2023-12-18T12:40:39.190000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX0304-255",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0304-255"
},
{
"title": "HPSBUX0304-255",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0304-255.html"
},
{
"title": "secadv_20030319",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20030319.txt"
},
{
"title": "RHSA-2003:101",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-101.html"
},
{
"title": "4 Apache \u0026amp; SSL Security 2.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026amp;nav=patchpage"
},
{
"title": "XTR Apache \u0026amp; SSL Security 1.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026amp;nav=patchpage"
},
{
"title": "550 Apache \u0026amp; SSL Security 0.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-22",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-22.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"title": "RHSA-2003:101",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-101j.html"
},
{
"title": "TLSA-2003-22",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-22j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000095"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0131"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://eprint.iacr.org/2003/052/"
},
{
"trust": 2.5,
"url": "http://www.openssl.org/news/secadv_20030319.txt"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/7148"
},
{
"trust": 1.6,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2003-007.txt.asc"
},
{
"trust": 1.6,
"url": "ftp://ftp.sco.com/pub/security/openlinux/cssa-2003-014.0.txt"
},
{
"trust": 1.6,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030501-01-i"
},
{
"trust": 1.6,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000625"
},
{
"trust": 1.6,
"url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-288"
},
{
"trust": 1.6,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-20.xml"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/888801"
},
{
"trust": 1.6,
"url": "http://www.linuxsecurity.com/advisories/immunix_advisory-3066.html"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:035"
},
{
"trust": 1.6,
"url": "http://www.openpkg.org/security/openpkg-sa-2003.026-openssl.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-101.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-102.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104811162730834\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104852637112330\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104878215721135\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/316577/30/25310/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11586"
},
{
"trust": 1.0,
"url": "https://lists.opensuse.org/opensuse-security-announce/2003-04/msg00005.html"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a461"
},
{
"trust": 0.8,
"url": "http://www.i.cz/en/onas/tisk7.html"
},
{
"trust": 0.8,
"url": "http://www.i.cz/en/onas/tisk8.html"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2246.txt"
},
{
"trust": 0.8,
"url": "http://link.springer.de/link/service/series/0558/papers/1462/14620001.pdf"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/pkcs1/qa.html"
},
{
"trust": 0.8,
"url": "ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf"
},
{
"trust": 0.8,
"url": "ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc"
},
{
"trust": 0.8,
"url": "ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1.asc"
},
{
"trust": 0.8,
"url": "ftp://ftp.rsasecurity.com/pub/pdfs/bulletn7.pdf"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2408.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2409.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0131"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0131"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104811162730834\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/11586"
},
{
"trust": 0.6,
"url": "http://www.novell.com/linux/security/advisories/2003_024_openssl.html"
},
{
"trust": 0.6,
"url": "http://www.suse.de/de/security/2003_024_openssl.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/316577/30/25310/threaded"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104878215721135\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104852637112330\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:461"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://metalink.oracle.com"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"trust": 0.3,
"url": "/archive/1/315632"
},
{
"trust": 0.3,
"url": "/archive/1/315884"
},
{
"trust": 0.1,
"url": "https://eprint.iacr.org/2003/052/)"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0131"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0131"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#888801"
},
{
"db": "BID",
"id": "7148"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000095"
},
{
"db": "PACKETSTORM",
"id": "169675"
},
{
"db": "NVD",
"id": "CVE-2003-0131"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#888801"
},
{
"db": "BID",
"id": "7148"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000095"
},
{
"db": "PACKETSTORM",
"id": "169675"
},
{
"db": "NVD",
"id": "CVE-2003-0131"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-23T00:00:00",
"db": "CERT/CC",
"id": "VU#888801"
},
{
"date": "2003-03-19T00:00:00",
"db": "BID",
"id": "7148"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000095"
},
{
"date": "2003-03-19T12:12:12",
"db": "PACKETSTORM",
"id": "169675"
},
{
"date": "2003-03-24T05:00:00",
"db": "NVD",
"id": "CVE-2003-0131"
},
{
"date": "2003-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#888801"
},
{
"date": "2009-07-11T21:06:00",
"db": "BID",
"id": "7148"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000095"
},
{
"date": "2018-10-19T15:29:23.713000",
"db": "NVD",
"id": "CVE-2003-0131"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension",
"sources": [
{
"db": "CERT/CC",
"id": "VU#888801"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "7148"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-076"
}
],
"trust": 0.9
}
}
VAR-200306-0041
Vulnerability from variot - Updated: 2023-12-18 12:24Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool. The Apache HTTP server contains a denial-of-service vulnerability that allows remote attackers to to conduct denial-of-service attacks on the HTTP basic authentication module of an affected server. Mac OS X is an operating system used on Mac machines, based on the BSD system. No detailed vulnerability details are currently available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200306-0041",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apache",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#757612"
},
{
"db": "CERT/CC",
"id": "VU#479268"
},
{
"db": "BID",
"id": "7894"
},
{
"db": "NVD",
"id": "CVE-2003-0420"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0420"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Security Update",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0420",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-7248",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0420",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#757612",
"trust": 0.8,
"value": "18.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#479268",
"trust": 0.8,
"value": "0.68"
},
{
"author": "CNNVD",
"id": "CNNVD-200306-054",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-7248",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#757612"
},
{
"db": "CERT/CC",
"id": "VU#479268"
},
{
"db": "VULHUB",
"id": "VHN-7248"
},
{
"db": "NVD",
"id": "CVE-2003-0420"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool. The Apache HTTP server contains a denial-of-service vulnerability that allows remote attackers to to conduct denial-of-service attacks on the HTTP basic authentication module of an affected server. Mac OS X is an operating system used on Mac machines, based on the BSD system. No detailed vulnerability details are currently available",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0420"
},
{
"db": "CERT/CC",
"id": "VU#757612"
},
{
"db": "CERT/CC",
"id": "VU#479268"
},
{
"db": "BID",
"id": "7894"
},
{
"db": "VULHUB",
"id": "VHN-7248"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#757612",
"trust": 2.5
},
{
"db": "BID",
"id": "7894",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2003-0420",
"trust": 2.0
},
{
"db": "AUSCERT",
"id": "ESB-2003.0415",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "9025",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "8881",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#479268",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200306-054",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "HTTP://WWW.KB.CERT.ORG/VULS/ID/JPLA-5NTL8E",
"trust": 0.6
},
{
"db": "XF",
"id": "12342",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-7248",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#757612"
},
{
"db": "CERT/CC",
"id": "VU#479268"
},
{
"db": "VULHUB",
"id": "VHN-7248"
},
{
"db": "BID",
"id": "7894"
},
{
"db": "NVD",
"id": "CVE-2003-0420"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
]
},
"id": "VAR-200306-0041",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7248"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:24:38.802000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0420"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.auscert.org.au/render.html?it=3165"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/7894"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/jpla-5ntl8e"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/9025/"
},
{
"trust": 1.6,
"url": "http://www.apache.org/dist/httpd/announcement2.html"
},
{
"trust": 1.6,
"url": "http://www.secunia.com/advisories/8881/"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12342"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/advisory/05.30.03.txt"
},
{
"trust": 0.8,
"url": "http://www.webdav.org/mod_dav/"
},
{
"trust": 0.8,
"url": "http://www.iss.net/security_center/static/12090.php"
},
{
"trust": 0.8,
"url": "http://www.iss.net/security_center/static/12091.php"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/12342"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#757612"
},
{
"db": "CERT/CC",
"id": "VU#479268"
},
{
"db": "VULHUB",
"id": "VHN-7248"
},
{
"db": "BID",
"id": "7894"
},
{
"db": "NVD",
"id": "CVE-2003-0420"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#757612"
},
{
"db": "CERT/CC",
"id": "VU#479268"
},
{
"db": "VULHUB",
"id": "VHN-7248"
},
{
"db": "BID",
"id": "7894"
},
{
"db": "NVD",
"id": "CVE-2003-0420"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-06-24T00:00:00",
"db": "CERT/CC",
"id": "VU#757612"
},
{
"date": "2003-06-24T00:00:00",
"db": "CERT/CC",
"id": "VU#479268"
},
{
"date": "2003-06-13T00:00:00",
"db": "VULHUB",
"id": "VHN-7248"
},
{
"date": "2003-06-13T00:00:00",
"db": "BID",
"id": "7894"
},
{
"date": "2003-06-13T04:00:00",
"db": "NVD",
"id": "CVE-2003-0420"
},
{
"date": "2003-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-18T00:00:00",
"db": "CERT/CC",
"id": "VU#757612"
},
{
"date": "2003-09-18T00:00:00",
"db": "CERT/CC",
"id": "VU#479268"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-7248"
},
{
"date": "2009-07-11T22:06:00",
"db": "BID",
"id": "7894"
},
{
"date": "2017-07-11T01:29:32.057000",
"db": "NVD",
"id": "CVE-2003-0420"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "7894"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Portable Runtime contains heap buffer overflow in apr_psprintf()",
"sources": [
{
"db": "CERT/CC",
"id": "VU#757612"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "7894"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-054"
}
],
"trust": 0.9
}
}
VAR-200305-0049
Vulnerability from variot - Updated: 2023-12-18 12:13Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. Samba contains several buffer overflow vulnerabilitites. Samba contains several buffer overflow vulnerabilitites. An updated version has been released. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Samba 2.2.8 Previously, when dealing with files with very long file names, smbd/trans2.c Inside StrnCpy() There is a problem with buffer overflow in functions. StrnCpy(fname,pname,namelen) Marked StrnCpy() In the function namelen using pstring Type (1024 Byte char Type array ) Variables fname Within pname Copy for that reason, pname In 1024 By giving a value larger than bytes, it is possible to cause a buffer overflow and overwrite the memory area. (CAN-2003-0201) In addition, there are other potential buffer overflow issues that stem from this issue. 3 Have been found by vendors (CAN-2003-0196) , A corrected version for all these issues Samba 2.2.8a Is published. At this time, this problem (CAN-2003-0196) Details of are unknown.Please refer to the “Overview” for the impact of this vulnerability. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server, it may be possible for an anonymous user to corrupt sensitive locations in memory. Samba-TNG 0.3.1 and earlier are also affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200305-0049",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "montavista",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "samba team",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "sun microsystems",
"version": null
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.9,
"vendor": "compaq",
"version": "5.1"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "samba tng",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sorceror linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "wirex",
"version": null
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.1_pk5_bl19"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0f"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.1_pk4_bl18"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0a"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0a_pk3_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0_pk4_bl18"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.0_pk4_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.1_pk6_bl20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.6,
"vendor": "compaq",
"version": "5.1_pk3_bl17"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.3"
},
{
"model": "samba-tng",
"scope": "eq",
"trust": 1.3,
"vendor": "samba tng",
"version": "0.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "samba-tng",
"scope": "eq",
"trust": 1.3,
"vendor": "samba tng",
"version": "0.3.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.7"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.5"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.8"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.9"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.10"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.6"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.0.2"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.7"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.3,
"vendor": "samba",
"version": "2.2.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk3_bl3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk6_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk2_bl2"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.05"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.09.01"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d_pk9_bl17"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.0,
"vendor": "samba",
"version": "2.2.0a"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk7_bl18"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk1_bl1"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.07"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.06"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "8.0"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.09"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk1_bl1"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.0,
"vendor": "samba",
"version": "2.2.3a"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.08"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.0,
"vendor": "samba",
"version": "2.2.7a"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "samba",
"scope": "eq",
"trust": 1.0,
"vendor": "samba",
"version": "2.2.1a"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.09.02"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a"
},
{
"model": "cifs-9000 server",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "a.01.08.01"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0b"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk3_bl17"
},
{
"model": "samba",
"scope": "lte",
"trust": 0.8,
"vendor": "samba",
"version": "2.2.8"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.6,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.1"
},
{
"model": "cifs/9000 server a.01.08.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cifs/9000 server a.01.09.03",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "solaris x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "alpha",
"scope": "ne",
"trust": 0.3,
"vendor": "samba",
"version": "3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "tru64 g pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": ".0a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2"
},
{
"model": "tru64 d pk9",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cifs/9000 server a.01.09",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cobalt raq 4100r",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cifs/9000 server a.01.09.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 d",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "a",
"scope": "ne",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "tru64 f pk7",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "samba",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.2"
},
{
"model": "tru64 pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "cifs/9000 server a.01.08",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cifs/9000 server a.01.07",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cifs/9000 server a.01.09.04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt qube3 4000wg",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cifs/9000 server a.01.09.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "tru64 a pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 b pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "cifs/9000 server a.01.06",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 a pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.7"
},
{
"model": "cifs/9000 server a.01.05",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "samba-tng",
"scope": "ne",
"trust": 0.3,
"vendor": "samba tng",
"version": "0.3.2"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "samba",
"version": "2.2.3"
},
{
"model": "cobalt raq4 3001r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq xtr 3500r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba-tng:samba-tng:0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba-tng:samba-tng:0.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.09.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.09.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:cifs-9000_server:a.01.08.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0201"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Erik Parker\u203b erik.parker@digitaldefense.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0201",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2003-0201",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-7030",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0201",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#267873",
"trust": 1.6,
"value": "20.48"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#298233",
"trust": 0.8,
"value": "23.63"
},
{
"author": "CNNVD",
"id": "CNNVD-200305-012",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-7030",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2003-0201",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. Samba contains several buffer overflow vulnerabilitites. Samba contains several buffer overflow vulnerabilitites. An updated version has been released. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Samba 2.2.8 Previously, when dealing with files with very long file names, smbd/trans2.c Inside StrnCpy() There is a problem with buffer overflow in functions. StrnCpy(fname,pname,namelen) Marked StrnCpy() In the function namelen using pstring Type (1024 Byte char Type array ) Variables fname Within pname Copy for that reason, pname In 1024 By giving a value larger than bytes, it is possible to cause a buffer overflow and overwrite the memory area. (CAN-2003-0201) In addition, there are other potential buffer overflow issues that stem from this issue. 3 Have been found by vendors (CAN-2003-0196) , A corrected version for all these issues Samba 2.2.8a Is published. At this time, this problem (CAN-2003-0196) Details of are unknown.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server, it may be possible for an anonymous user to corrupt sensitive locations in memory. Samba-TNG 0.3.1 and earlier are also affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
}
],
"trust": 4.23
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=55",
"trust": 1.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-7030",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7294",
"trust": 4.5
},
{
"db": "NVD",
"id": "CVE-2003-0201",
"trust": 4.5
},
{
"db": "CERT/CC",
"id": "VU#267873",
"trust": 4.2
},
{
"db": "CERT/CC",
"id": "VU#298233",
"trust": 2.4
},
{
"db": "BID",
"id": "7106",
"trust": 0.8
},
{
"db": "BID",
"id": "7295",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20030408 [SORCERER-SPELLS] SAMBA--SORCERER2003-04-08",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030407 IMMUNIX SECURED OS 7+ SAMBA UPDATE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030409 GLSA: SAMBA (200304-02)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030407 [DDI-1013] BUFFER OVERFLOW IN SAMBA ALLOWS REMOTE ROOT COMPROMISE",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2003:025",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2003:624",
"trust": 0.6
},
{
"db": "SGI",
"id": "20030403-01-P",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:044",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:567",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2163",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-280",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:137",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-88770",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-88737",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-66978",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76273",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-88826",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-18016",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76271",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-70847",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-62711",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71372",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71376",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76272",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71360",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76270",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22468",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22469",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "10",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16330",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16861",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22470",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16876",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16880",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22471",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "9924",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "7",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84541",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84542",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82311",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-7030",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "55",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2003-0201",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"id": "VAR-200305-0049",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7030"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:13:56.501000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00254",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00956530"
},
{
"title": "HPSBUX0304-254",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0304-254.html"
},
{
"title": "RHSA-2003:137",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-137.html"
},
{
"title": "samba",
"trust": 0.8,
"url": "http://www.samba.org/samba/samba.html"
},
{
"title": "53581",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-53581-1"
},
{
"title": "53924",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-53924-1"
},
{
"title": "53581",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-53581-3"
},
{
"title": "53924",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-53924-3"
},
{
"title": "TLSA-2003-27",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-27.txt"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.miraclelinux.com/"
},
{
"title": "RHSA-2003:137",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-137j.html"
},
{
"title": "TLSA-2003-27",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-27j.txt"
},
{
"title": "trans2open-CVE-2003-0201",
"trust": 0.1,
"url": "https://github.com/kernelpan1k/trans2open-cve-2003-0201 "
},
{
"title": "Reporte-de-Resultados",
"trust": 0.1,
"url": "https://github.com/rebekattan/reporte-de-resultados "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/bensongithub/eqgrp "
},
{
"title": "Tools",
"trust": 0.1,
"url": "https://github.com/bl4ck4t/tools "
},
{
"title": "x0rzEQGRP",
"trust": 0.1,
"url": "https://github.com/happysmack/x0rzeqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/nekkidso/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/391861737/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/muhammd/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/r3k1ng/shadowbrokersfiles "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ckmaenn/eqgrp "
},
{
"title": "EQGRP_Linux",
"trust": 0.1,
"url": "https://github.com/cybernetix-s3c/eqgrp_linux "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/iha114/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/antiscammerarmy/shadowbrokersfiles "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/thetrentusdev/shadowbrokerstuff "
},
{
"title": "test",
"trust": 0.1,
"url": "https://github.com/devkosov/test "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/hackcrypto/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ninja-tw1st/eqgrp "
},
{
"title": "leaked2",
"trust": 0.1,
"url": "https://github.com/kongjiexi/leaked2 "
},
{
"title": "bdhglopoj",
"trust": 0.1,
"url": "https://github.com/maxcvnd/bdhglopoj "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/shakenetwork/shadowbrokerstuff "
},
{
"title": "x0rz-EQGRP",
"trust": 0.1,
"url": "https://github.com/r3p3r/x0rz-eqgrp "
},
{
"title": "ShadowBrokersStuff",
"trust": 0.1,
"url": "https://github.com/thetrentus/shadowbrokersstuff "
},
{
"title": "EQ1",
"trust": 0.1,
"url": "https://github.com/thepevertedspartan/eq1 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/badbug6/eqgrp "
},
{
"title": "EQGRP-nasa",
"trust": 0.1,
"url": "https://github.com/soldie/eqgrp-nasa "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/mofty/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/thetrentus/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/namangangwar/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/x0rz/eqgrp "
},
{
"title": "SB--.-HACK-the-EQGRP-1",
"trust": 0.1,
"url": "https://github.com/cipherreborn/sb--.-hack-the-eqgrp-1 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0201"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "http://www.securityfocus.com/bid/7294"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/267873"
},
{
"trust": 2.1,
"url": "http://www.digitaldefense.net/labs/advisories/ddi-1013.txt"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-280"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:044"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-137.html"
},
{
"trust": 1.8,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030403-01-p"
},
{
"trust": 1.8,
"url": "http://www.novell.com/linux/security/advisories/2003_025_samba.html"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000624"
},
{
"trust": 1.6,
"url": "http://lists.samba.org/pipermail/samba-announce/2003-april/000065.html"
},
{
"trust": 1.6,
"url": "http://lists.samba.org/pipermail/samba-announce/2003-march/000063.html"
},
{
"trust": 1.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0201"
},
{
"trust": 1.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0196"
},
{
"trust": 1.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0085"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/298233"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0008.html"
},
{
"trust": 1.6,
"url": "http://www.samba-tng.org/download/tng/announcement-0.3.2.txt"
},
{
"trust": 1.6,
"url": "http://www.samba-tng.org/"
},
{
"trust": 1.6,
"url": "http://www.samba.org/"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2163"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a567"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104972664226781\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104974612519064\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104994564212488\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104981682014565\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.samba.org/samba/whatsnew/samba-2.2.8.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/7106"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0201"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0201"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/7295"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104972664226781\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104994564212488\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104981682014565\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104974612519064\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:567"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2163"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://metasploit.com/projects/framework/exploits.html"
},
{
"trust": 0.3,
"url": "http://www.samba.org"
},
{
"trust": 0.3,
"url": "http://support.coresecurity.com/impact/exploits/e3a738fd21350fa2faa7e171b121f0d4.html"
},
{
"trust": 0.3,
"url": "http://www.samba-tng.org"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f53581"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f53924"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://seer.support.veritas.com/docs/256903.htm"
},
{
"trust": 0.3,
"url": "/archive/1/317758"
},
{
"trust": 0.3,
"url": "/archive/1/317985"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104974612519064\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104972664226781\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104981682014565\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104994564212488\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000624"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/kernelpan1k/trans2open-cve-2003-0201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/55/"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/exploit/solaris/samba/trans2open"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#298233"
},
{
"db": "VULHUB",
"id": "VHN-7030"
},
{
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"db": "BID",
"id": "7294"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-10T00:00:00",
"db": "CERT/CC",
"id": "VU#267873"
},
{
"date": "2003-04-10T00:00:00",
"db": "CERT/CC",
"id": "VU#267873"
},
{
"date": "2003-03-17T00:00:00",
"db": "CERT/CC",
"id": "VU#298233"
},
{
"date": "2003-05-05T00:00:00",
"db": "VULHUB",
"id": "VHN-7030"
},
{
"date": "2003-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"date": "2003-04-07T00:00:00",
"db": "BID",
"id": "7294"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"date": "2003-05-05T04:00:00",
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"date": "2003-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-07-10T00:00:00",
"db": "CERT/CC",
"id": "VU#267873"
},
{
"date": "2003-07-10T00:00:00",
"db": "CERT/CC",
"id": "VU#267873"
},
{
"date": "2003-05-15T00:00:00",
"db": "CERT/CC",
"id": "VU#298233"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-7030"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0201"
},
{
"date": "2009-07-11T21:06:00",
"db": "BID",
"id": "7294"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000113"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2003-0201"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samba contains multiple buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#267873"
},
{
"db": "CERT/CC",
"id": "VU#267873"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "7294"
},
{
"db": "CNNVD",
"id": "CNNVD-200305-012"
}
],
"trust": 0.9
}
}
VAR-200412-0085
Vulnerability from variot - Updated: 2023-12-18 11:50Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. Linux Kernel of NFS The server inode_change_ok() Due to incomplete file owner check in the function, NFS If you are exporting for client mounting, NFS Files that cannot be changed by the client GID There is a vulnerability that can be modified illegally.file of GID May be altered illegally. For the Linux kernel 2.4.X this issue is only exploitable when the kernel NFS server is active, for the 2.6.X kernel this issue is always exploitable. An attacker may reportedly be able to exploit this issue to gain superuser privileges. This issue was reported in version 2.6.6, but other versions, including 2.4.X, are also likely vulnerable. Red Hat Enterprise Linux includes the 2.4 kernel. -----BEGIN PGP SIGNED MESSAGE-----
SUSE Security Announcement
Package: kernel
Announcement-ID: SUSE-SA:2004:020
Date: Tuesday, Jul 2nd 2004 18:00 MEST
Affected products: 8.0, 8.1, 8.2, 9.0, 9.1
SUSE Linux Database Server,
SUSE eMail Server III, 3.1
SUSE Linux Enterprise Server 7, 8
SUSE Linux Firewall on CD/Admin host
SUSE Linux Connectivity Server
SUSE Linux Office Server
Vulnerability Type: local privilege escalation
Severity (1-10): 6
SUSE default package: yes
Cross References: CAN-2004-0495
CAN-2004-0496
CAN-2004-0497
CAN-2004-0535
CAN-2004-0626
Content of this advisory:
1) security vulnerability resolved:
- chown: users can change the group affiliation of arbitrary
files to the group they belong to
- missing DAC check in chown(2): local privilege escalation
- overflow with signals: local denial-of-service
- pss, mpu401 sound driver: read/write to complete memory
- airo driver: read/write to complete memory
- ALSA: copy_from_user/copy_to_user confused
- acpi_asus: read from random memory
- decnet: write to memory without checking
- e1000 driver: read complete memory
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds:
- icecast
- sitecopy
- cadaver
- OpenOffice_org
- tripwire
- postgresql*
- mod_proxy
- freeswan
- ipsec-tools
- less
- libpng
- pavuk
- XFree86*
- kdebase3
3) standard appendix (further information)
1) problem description, brief discussion, solution, upgrade information
Multiple security vulnerabilities are being addressed with this security
update of the Linux kernel.
Kernel memory access vulnerabilities are fixed in the e1000, decnet,
acpi_asus, alsa, airo/WLAN, pss and mpu401 drivers. These
vulnerabilities can lead to kernel memory read access, write access
and local denial of service conditions, resulting in access to the
root account for an attacker with a local account on the affected
system.
Missing Discretionary Access Control (DAC) checks in the chown(2) system
call allow an attacker with a local account to change the group
ownership of arbitrary files, which leads to root privileges on affected
systems. It is specific to kernel version 2.6 based systems such as
the SUSE Linux 9.1 product, that only local shell access is needed to
exploit this vulnerability. An interesting variant of the missing
checks is that the ownership of files in the /proc filesystem can be
altered, while the changed ownership still does not allow the files to
be accessed as a non-root user for to be able to exploit the
vulnerability. If the knfsd NFS
server is not activated (it is off by default), the vulnerability is
not exposed. These issues related to the chown(2) system call have been
discovered by Michael Schroeder and Ruediger Oertel, both SUSE LINUX.
The only network-related vulnerability fixed with the kernel updates
that are subject to this announcement affect the SUSE Linux 9.1
distribution only, as it is based on a 2.6 kernel. Found and reported
to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability
allows a remote attacker to send a specially crafted TCP packet to a
vulnerable system, causing that system to stall if it makes use of
TCP option matching netfilter rules.
In some rare configurations of the SUSE Linux 9.1 distribution, some
users have experienced stalling systems during system startup. These
problems are fixed with this kernel update.
SPECIAL INSTALL INSTRUCTIONS:
==============================
For the impatient: Run YOU (Yast2 Online Update, command
"yast2 online_update" as root) to install the updates (semi)
automatically, if you have a SUSE Linux 8.1 and newer system.
For those who wish to install their kernel updates manually and for
those who use a SUSE Linux 8.0 system:
The following paragraphs will guide you through the installation
process in a step-by-step fashion. The character sequence "****"
marks the beginning of a new paragraph. In some cases, the steps
outlined in a particular paragraph may or may not be applicable
to your situation.
Therefore, please make sure to read through all of the steps below
before attempting any of these procedures.
All of the commands that need to be executed are required to be
run as the superuser (root). Each step relies on the steps before
it to complete successfully.
**** Step 1: Determine the needed kernel type
Please use the following command to find the kernel type that is
installed on your system:
rpm -qf /boot/vmlinuz
Following are the possible kernel types (disregard the version and
build number following the name separated by the "-" character)
k_deflt # default kernel, good for most systems.
k_i386 # kernel for older processors and chipsets
k_athlon # kernel made specifically for AMD Athlon(tm) family processors
k_psmp # kernel for Pentium-I dual processor systems
k_smp # kernel for SMP systems (Pentium-II and above)
k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM
kernel-64k-pagesize
kernel-bigsmp
kernel-default
kernel-smp
**** Step 2: Download the package for your system
Please download the kernel RPM package for your distribution with the
name as indicated by Step 1. The list of all kernel rpm packages is
appended below. Note: The kernel-source package does not
contain a binary kernel in bootable form. Instead, it contains the
sources that the binary kernel rpm packages are created from. It can be
used by administrators who have decided to build their own kernel.
Since the kernel-source.rpm is an installable (compiled) package that
contains sources for the linux kernel, it is not the source RPM for
the kernel RPM binary packages.
The kernel RPM binary packages for the distributions can be found at the
locations below ftp://ftp.suse.com/pub/suse/i386/update/.
8.0/images/
8.1/rpm/i586
8.2/rpm/i586
9.0/rpm/i586
9.1/rpm/i586
After downloading the kernel RPM package for your system, you should
verify the authenticity of the kernel rpm package using the methods as
listed in section 3) of each SUSE Security Announcement.
**** Step 3: Installing your kernel rpm package
Install the rpm package that you have downloaded in Steps 3 or 4 with
the command
rpm -Uhv --nodeps --force <K_FILE.RPM>
where <K_FILE.RPM> is the name of the rpm package that you downloaded.
Warning: After performing this step, your system will likely not be
able to boot if the following steps have not been fully
followed.
If you run SUSE LINUX 8.1 and haven't applied the kernel update
(SUSE-SA:2003:034), AND you are using the freeswan package, you also
need to update the freeswan rpm as a dependency as offered
by YOU (YaST Online Update). The package can be downloaded from
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/
**** Step 4: configuring and creating the initrd
The initrd is a ramdisk that is loaded into the memory of your
system together with the kernel boot image by the bootloader. The
kernel uses the content of this ramdisk to execute commands that must
be run before the kernel can mount its actual root filesystem. It is
usually used to initialize SCSI drivers or NIC drivers for diskless
operation.
The variable INITRD_MODULES in /etc/sysconfig/kernel determines
which kernel modules will be loaded in the initrd before the kernel
has mounted its actual root filesystem. The variable should contain
your SCSI adapter (if any) or filesystem driver modules.
With the installation of the new kernel, the initrd has to be
re-packed with the update kernel modules. Please run the command
mk_initrd
as root to create a new init ramdisk (initrd) for your system.
On SuSE Linux 8.1 and later, this is done automatically when the
RPM is installed.
**** Step 5: bootloader
If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there
are two options:
Depending on your software configuration, you have either the lilo
bootloader or the grub bootloader installed and initialized on your
system.
The grub bootloader does not require any further actions to be
performed after the new kernel images have been moved in place by the
rpm Update command.
If you have a lilo bootloader installed and initialized, then the lilo
program must be run as root. Use the command
grep LOADER_TYPE /etc/sysconfig/bootloader
to find out which boot loader is configured. If it is lilo, then you
must run the lilo command as root. If grub is listed, then your system
does not require any bootloader initialization.
Warning: An improperly installed bootloader may render your system
unbootable.
**** Step 6: reboot
If all of the steps above have been successfully completed on your
system, then the new kernel including the kernel modules and the
initrd should be ready to boot. The system needs to be rebooted for
the changes to become active. Please make sure that all steps have
completed, then reboot using the command
shutdown -r now
or
init 6
Your system should now shut down and reboot with the new kernel.
There is no workaround known.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
x86 Platform:
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.95.i586.rpm
800418d3dddf6d3b83925f562842205a
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.95.i586.rpm
0cb990b159e10685bb29b76d312ddd25
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm
7446bb70f52bce57a914066be4ed8e45
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm
7446bb70f52bce57a914066be4ed8e45
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.95.i586.rpm
ede031495ee19d8b6eca1873e7155332
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm
620ef40226fec31a773397cf3051bf36
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm
9b61b5a70b304f5554cb18a6bae5b5fd
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.95.nosrc.rpm
227c85280ee17a66c8590fe1bb14c596
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm
895fee3033de0810ff1173ce8ee87936
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-231.i586.rpm
48be395b96329909486ae3a5152348fa
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-231.i586.rpm
4cd322b4f511d5fe4c483ed28a82097e
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-231.i586.rpm
262e33cebf1b0d35fb6d3235c9ab8815
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-231.i586.rpm
8d81370f90736b12aa71b9c744f6e0e2
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-231.i586.rpm
bc59c838c84ba318dc4d24da08a3022e
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-231.i586.rpm
f9586ba982e0398c3e48871955b661aa
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm
18673b0bf347fe9557d4e67ca02000c0
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-231.src.rpm
71496daac44196b0e0a3836ee6a3b4ed
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm
7c208e9e3f7be1a68c3c8457eb2cafc4
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-231.src.rpm
b77863c863aaf4b931bff263220e6ec9
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-231.src.rpm
bed7e964e22c5e5d2f5e7a5e3816dde4
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm
6b5137bf379fbfc861441151039575da
SUSE Linux 8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-115.i586.rpm
50d261b44616f9145a0dc16df501a504
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-115.i586.rpm
10095854c0bdae20991d90b822352e14
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-115.i586.rpm
a2ef7cfb0e62ad955dda2b0574eb3150
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-115.i586.rpm
1d2b0d0e2c7998685ed04c24e593b196
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-115.i586.rpm
d8bf98c46ba5313db286d5706f7fb3b8
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-115.src.rpm
e13a7b4c2b185cfeb991c31607f79ccb
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-115.src.rpm
0e2f2cf20e7d7a20f3e50b245105df61
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-115.src.rpm
6cfac2914d3827ec562ff9d6be29c566
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-115.src.rpm
afd29843aa69d805ef5f25d39ecd0e7f
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-115.src.rpm
098a1400a48404931acb8b3eb2e821fb
SUSE Linux 8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-231.i586.rpm
3bdaa593d09a7cbff632a2c4446d5603
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-231.i586.rpm
ba60d0b2b6d3bc9c38b4e8b3859e1586
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-231.i586.rpm
ffa8983669004826a0cbedbe34dced76
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-231.i586.rpm
25174fd007f5a39ee0342dd6f18f2eaa
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-231.i586.rpm
10837fa561cd5104e55d48e46c837764
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-231.src.rpm
c37e8b87819602e77b14206affef00fa
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-231.src.rpm
7be68a677db5a65be1a46ec194b35497
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-231.src.rpm
8e4b7d5a6bb81da5a00971cdcc4ec641
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-231.src.rpm
d8ba1db81a9b517f867c970e4fc443a7
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-231.src.rpm
96a0a9242d066083c7bff8e0f70b7bbe
SUSE Linux 8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-303.i386.rpm
ec1e53b3812c0c0bd3681435d69fb134
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-303.i386.rpm
583164e52019ae090fd47e425c2a933e
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-303.i386.rpm
9ac8983abef05697d75f3117e37e5f18
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-303.i386.rpm
4932c4d6a42fc9be02013f398ab5bb96
ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-303.i386.rpm
b9de0731f9bbc4b016455a6d52cd8296
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-303.src.rpm
a73bacad80432c26e856c41338b154bd
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-303.src.rpm
782902cd14e7776db66bd61a12beee03
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-303.src.rpm
d71fa5cda488ae18f8d023cd8f28bb73
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-303.src.rpm
a360a9e6ed2db54f69e17db36f02614f
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-303.nosrc.rpm
8017fd6ff8a6fc1a0660ab35ad174388
x86-64 Platform:
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.95.x86_64.rpm
e2c53fd24991f739fd754c07f7aa8293
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.95.x86_64.rpm
f4a69622b7628cdd662a4e39aa59b60e
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.95.x86_64.rpm
e71adfb1fc662600eb11d3acf67c3dc3
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm
f6a364879d1f2ae2cf854810d61be3ac
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm
a0096d1fc067d89c9200ea3904713d59
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm
bf6d0439cfc37b50b4f6822c3403a74f
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-231.x86_64.rpm
17e008a737e5e95e71335e34fa7f86cf
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-231.x86_64.rpm
ca742b550b1a503595b02cbfc9e0e481
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-231.x86_64.rpm
8e0c16c42d1a89aa6a09be1dd575de47
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm
58b1bf42b5661119d06a04888144707a
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm
5103001136e39fca5a59f4cbde82822b
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm
231c9e5e00f17df8cfd72d6c8a68d9cf
2) Pending vulnerabilities in SUSE Distributions and Workarounds:
- icecast
The icecast service is vulnerable to a remote denial-of-service
attack. Update packages will be available soon.
- sitecopy
The sitecopy package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- cadaver
The cadaver package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- OpenOffice_org
The OpenOffice_org package includes a vulnerable version
of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages
will be available soon.
- tripwire
A format string bug in tripwire can be exploited locally
to gain root permissions.
New packages are available.
- postgresql
A buffer overflow in psqlODBC could be exploited to crash the
application using it. E.g. a PHP script that uses ODBC to access a
PostgreSQL database can be utilized to crash the surrounding Apache
web-server. Other parts of PostgreSQL are not affected.
New packages are available.
- XDM/XFree86
This update resolves random listening to ports by XDM
that allows to connect via the XDMCP. SUSE LINUX 9.1
is affected only.
New packages are available.
- mod_proxy
A buffer overflow can be triggered by malicious remote
servers that return a negative Content-Length value.
This vulnerability can be used to execute commands remotely
New packages are available.
- freeswan
A bug in the certificate chain authentication code could allow an
attacker to authenticate any host against a FreeS/WAN server by
presenting specially crafted certificates wrapped in a PKCS#7 file.
The packages are currently being tested and will be available soon.
- ipsec-tools
The racoon daemon which is responsible for handling IKE messages
fails to reject invalid or self-signed X.509 certificates which
allows for man-in-the-middle attacks on IPsec tunnels established
via racoon.
The packages are currently being tested and will be available soon.
- less
This update fixes a possible symlink attack in lessopen.sh. The
attack can be executed by local users to overwrite arbitrary files
with the privileges of the user running less.
New packages are available.
- libpng
This update adds a missing fix for CAN-2002-1363.
New packages are available.
- pavuk
This update fixes a remotely exploitable buffer overflow in pavuk.
Thanks to Ulf Harnhammar for reporting this to us.
New packages are available.
- kdebase3
This update fixes a possible attack on tmp files created at the
first login of a user using KDE or at the first time running a
KDE application. This bug can be exploited locally to overwrite
arbitrary files with the privilege of the victim user.
Just affects SUSE LINUX 9.1
New packages are available.
3) standard appendix: authenticity verification, additional information
-
Package authenticity verification:
SUSE update packages are available on many mirror ftp servers around the world. While this service is considered valuable and important to the free and open source software community, many users wish to be certain as to be the origin of the package and its content before installing the package. There are two independent verification methods that can be used to prove the authenticity of a downloaded file or rpm package: 1) md5sums as provided in the (cryptographically signed) announcement. 2) using the internal gpg signatures of the rpm package.
1) execute the command md5sum after you have downloaded the file from a SUSE ftp server or its mirrors. Then, compare the resulting md5sum with the one that is listed in the announcement. Since the announcement containing the checksums is cryptographically signed (usually using the key security@suse.de), the checksums offer proof of the authenticity of the package. We recommend against subscribing to security lists which cause the email message containing the announcement to be modified so that the signature does not match after transport through the mailing list software. Downsides: You must be able to verify the authenticity of the announcement in the first place. If RPM packages are being rebuilt and a new version of a package is published on the ftp server, all md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity of an rpm package. Use the command rpm -v --checksig to verify the signature of the package, where is the filename of the rpm package that you have downloaded. Of course, package authenticity verification can only target an un-installed rpm package file. Prerequisites: a) gpg is installed b) The package is signed using a certain key. The public part of this key must be installed by the gpg program in the directory ~/.gnupg/ under the user's home directory who performs the signature verification (usually root). You can import the key that is used by SUSE in rpm packages for SUSE Linux by saving this announcement to a file ("announcement.txt") and running the command (do "su -" to be root): gpg --batch; gpg < announcement.txt | gpg --import SUSE Linux distributions version 7.1 and thereafter install the key "build@suse.de" upon installation or upgrade, provided that the package gpg is installed. The file containing the public key is placed at the top-level directory of the first CD (pubring.gpg) and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
-
SUSE runs two security mailing lists to which any interested party may subscribe:
suse-security@suse.com - general/linux/SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an email to suse-security-subscribe@suse.com.
suse-security-announce@suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an email to suse-security-announce-subscribe@suse.com.
For general information or the frequently asked questions (faq) send mail to: suse-security-info@suse.com or suse-security-faq@suse.com respectively.
===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, it is desired that the clear-text signature must show proof of the authenticity of the text. SUSE Linux AG makes no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK-----
- - | Roman Drahtm\xfcller draht@suse.de // "You don't need eyes to see, | SUSE Linux AG - Security Phone: // you need vision!" | N\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy Bi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt OsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD jwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA iud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT WntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ== =24bz -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0085",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secure linux",
"scope": "eq",
"trust": 1.9,
"vendor": "trustix",
"version": "2.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.9,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.6,
"vendor": "trustix",
"version": "2"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "9.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "10"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.0"
},
{
"model": "mandrake multi network firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "9.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "fedora core2",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
}
],
"sources": [
{
"db": "BID",
"id": "10662"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000261"
},
{
"db": "NVD",
"id": "CVE-2004-0497"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:trustix:secure_linux:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0497"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Schroeder\nRuediger Oertel",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0497",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2004-0497",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-8927",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0497",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-013",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-8927",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8927"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000261"
},
{
"db": "NVD",
"id": "CVE-2004-0497"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. Linux Kernel of NFS The server inode_change_ok() Due to incomplete file owner check in the function, NFS If you are exporting for client mounting, NFS Files that cannot be changed by the client GID There is a vulnerability that can be modified illegally.file of GID May be altered illegally. For the Linux kernel 2.4.X this issue is only exploitable when the kernel NFS server is active, for the 2.6.X kernel this issue is always exploitable. \nAn attacker may reportedly be able to exploit this issue to gain superuser privileges. \nThis issue was reported in version 2.6.6, but other versions, including 2.4.X, are also likely vulnerable. Red Hat Enterprise Linux includes the 2.4 kernel. -----BEGIN PGP SIGNED MESSAGE-----\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: kernel\n Announcement-ID: SUSE-SA:2004:020\n Date: Tuesday, Jul 2nd 2004 18:00 MEST\n Affected products: 8.0, 8.1, 8.2, 9.0, 9.1\n SUSE Linux Database Server,\n SUSE eMail Server III, 3.1\n SUSE Linux Enterprise Server 7, 8\n SUSE Linux Firewall on CD/Admin host\n SUSE Linux Connectivity Server\n SUSE Linux Office Server\n Vulnerability Type: local privilege escalation\n Severity (1-10): 6\n SUSE default package: yes\n Cross References:\tCAN-2004-0495\n\t\t\t\tCAN-2004-0496\n\t\t\t\tCAN-2004-0497\n\t\t\t\tCAN-2004-0535\n\t\t\t\tCAN-2004-0626\n\n\n Content of this advisory:\n 1) security vulnerability resolved:\n\t\t- chown: users can change the group affiliation of arbitrary\n\t\t files to the group they belong to\n\t\t- missing DAC check in chown(2): local privilege escalation\n\t - overflow with signals: local denial-of-service\n \t- pss, mpu401 sound driver: read/write to complete memory\n\t - airo driver: read/write to complete memory\n \t- ALSA: copy_from_user/copy_to_user confused\n \t- acpi_asus: read from random memory\n \t- decnet: write to memory without checking\n \t- e1000 driver: read complete memory\n problem description, discussion, solution and upgrade information\n 2) pending vulnerabilities, solutions, workarounds:\n\t\t- icecast\n - sitecopy\n - cadaver\n - OpenOffice_org\n - tripwire\n - postgresql*\n - mod_proxy\n\t\t- freeswan\n\t\t- ipsec-tools\n\t\t- less\n\t\t- libpng\n\t\t- pavuk\n\t\t- XFree86*\n\t\t- kdebase3\n 3) standard appendix (further information)\n\n______________________________________________________________________________\n\n1) problem description, brief discussion, solution, upgrade information\n\n Multiple security vulnerabilities are being addressed with this security\n update of the Linux kernel. \n\n Kernel memory access vulnerabilities are fixed in the e1000, decnet, \n acpi_asus, alsa, airo/WLAN, pss and mpu401 drivers. These \n vulnerabilities can lead to kernel memory read access, write access \n and local denial of service conditions, resulting in access to the \n root account for an attacker with a local account on the affected \n system. \n\n Missing Discretionary Access Control (DAC) checks in the chown(2) system\n call allow an attacker with a local account to change the group\n ownership of arbitrary files, which leads to root privileges on affected\n systems. It is specific to kernel version 2.6 based systems such as \n the SUSE Linux 9.1 product, that only local shell access is needed to \n exploit this vulnerability. An interesting variant of the missing \n checks is that the ownership of files in the /proc filesystem can be \n altered, while the changed ownership still does not allow the files to \n be accessed as a non-root user for to be able to exploit the \n vulnerability. If the knfsd NFS \n server is not activated (it is off by default), the vulnerability is \n not exposed. These issues related to the chown(2) system call have been \n discovered by Michael Schroeder and Ruediger Oertel, both SUSE LINUX. \n\n The only network-related vulnerability fixed with the kernel updates\n that are subject to this announcement affect the SUSE Linux 9.1 \n distribution only, as it is based on a 2.6 kernel. Found and reported \n to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability \n allows a remote attacker to send a specially crafted TCP packet to a \n vulnerable system, causing that system to stall if it makes use of \n TCP option matching netfilter rules. \n\n In some rare configurations of the SUSE Linux 9.1 distribution, some \n users have experienced stalling systems during system startup. These \n problems are fixed with this kernel update. \n\n\n\n SPECIAL INSTALL INSTRUCTIONS:\n ==============================\n For the impatient: Run YOU (Yast2 Online Update, command \n \"yast2 online_update\" as root) to install the updates (semi) \n automatically, if you have a SUSE Linux 8.1 and newer system. \n\n For those who wish to install their kernel updates manually and for \n those who use a SUSE Linux 8.0 system:\n\n The following paragraphs will guide you through the installation\n process in a step-by-step fashion. The character sequence \"****\"\n marks the beginning of a new paragraph. In some cases, the steps\n outlined in a particular paragraph may or may not be applicable\n to your situation. \n Therefore, please make sure to read through all of the steps below\n before attempting any of these procedures. \n All of the commands that need to be executed are required to be\n run as the superuser (root). Each step relies on the steps before\n it to complete successfully. \n\n\n **** Step 1: Determine the needed kernel type\n\n Please use the following command to find the kernel type that is\n installed on your system:\n\n rpm -qf /boot/vmlinuz\n\n Following are the possible kernel types (disregard the version and\n build number following the name separated by the \"-\" character)\n\n k_deflt # default kernel, good for most systems. \n k_i386 # kernel for older processors and chipsets\n k_athlon # kernel made specifically for AMD Athlon(tm) family processors\n k_psmp # kernel for Pentium-I dual processor systems\n k_smp # kernel for SMP systems (Pentium-II and above)\n k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM\n kernel-64k-pagesize\n kernel-bigsmp\n kernel-default\n kernel-smp\n\n **** Step 2: Download the package for your system\n\n Please download the kernel RPM package for your distribution with the\n name as indicated by Step 1. The list of all kernel rpm packages is\n appended below. Note: The kernel-source package does not\n contain a binary kernel in bootable form. Instead, it contains the\n sources that the binary kernel rpm packages are created from. It can be\n used by administrators who have decided to build their own kernel. \n Since the kernel-source.rpm is an installable (compiled) package that\n contains sources for the linux kernel, it is not the source RPM for\n the kernel RPM binary packages. \n\n The kernel RPM binary packages for the distributions can be found at the\n locations below ftp://ftp.suse.com/pub/suse/i386/update/. \n\n 8.0/images/\n 8.1/rpm/i586\n 8.2/rpm/i586\n 9.0/rpm/i586\n 9.1/rpm/i586\n\n After downloading the kernel RPM package for your system, you should\n verify the authenticity of the kernel rpm package using the methods as\n listed in section 3) of each SUSE Security Announcement. \n\n\n **** Step 3: Installing your kernel rpm package\n\n Install the rpm package that you have downloaded in Steps 3 or 4 with\n the command\n rpm -Uhv --nodeps --force \u003cK_FILE.RPM\u003e\n where \u003cK_FILE.RPM\u003e is the name of the rpm package that you downloaded. \n\n Warning: After performing this step, your system will likely not be\n able to boot if the following steps have not been fully\n followed. \n\n\n If you run SUSE LINUX 8.1 and haven\u0027t applied the kernel update\n (SUSE-SA:2003:034), AND you are using the freeswan package, you also\n need to update the freeswan rpm as a dependency as offered\n by YOU (YaST Online Update). The package can be downloaded from\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/\n\n **** Step 4: configuring and creating the initrd\n\n The initrd is a ramdisk that is loaded into the memory of your\n system together with the kernel boot image by the bootloader. The\n kernel uses the content of this ramdisk to execute commands that must\n be run before the kernel can mount its actual root filesystem. It is\n usually used to initialize SCSI drivers or NIC drivers for diskless\n operation. \n\n The variable INITRD_MODULES in /etc/sysconfig/kernel determines\n which kernel modules will be loaded in the initrd before the kernel\n has mounted its actual root filesystem. The variable should contain\n your SCSI adapter (if any) or filesystem driver modules. \n\n With the installation of the new kernel, the initrd has to be\n re-packed with the update kernel modules. Please run the command\n\n mk_initrd\n\n as root to create a new init ramdisk (initrd) for your system. \n On SuSE Linux 8.1 and later, this is done automatically when the\n RPM is installed. \n\n\n **** Step 5: bootloader\n\n If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there\n are two options:\n Depending on your software configuration, you have either the lilo\n bootloader or the grub bootloader installed and initialized on your\n system. \n The grub bootloader does not require any further actions to be\n performed after the new kernel images have been moved in place by the\n rpm Update command. \n If you have a lilo bootloader installed and initialized, then the lilo\n program must be run as root. Use the command\n\n grep LOADER_TYPE /etc/sysconfig/bootloader\n\n to find out which boot loader is configured. If it is lilo, then you\n must run the lilo command as root. If grub is listed, then your system\n does not require any bootloader initialization. \n\n Warning: An improperly installed bootloader may render your system\n unbootable. \n\n **** Step 6: reboot\n\n If all of the steps above have been successfully completed on your\n system, then the new kernel including the kernel modules and the\n initrd should be ready to boot. The system needs to be rebooted for\n the changes to become active. Please make sure that all steps have\n completed, then reboot using the command\n shutdown -r now\n or\n init 6\n\n Your system should now shut down and reboot with the new kernel. \n\n\n There is no workaround known. \n\n\n Please download the update package for your distribution and verify its\n integrity by the methods listed in section 3) of this announcement. \n Then, install the package using the command \"rpm -Fhv file.rpm\" to apply\n the update. \n Our maintenance customers are being notified individually. The packages\n are being offered to install from the maintenance web. \n\n\n\n\n\n x86 Platform:\n\n SUSE Linux 9.1:\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.95.i586.rpm\n 800418d3dddf6d3b83925f562842205a\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.95.i586.rpm\n 0cb990b159e10685bb29b76d312ddd25\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm\n 7446bb70f52bce57a914066be4ed8e45\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm\n 7446bb70f52bce57a914066be4ed8e45\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.95.i586.rpm\n ede031495ee19d8b6eca1873e7155332\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm\n 620ef40226fec31a773397cf3051bf36\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm\n 9b61b5a70b304f5554cb18a6bae5b5fd\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.95.nosrc.rpm\n 227c85280ee17a66c8590fe1bb14c596\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm\n 895fee3033de0810ff1173ce8ee87936\n\n SUSE Linux 9.0:\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-231.i586.rpm\n 48be395b96329909486ae3a5152348fa\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-231.i586.rpm\n 4cd322b4f511d5fe4c483ed28a82097e\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-231.i586.rpm\n 262e33cebf1b0d35fb6d3235c9ab8815\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-231.i586.rpm\n 8d81370f90736b12aa71b9c744f6e0e2\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-231.i586.rpm\n bc59c838c84ba318dc4d24da08a3022e\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-231.i586.rpm\n f9586ba982e0398c3e48871955b661aa\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm\n 18673b0bf347fe9557d4e67ca02000c0\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-231.src.rpm\n 71496daac44196b0e0a3836ee6a3b4ed\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm\n 7c208e9e3f7be1a68c3c8457eb2cafc4\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-231.src.rpm\n b77863c863aaf4b931bff263220e6ec9\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-231.src.rpm\n bed7e964e22c5e5d2f5e7a5e3816dde4\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm\n 6b5137bf379fbfc861441151039575da\n\n SUSE Linux 8.2:\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-115.i586.rpm\n 50d261b44616f9145a0dc16df501a504\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-115.i586.rpm\n 10095854c0bdae20991d90b822352e14\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-115.i586.rpm\n a2ef7cfb0e62ad955dda2b0574eb3150\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-115.i586.rpm\n 1d2b0d0e2c7998685ed04c24e593b196\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-115.i586.rpm\n d8bf98c46ba5313db286d5706f7fb3b8\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-115.src.rpm\n e13a7b4c2b185cfeb991c31607f79ccb\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-115.src.rpm\n 0e2f2cf20e7d7a20f3e50b245105df61\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-115.src.rpm\n 6cfac2914d3827ec562ff9d6be29c566\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-115.src.rpm\n afd29843aa69d805ef5f25d39ecd0e7f\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-115.src.rpm\n 098a1400a48404931acb8b3eb2e821fb\n\n SUSE Linux 8.1:\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-231.i586.rpm\n 3bdaa593d09a7cbff632a2c4446d5603\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-231.i586.rpm\n ba60d0b2b6d3bc9c38b4e8b3859e1586\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-231.i586.rpm\n ffa8983669004826a0cbedbe34dced76\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-231.i586.rpm\n 25174fd007f5a39ee0342dd6f18f2eaa\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-231.i586.rpm\n 10837fa561cd5104e55d48e46c837764\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-231.src.rpm\n c37e8b87819602e77b14206affef00fa\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-231.src.rpm\n 7be68a677db5a65be1a46ec194b35497\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-231.src.rpm\n 8e4b7d5a6bb81da5a00971cdcc4ec641\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-231.src.rpm\n d8ba1db81a9b517f867c970e4fc443a7\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-231.src.rpm\n 96a0a9242d066083c7bff8e0f70b7bbe\n\n SUSE Linux 8.0:\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-303.i386.rpm\n ec1e53b3812c0c0bd3681435d69fb134\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-303.i386.rpm\n 583164e52019ae090fd47e425c2a933e\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-303.i386.rpm\n 9ac8983abef05697d75f3117e37e5f18\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-303.i386.rpm\n 4932c4d6a42fc9be02013f398ab5bb96\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-303.i386.rpm\n b9de0731f9bbc4b016455a6d52cd8296\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-303.src.rpm\n a73bacad80432c26e856c41338b154bd\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-303.src.rpm\n 782902cd14e7776db66bd61a12beee03\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-303.src.rpm\n d71fa5cda488ae18f8d023cd8f28bb73\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-303.src.rpm\n a360a9e6ed2db54f69e17db36f02614f\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-303.nosrc.rpm\n 8017fd6ff8a6fc1a0660ab35ad174388\n\n\n\n x86-64 Platform:\n\n SUSE Linux 9.1:\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.95.x86_64.rpm\n e2c53fd24991f739fd754c07f7aa8293\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.95.x86_64.rpm\n f4a69622b7628cdd662a4e39aa59b60e\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.95.x86_64.rpm\n e71adfb1fc662600eb11d3acf67c3dc3\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm\n f6a364879d1f2ae2cf854810d61be3ac\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm\n a0096d1fc067d89c9200ea3904713d59\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm\n bf6d0439cfc37b50b4f6822c3403a74f\n\n SUSE Linux 9.0:\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-231.x86_64.rpm\n 17e008a737e5e95e71335e34fa7f86cf\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-231.x86_64.rpm\n ca742b550b1a503595b02cbfc9e0e481\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-231.x86_64.rpm\n 8e0c16c42d1a89aa6a09be1dd575de47\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm\n 58b1bf42b5661119d06a04888144707a\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm\n 5103001136e39fca5a59f4cbde82822b\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm\n 231c9e5e00f17df8cfd72d6c8a68d9cf\n\n\n______________________________________________________________________________\n\n2) Pending vulnerabilities in SUSE Distributions and Workarounds:\n\n - icecast\n The icecast service is vulnerable to a remote denial-of-service\n attack. Update packages will be available soon. \n\n - sitecopy\n The sitecopy package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - cadaver\n The cadaver package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - OpenOffice_org\n The OpenOffice_org package includes a vulnerable version\n of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages\n will be available soon. \n\n - tripwire\n A format string bug in tripwire can be exploited locally\n to gain root permissions. \n New packages are available. \n\n - postgresql\n A buffer overflow in psqlODBC could be exploited to crash the\n application using it. E.g. a PHP script that uses ODBC to access a\n PostgreSQL database can be utilized to crash the surrounding Apache\n web-server. Other parts of PostgreSQL are not affected. \n New packages are available. \n\n - XDM/XFree86\n This update resolves random listening to ports by XDM\n that allows to connect via the XDMCP. SUSE LINUX 9.1\n is affected only. \n New packages are available. \n\n - mod_proxy\n A buffer overflow can be triggered by malicious remote\n servers that return a negative Content-Length value. \n This vulnerability can be used to execute commands remotely\n New packages are available. \n\n - freeswan\n A bug in the certificate chain authentication code could allow an\n attacker to authenticate any host against a FreeS/WAN server by\n presenting specially crafted certificates wrapped in a PKCS#7 file. \n The packages are currently being tested and will be available soon. \n\n - ipsec-tools\n The racoon daemon which is responsible for handling IKE messages\n fails to reject invalid or self-signed X.509 certificates which\n allows for man-in-the-middle attacks on IPsec tunnels established\n via racoon. \n The packages are currently being tested and will be available soon. \n\n - less\n This update fixes a possible symlink attack in lessopen.sh. The\n attack can be executed by local users to overwrite arbitrary files\n with the privileges of the user running less. \n New packages are available. \n\n - libpng\n This update adds a missing fix for CAN-2002-1363. \n New packages are available. \n\n - pavuk\n This update fixes a remotely exploitable buffer overflow in pavuk. \n Thanks to Ulf Harnhammar for reporting this to us. \n New packages are available. \n\n - kdebase3\n This update fixes a possible attack on tmp files created at the\n first login of a user using KDE or at the first time running a\n KDE application. This bug can be exploited locally to overwrite\n arbitrary files with the privilege of the victim user. \n Just affects SUSE LINUX 9.1\n New packages are available. \n\n______________________________________________________________________________\n\n3) standard appendix: authenticity verification, additional information\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror ftp servers around\n the world. While this service is considered valuable and important\n to the free and open source software community, many users wish to be\n certain as to be the origin of the package and its content before\n installing the package. There are two independent verification methods\n that can be used to prove the authenticity of a downloaded file or\n rpm package:\n 1) md5sums as provided in the (cryptographically signed) announcement. \n 2) using the internal gpg signatures of the rpm package. \n\n 1) execute the command\n md5sum \u003cname-of-the-file.rpm\u003e\n after you have downloaded the file from a SUSE ftp server or its\n mirrors. Then, compare the resulting md5sum with the one that is\n listed in the announcement. Since the announcement containing the\n checksums is cryptographically signed (usually using the key\n security@suse.de), the checksums offer proof of the authenticity\n of the package. \n We recommend against subscribing to security lists which cause the\n email message containing the announcement to be modified so that\n the signature does not match after transport through the mailing\n list software. \n Downsides: You must be able to verify the authenticity of the\n announcement in the first place. If RPM packages are being rebuilt\n and a new version of a package is published on the ftp server, all\n md5 sums for the files are useless. \n\n 2) rpm package signatures provide an easy way to verify the authenticity\n of an rpm package. Use the command\n rpm -v --checksig \u003cfile.rpm\u003e\n to verify the signature of the package, where \u003cfile.rpm\u003e is the\n filename of the rpm package that you have downloaded. Of course,\n package authenticity verification can only target an un-installed rpm\n package file. \n Prerequisites:\n a) gpg is installed\n b) The package is signed using a certain key. The public part of this\n key must be installed by the gpg program in the directory\n ~/.gnupg/ under the user\u0027s home directory who performs the\n signature verification (usually root). You can import the key\n that is used by SUSE in rpm packages for SUSE Linux by saving\n this announcement to a file (\"announcement.txt\") and\n running the command (do \"su -\" to be root):\n gpg --batch; gpg \u003c announcement.txt | gpg --import\n SUSE Linux distributions version 7.1 and thereafter install the\n key \"build@suse.de\" upon installation or upgrade, provided that\n the package gpg is installed. The file containing the public key\n is placed at the top-level directory of the first CD (pubring.gpg)\n and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de . \n\n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n suse-security@suse.com\n - general/linux/SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-subscribe@suse.com\u003e. \n\n suse-security-announce@suse.com\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-announce-subscribe@suse.com\u003e. \n\n For general information or the frequently asked questions (faq)\n send mail to:\n \u003csuse-security-info@suse.com\u003e or\n \u003csuse-security-faq@suse.com\u003e respectively. \n\n =====================================================================\n SUSE\u0027s security contact is \u003csecurity@suse.com\u003e or \u003csecurity@suse.de\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular,\n it is desired that the clear-text signature must show proof of the\n authenticity of the text. \n SUSE Linux AG makes no warranties of any kind whatsoever with respect\n to the information contained in this security advisory. \n\nType Bits/KeyID Date User ID\npub 2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n#####-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.0.6 (GNU/Linux)\nComment: For info see http://www.gnupg.org\n\nmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff\n4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d\nM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO\nQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK\nXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE\nD3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd\nG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM\nCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE\nmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr\nYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD\nwmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d\nNfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe\nQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe\nLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t\nXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU\nD9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3\n0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot\n1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW\ncRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E\nExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f\nAJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E\nOe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/\nHZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h\nt5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT\ntGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM\n523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q\n2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8\nQnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw\nJxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ\n1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH\nORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1\nwwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY\nEQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol\n0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK\nCRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co\nSPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo\nomuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt\nA46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J\n/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE\nGrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf\nebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT\nZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8\nRQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ\n8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb\nB6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X\n11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA\n8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj\nqY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p\nWH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL\nhn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG\nBafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+\nAvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi\nRZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0\nzinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM\n/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7\nwhaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl\nD+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz\ndbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI\nRgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI\nDgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=\n=LRKC\n- -----END PGP PUBLIC KEY BLOCK-----\n\n- -- \n - -\n| Roman Drahtm\\xfcller \u003cdraht@suse.de\u003e // \"You don\u0027t need eyes to see, |\n SUSE Linux AG - Security Phone: // you need vision!\"\n| N\\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |\n - -\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.0.7 (GNU/Linux)\n\niQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy\nBi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt\nOsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD\njwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA\niud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT\nWntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ==\n=24bz\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0497"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000261"
},
{
"db": "BID",
"id": "10662"
},
{
"db": "VULHUB",
"id": "VHN-8927"
},
{
"db": "PACKETSTORM",
"id": "33705"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-8927",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8927"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0497",
"trust": 2.9
},
{
"db": "BID",
"id": "10662",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000261",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200412-013",
"trust": 0.7
},
{
"db": "SUSE",
"id": "SUSE-SA:2004:020",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2004:354",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2004:360",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2004:852",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2004:066",
"trust": 0.6
},
{
"db": "XF",
"id": "16599",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:9867",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "718",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "35495",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-8927",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33705",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8927"
},
{
"db": "BID",
"id": "10662"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000261"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0497"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
]
},
"id": "VAR-200412-0085",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8927"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:50:50.358000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "kernel_30",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/kernel_30.html"
},
{
"title": "kernel_se20",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/kernel_se20.html"
},
{
"title": "RHSA-2004:360",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-360.html"
},
{
"title": "RHSA-2004:354",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-354.html"
},
{
"title": "RHSA-2004:327",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-327.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/"
},
{
"title": "RHSA-2004:327",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-327j.html"
},
{
"title": "RHSA-2004:360",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-360j.html"
},
{
"title": "RHSA-2004:354",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-354j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000261"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0497"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2004:066"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2004-354.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2004-360.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
},
{
"trust": 1.6,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9867"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16599"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0497"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0497"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/10662"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16599"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:9867"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-327.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-360.html"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000852"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0535"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0497"
},
{
"trust": 0.1,
"url": "http://www.gnupg.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0495"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0496"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8927"
},
{
"db": "BID",
"id": "10662"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000261"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0497"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-8927"
},
{
"db": "BID",
"id": "10662"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000261"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0497"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-8927"
},
{
"date": "2004-07-05T00:00:00",
"db": "BID",
"id": "10662"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000261"
},
{
"date": "2004-07-02T12:32:00",
"db": "PACKETSTORM",
"id": "33705"
},
{
"date": "2004-12-06T05:00:00",
"db": "NVD",
"id": "CVE-2004-0497"
},
{
"date": "2004-07-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-8927"
},
{
"date": "2009-07-12T06:16:00",
"db": "BID",
"id": "10662"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000261"
},
{
"date": "2017-10-11T01:29:26.777000",
"db": "NVD",
"id": "CVE-2004-0497"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel of NFS On the server GID Vulnerabilities that can be tampered with",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000261"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-013"
}
],
"trust": 0.6
}
}
VAR-200408-0118
Vulnerability from variot - Updated: 2023-12-18 11:40Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. The Linux kernel is reported prone to multiple device-driver issues. These issues were found during a recent audit of the Linux kernel source. Local attackers can exploit these vulnerabilities to elevate privileges or conduct denial-of-service attacks on the system. The affected device drivers are: aironet, asus_acpi, decnet, mpu401, msnd, and pss. -----BEGIN PGP SIGNED MESSAGE-----
SUSE Security Announcement
Package: kernel
Announcement-ID: SUSE-SA:2004:020
Date: Tuesday, Jul 2nd 2004 18:00 MEST
Affected products: 8.0, 8.1, 8.2, 9.0, 9.1
SUSE Linux Database Server,
SUSE eMail Server III, 3.1
SUSE Linux Enterprise Server 7, 8
SUSE Linux Firewall on CD/Admin host
SUSE Linux Connectivity Server
SUSE Linux Office Server
Vulnerability Type: local privilege escalation
Severity (1-10): 6
SUSE default package: yes
Cross References: CAN-2004-0495
CAN-2004-0496
CAN-2004-0497
CAN-2004-0535
CAN-2004-0626
Content of this advisory:
1) security vulnerability resolved:
- chown: users can change the group affiliation of arbitrary
files to the group they belong to
- missing DAC check in chown(2): local privilege escalation
- overflow with signals: local denial-of-service
- pss, mpu401 sound driver: read/write to complete memory
- airo driver: read/write to complete memory
- ALSA: copy_from_user/copy_to_user confused
- acpi_asus: read from random memory
- decnet: write to memory without checking
- e1000 driver: read complete memory
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds:
- icecast
- sitecopy
- cadaver
- OpenOffice_org
- tripwire
- postgresql*
- mod_proxy
- freeswan
- ipsec-tools
- less
- libpng
- pavuk
- XFree86*
- kdebase3
3) standard appendix (further information)
1) problem description, brief discussion, solution, upgrade information
Multiple security vulnerabilities are being addressed with this security
update of the Linux kernel.
Kernel memory access vulnerabilities are fixed in the e1000, decnet,
acpi_asus, alsa, airo/WLAN, pss and mpu401 drivers. These
vulnerabilities can lead to kernel memory read access, write access
and local denial of service conditions, resulting in access to the
root account for an attacker with a local account on the affected
system.
Missing Discretionary Access Control (DAC) checks in the chown(2) system
call allow an attacker with a local account to change the group
ownership of arbitrary files, which leads to root privileges on affected
systems. An interesting variant of the missing
checks is that the ownership of files in the /proc filesystem can be
altered, while the changed ownership still does not allow the files to
be accessed as a non-root user for to be able to exploit the
vulnerability. Systems that are based on a version 2.4 kernel are not
vulnerable to the /proc weakness, and exploitation of the weakness
requires the use of the kernel NFS server (knfsd). If the knfsd NFS
server is not activated (it is off by default), the vulnerability is
not exposed.
The only network-related vulnerability fixed with the kernel updates
that are subject to this announcement affect the SUSE Linux 9.1
distribution only, as it is based on a 2.6 kernel. Found and reported
to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability
allows a remote attacker to send a specially crafted TCP packet to a
vulnerable system, causing that system to stall if it makes use of
TCP option matching netfilter rules.
In some rare configurations of the SUSE Linux 9.1 distribution, some
users have experienced stalling systems during system startup. These
problems are fixed with this kernel update.
SPECIAL INSTALL INSTRUCTIONS:
==============================
For the impatient: Run YOU (Yast2 Online Update, command
"yast2 online_update" as root) to install the updates (semi)
automatically, if you have a SUSE Linux 8.1 and newer system.
For those who wish to install their kernel updates manually and for
those who use a SUSE Linux 8.0 system:
The following paragraphs will guide you through the installation
process in a step-by-step fashion. The character sequence "****"
marks the beginning of a new paragraph. In some cases, the steps
outlined in a particular paragraph may or may not be applicable
to your situation.
Therefore, please make sure to read through all of the steps below
before attempting any of these procedures.
All of the commands that need to be executed are required to be
run as the superuser (root). Each step relies on the steps before
it to complete successfully.
**** Step 1: Determine the needed kernel type
Please use the following command to find the kernel type that is
installed on your system:
rpm -qf /boot/vmlinuz
Following are the possible kernel types (disregard the version and
build number following the name separated by the "-" character)
k_deflt # default kernel, good for most systems.
k_i386 # kernel for older processors and chipsets
k_athlon # kernel made specifically for AMD Athlon(tm) family processors
k_psmp # kernel for Pentium-I dual processor systems
k_smp # kernel for SMP systems (Pentium-II and above)
k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM
kernel-64k-pagesize
kernel-bigsmp
kernel-default
kernel-smp
**** Step 2: Download the package for your system
Please download the kernel RPM package for your distribution with the
name as indicated by Step 1. The list of all kernel rpm packages is
appended below. Note: The kernel-source package does not
contain a binary kernel in bootable form. Instead, it contains the
sources that the binary kernel rpm packages are created from. It can be
used by administrators who have decided to build their own kernel.
Since the kernel-source.rpm is an installable (compiled) package that
contains sources for the linux kernel, it is not the source RPM for
the kernel RPM binary packages.
The kernel RPM binary packages for the distributions can be found at the
locations below ftp://ftp.suse.com/pub/suse/i386/update/.
8.0/images/
8.1/rpm/i586
8.2/rpm/i586
9.0/rpm/i586
9.1/rpm/i586
After downloading the kernel RPM package for your system, you should
verify the authenticity of the kernel rpm package using the methods as
listed in section 3) of each SUSE Security Announcement.
**** Step 3: Installing your kernel rpm package
Install the rpm package that you have downloaded in Steps 3 or 4 with
the command
rpm -Uhv --nodeps --force <K_FILE.RPM>
where <K_FILE.RPM> is the name of the rpm package that you downloaded.
Warning: After performing this step, your system will likely not be
able to boot if the following steps have not been fully
followed.
If you run SUSE LINUX 8.1 and haven't applied the kernel update
(SUSE-SA:2003:034), AND you are using the freeswan package, you also
need to update the freeswan rpm as a dependency as offered
by YOU (YaST Online Update). The package can be downloaded from
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/
**** Step 4: configuring and creating the initrd
The initrd is a ramdisk that is loaded into the memory of your
system together with the kernel boot image by the bootloader. The
kernel uses the content of this ramdisk to execute commands that must
be run before the kernel can mount its actual root filesystem. It is
usually used to initialize SCSI drivers or NIC drivers for diskless
operation.
The variable INITRD_MODULES in /etc/sysconfig/kernel determines
which kernel modules will be loaded in the initrd before the kernel
has mounted its actual root filesystem. The variable should contain
your SCSI adapter (if any) or filesystem driver modules.
With the installation of the new kernel, the initrd has to be
re-packed with the update kernel modules. Please run the command
mk_initrd
as root to create a new init ramdisk (initrd) for your system.
On SuSE Linux 8.1 and later, this is done automatically when the
RPM is installed.
**** Step 5: bootloader
If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there
are two options:
Depending on your software configuration, you have either the lilo
bootloader or the grub bootloader installed and initialized on your
system.
The grub bootloader does not require any further actions to be
performed after the new kernel images have been moved in place by the
rpm Update command.
If you have a lilo bootloader installed and initialized, then the lilo
program must be run as root. Use the command
grep LOADER_TYPE /etc/sysconfig/bootloader
to find out which boot loader is configured. If it is lilo, then you
must run the lilo command as root. If grub is listed, then your system
does not require any bootloader initialization.
Warning: An improperly installed bootloader may render your system
unbootable.
**** Step 6: reboot
If all of the steps above have been successfully completed on your
system, then the new kernel including the kernel modules and the
initrd should be ready to boot. The system needs to be rebooted for
the changes to become active. Please make sure that all steps have
completed, then reboot using the command
shutdown -r now
or
init 6
Your system should now shut down and reboot with the new kernel.
There is no workaround known.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web. Update packages will be available soon.
- sitecopy
The sitecopy package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- cadaver
The cadaver package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- OpenOffice_org
The OpenOffice_org package includes a vulnerable version
of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages
will be available soon.
- tripwire
A format string bug in tripwire can be exploited locally
to gain root permissions.
New packages are available.
- postgresql
A buffer overflow in psqlODBC could be exploited to crash the
application using it. E.g. a PHP script that uses ODBC to access a
PostgreSQL database can be utilized to crash the surrounding Apache
web-server. Other parts of PostgreSQL are not affected.
New packages are available.
- XDM/XFree86
This update resolves random listening to ports by XDM
that allows to connect via the XDMCP. SUSE LINUX 9.1
is affected only.
New packages are available.
- mod_proxy
A buffer overflow can be triggered by malicious remote
servers that return a negative Content-Length value.
This vulnerability can be used to execute commands remotely
New packages are available.
- freeswan
A bug in the certificate chain authentication code could allow an
attacker to authenticate any host against a FreeS/WAN server by
presenting specially crafted certificates wrapped in a PKCS#7 file.
The packages are currently being tested and will be available soon.
- ipsec-tools
The racoon daemon which is responsible for handling IKE messages
fails to reject invalid or self-signed X.509 certificates which
allows for man-in-the-middle attacks on IPsec tunnels established
via racoon.
The packages are currently being tested and will be available soon.
- less
This update fixes a possible symlink attack in lessopen.sh. The
attack can be executed by local users to overwrite arbitrary files
with the privileges of the user running less.
New packages are available.
- libpng
This update adds a missing fix for CAN-2002-1363.
New packages are available.
- pavuk
This update fixes a remotely exploitable buffer overflow in pavuk.
Thanks to Ulf Harnhammar for reporting this to us.
New packages are available.
- kdebase3
This update fixes a possible attack on tmp files created at the
first login of a user using KDE or at the first time running a
KDE application. This bug can be exploited locally to overwrite
arbitrary files with the privilege of the victim user.
Just affects SUSE LINUX 9.1
New packages are available.
3) standard appendix: authenticity verification, additional information
-
Package authenticity verification:
SUSE update packages are available on many mirror ftp servers around the world. While this service is considered valuable and important to the free and open source software community, many users wish to be certain as to be the origin of the package and its content before installing the package. There are two independent verification methods that can be used to prove the authenticity of a downloaded file or rpm package: 1) md5sums as provided in the (cryptographically signed) announcement. 2) using the internal gpg signatures of the rpm package.
1) execute the command md5sum after you have downloaded the file from a SUSE ftp server or its mirrors. Then, compare the resulting md5sum with the one that is listed in the announcement. Since the announcement containing the checksums is cryptographically signed (usually using the key security@suse.de), the checksums offer proof of the authenticity of the package. We recommend against subscribing to security lists which cause the email message containing the announcement to be modified so that the signature does not match after transport through the mailing list software. Downsides: You must be able to verify the authenticity of the announcement in the first place. If RPM packages are being rebuilt and a new version of a package is published on the ftp server, all md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity of an rpm package. Use the command rpm -v --checksig to verify the signature of the package, where is the filename of the rpm package that you have downloaded. Of course, package authenticity verification can only target an un-installed rpm package file. Prerequisites: a) gpg is installed b) The package is signed using a certain key. The public part of this key must be installed by the gpg program in the directory ~/.gnupg/ under the user's home directory who performs the signature verification (usually root). You can import the key that is used by SUSE in rpm packages for SUSE Linux by saving this announcement to a file ("announcement.txt") and running the command (do "su -" to be root): gpg --batch; gpg < announcement.txt | gpg --import SUSE Linux distributions version 7.1 and thereafter install the key "build@suse.de" upon installation or upgrade, provided that the package gpg is installed. The file containing the public key is placed at the top-level directory of the first CD (pubring.gpg) and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
-
SUSE runs two security mailing lists to which any interested party may subscribe:
suse-security@suse.com - general/linux/SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an email to suse-security-subscribe@suse.com.
suse-security-announce@suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an email to suse-security-announce-subscribe@suse.com.
For general information or the frequently asked questions (faq) send mail to: suse-security-info@suse.com or suse-security-faq@suse.com respectively.
===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, it is desired that the clear-text signature must show proof of the authenticity of the text. SUSE Linux AG makes no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK-----
- - | Roman Drahtm\xfcller draht@suse.de // "You don't need eyes to see, | SUSE Linux AG - Security Phone: // you need vision!" | N\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy Bi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt OsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD jwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA iud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT WntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ== =24bz -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200408-0118",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "conectiva",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "conectiva",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 1.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "email server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7"
},
{
"model": "linux firewall cd",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.1"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "s3400"
},
{
"model": "s8700",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "linux connectivity server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.6.0"
},
{
"model": "linux admin-cd for firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "s8300",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8.2"
},
{
"model": "office server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "linux database server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8700",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8"
},
{
"model": "linux office server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "intuity audix",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.0"
},
{
"model": "email server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "iii"
},
{
"model": "s8300",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "suse email server iii",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "suse email server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "3.1"
},
{
"model": "office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "linux office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux firewall on cd",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux database server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "linux connectivity server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux admin-cd for firewall",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel -rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s3400 message application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "10566"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000233"
},
{
"db": "NVD",
"id": "CVE-2004-0495"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_office_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_firewall_cd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_email_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_email_server:iii:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0495"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Viro",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0495",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2004-0495",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-8925",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0495",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200408-045",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-8925",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8925"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000233"
},
{
"db": "NVD",
"id": "CVE-2004-0495"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. The Linux kernel is reported prone to multiple device-driver issues. These issues were found during a recent audit of the Linux kernel source. Local attackers can exploit these vulnerabilities to elevate privileges or conduct denial-of-service attacks on the system. The affected device drivers are: aironet, asus_acpi, decnet, mpu401, msnd, and pss. -----BEGIN PGP SIGNED MESSAGE-----\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: kernel\n Announcement-ID: SUSE-SA:2004:020\n Date: Tuesday, Jul 2nd 2004 18:00 MEST\n Affected products: 8.0, 8.1, 8.2, 9.0, 9.1\n SUSE Linux Database Server,\n SUSE eMail Server III, 3.1\n SUSE Linux Enterprise Server 7, 8\n SUSE Linux Firewall on CD/Admin host\n SUSE Linux Connectivity Server\n SUSE Linux Office Server\n Vulnerability Type: local privilege escalation\n Severity (1-10): 6\n SUSE default package: yes\n Cross References:\tCAN-2004-0495\n\t\t\t\tCAN-2004-0496\n\t\t\t\tCAN-2004-0497\n\t\t\t\tCAN-2004-0535\n\t\t\t\tCAN-2004-0626\n\n\n Content of this advisory:\n 1) security vulnerability resolved:\n\t\t- chown: users can change the group affiliation of arbitrary\n\t\t files to the group they belong to\n\t\t- missing DAC check in chown(2): local privilege escalation\n\t - overflow with signals: local denial-of-service\n \t- pss, mpu401 sound driver: read/write to complete memory\n\t - airo driver: read/write to complete memory\n \t- ALSA: copy_from_user/copy_to_user confused\n \t- acpi_asus: read from random memory\n \t- decnet: write to memory without checking\n \t- e1000 driver: read complete memory\n problem description, discussion, solution and upgrade information\n 2) pending vulnerabilities, solutions, workarounds:\n\t\t- icecast\n - sitecopy\n - cadaver\n - OpenOffice_org\n - tripwire\n - postgresql*\n - mod_proxy\n\t\t- freeswan\n\t\t- ipsec-tools\n\t\t- less\n\t\t- libpng\n\t\t- pavuk\n\t\t- XFree86*\n\t\t- kdebase3\n 3) standard appendix (further information)\n\n______________________________________________________________________________\n\n1) problem description, brief discussion, solution, upgrade information\n\n Multiple security vulnerabilities are being addressed with this security\n update of the Linux kernel. \n\n Kernel memory access vulnerabilities are fixed in the e1000, decnet, \n acpi_asus, alsa, airo/WLAN, pss and mpu401 drivers. These \n vulnerabilities can lead to kernel memory read access, write access \n and local denial of service conditions, resulting in access to the \n root account for an attacker with a local account on the affected \n system. \n\n Missing Discretionary Access Control (DAC) checks in the chown(2) system\n call allow an attacker with a local account to change the group\n ownership of arbitrary files, which leads to root privileges on affected\n systems. An interesting variant of the missing \n checks is that the ownership of files in the /proc filesystem can be \n altered, while the changed ownership still does not allow the files to \n be accessed as a non-root user for to be able to exploit the \n vulnerability. Systems that are based on a version 2.4 kernel are not \n vulnerable to the /proc weakness, and exploitation of the weakness \n requires the use of the kernel NFS server (knfsd). If the knfsd NFS \n server is not activated (it is off by default), the vulnerability is \n not exposed. \n\n The only network-related vulnerability fixed with the kernel updates\n that are subject to this announcement affect the SUSE Linux 9.1 \n distribution only, as it is based on a 2.6 kernel. Found and reported \n to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability \n allows a remote attacker to send a specially crafted TCP packet to a \n vulnerable system, causing that system to stall if it makes use of \n TCP option matching netfilter rules. \n\n In some rare configurations of the SUSE Linux 9.1 distribution, some \n users have experienced stalling systems during system startup. These \n problems are fixed with this kernel update. \n\n\n\n SPECIAL INSTALL INSTRUCTIONS:\n ==============================\n For the impatient: Run YOU (Yast2 Online Update, command \n \"yast2 online_update\" as root) to install the updates (semi) \n automatically, if you have a SUSE Linux 8.1 and newer system. \n\n For those who wish to install their kernel updates manually and for \n those who use a SUSE Linux 8.0 system:\n\n The following paragraphs will guide you through the installation\n process in a step-by-step fashion. The character sequence \"****\"\n marks the beginning of a new paragraph. In some cases, the steps\n outlined in a particular paragraph may or may not be applicable\n to your situation. \n Therefore, please make sure to read through all of the steps below\n before attempting any of these procedures. \n All of the commands that need to be executed are required to be\n run as the superuser (root). Each step relies on the steps before\n it to complete successfully. \n\n\n **** Step 1: Determine the needed kernel type\n\n Please use the following command to find the kernel type that is\n installed on your system:\n\n rpm -qf /boot/vmlinuz\n\n Following are the possible kernel types (disregard the version and\n build number following the name separated by the \"-\" character)\n\n k_deflt # default kernel, good for most systems. \n k_i386 # kernel for older processors and chipsets\n k_athlon # kernel made specifically for AMD Athlon(tm) family processors\n k_psmp # kernel for Pentium-I dual processor systems\n k_smp # kernel for SMP systems (Pentium-II and above)\n k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM\n kernel-64k-pagesize\n kernel-bigsmp\n kernel-default\n kernel-smp\n\n **** Step 2: Download the package for your system\n\n Please download the kernel RPM package for your distribution with the\n name as indicated by Step 1. The list of all kernel rpm packages is\n appended below. Note: The kernel-source package does not\n contain a binary kernel in bootable form. Instead, it contains the\n sources that the binary kernel rpm packages are created from. It can be\n used by administrators who have decided to build their own kernel. \n Since the kernel-source.rpm is an installable (compiled) package that\n contains sources for the linux kernel, it is not the source RPM for\n the kernel RPM binary packages. \n\n The kernel RPM binary packages for the distributions can be found at the\n locations below ftp://ftp.suse.com/pub/suse/i386/update/. \n\n 8.0/images/\n 8.1/rpm/i586\n 8.2/rpm/i586\n 9.0/rpm/i586\n 9.1/rpm/i586\n\n After downloading the kernel RPM package for your system, you should\n verify the authenticity of the kernel rpm package using the methods as\n listed in section 3) of each SUSE Security Announcement. \n\n\n **** Step 3: Installing your kernel rpm package\n\n Install the rpm package that you have downloaded in Steps 3 or 4 with\n the command\n rpm -Uhv --nodeps --force \u003cK_FILE.RPM\u003e\n where \u003cK_FILE.RPM\u003e is the name of the rpm package that you downloaded. \n\n Warning: After performing this step, your system will likely not be\n able to boot if the following steps have not been fully\n followed. \n\n\n If you run SUSE LINUX 8.1 and haven\u0027t applied the kernel update\n (SUSE-SA:2003:034), AND you are using the freeswan package, you also\n need to update the freeswan rpm as a dependency as offered\n by YOU (YaST Online Update). The package can be downloaded from\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/\n\n **** Step 4: configuring and creating the initrd\n\n The initrd is a ramdisk that is loaded into the memory of your\n system together with the kernel boot image by the bootloader. The\n kernel uses the content of this ramdisk to execute commands that must\n be run before the kernel can mount its actual root filesystem. It is\n usually used to initialize SCSI drivers or NIC drivers for diskless\n operation. \n\n The variable INITRD_MODULES in /etc/sysconfig/kernel determines\n which kernel modules will be loaded in the initrd before the kernel\n has mounted its actual root filesystem. The variable should contain\n your SCSI adapter (if any) or filesystem driver modules. \n\n With the installation of the new kernel, the initrd has to be\n re-packed with the update kernel modules. Please run the command\n\n mk_initrd\n\n as root to create a new init ramdisk (initrd) for your system. \n On SuSE Linux 8.1 and later, this is done automatically when the\n RPM is installed. \n\n\n **** Step 5: bootloader\n\n If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there\n are two options:\n Depending on your software configuration, you have either the lilo\n bootloader or the grub bootloader installed and initialized on your\n system. \n The grub bootloader does not require any further actions to be\n performed after the new kernel images have been moved in place by the\n rpm Update command. \n If you have a lilo bootloader installed and initialized, then the lilo\n program must be run as root. Use the command\n\n grep LOADER_TYPE /etc/sysconfig/bootloader\n\n to find out which boot loader is configured. If it is lilo, then you\n must run the lilo command as root. If grub is listed, then your system\n does not require any bootloader initialization. \n\n Warning: An improperly installed bootloader may render your system\n unbootable. \n\n **** Step 6: reboot\n\n If all of the steps above have been successfully completed on your\n system, then the new kernel including the kernel modules and the\n initrd should be ready to boot. The system needs to be rebooted for\n the changes to become active. Please make sure that all steps have\n completed, then reboot using the command\n shutdown -r now\n or\n init 6\n\n Your system should now shut down and reboot with the new kernel. \n\n\n There is no workaround known. \n\n\n Please download the update package for your distribution and verify its\n integrity by the methods listed in section 3) of this announcement. \n Then, install the package using the command \"rpm -Fhv file.rpm\" to apply\n the update. \n Our maintenance customers are being notified individually. The packages\n are being offered to install from the maintenance web. Update packages will be available soon. \n\n - sitecopy\n The sitecopy package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - cadaver\n The cadaver package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - OpenOffice_org\n The OpenOffice_org package includes a vulnerable version\n of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages\n will be available soon. \n\n - tripwire\n A format string bug in tripwire can be exploited locally\n to gain root permissions. \n New packages are available. \n\n - postgresql\n A buffer overflow in psqlODBC could be exploited to crash the\n application using it. E.g. a PHP script that uses ODBC to access a\n PostgreSQL database can be utilized to crash the surrounding Apache\n web-server. Other parts of PostgreSQL are not affected. \n New packages are available. \n\n - XDM/XFree86\n This update resolves random listening to ports by XDM\n that allows to connect via the XDMCP. SUSE LINUX 9.1\n is affected only. \n New packages are available. \n\n - mod_proxy\n A buffer overflow can be triggered by malicious remote\n servers that return a negative Content-Length value. \n This vulnerability can be used to execute commands remotely\n New packages are available. \n\n - freeswan\n A bug in the certificate chain authentication code could allow an\n attacker to authenticate any host against a FreeS/WAN server by\n presenting specially crafted certificates wrapped in a PKCS#7 file. \n The packages are currently being tested and will be available soon. \n\n - ipsec-tools\n The racoon daemon which is responsible for handling IKE messages\n fails to reject invalid or self-signed X.509 certificates which\n allows for man-in-the-middle attacks on IPsec tunnels established\n via racoon. \n The packages are currently being tested and will be available soon. \n\n - less\n This update fixes a possible symlink attack in lessopen.sh. The\n attack can be executed by local users to overwrite arbitrary files\n with the privileges of the user running less. \n New packages are available. \n\n - libpng\n This update adds a missing fix for CAN-2002-1363. \n New packages are available. \n\n - pavuk\n This update fixes a remotely exploitable buffer overflow in pavuk. \n Thanks to Ulf Harnhammar for reporting this to us. \n New packages are available. \n\n - kdebase3\n This update fixes a possible attack on tmp files created at the\n first login of a user using KDE or at the first time running a\n KDE application. This bug can be exploited locally to overwrite\n arbitrary files with the privilege of the victim user. \n Just affects SUSE LINUX 9.1\n New packages are available. \n\n______________________________________________________________________________\n\n3) standard appendix: authenticity verification, additional information\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror ftp servers around\n the world. While this service is considered valuable and important\n to the free and open source software community, many users wish to be\n certain as to be the origin of the package and its content before\n installing the package. There are two independent verification methods\n that can be used to prove the authenticity of a downloaded file or\n rpm package:\n 1) md5sums as provided in the (cryptographically signed) announcement. \n 2) using the internal gpg signatures of the rpm package. \n\n 1) execute the command\n md5sum \u003cname-of-the-file.rpm\u003e\n after you have downloaded the file from a SUSE ftp server or its\n mirrors. Then, compare the resulting md5sum with the one that is\n listed in the announcement. Since the announcement containing the\n checksums is cryptographically signed (usually using the key\n security@suse.de), the checksums offer proof of the authenticity\n of the package. \n We recommend against subscribing to security lists which cause the\n email message containing the announcement to be modified so that\n the signature does not match after transport through the mailing\n list software. \n Downsides: You must be able to verify the authenticity of the\n announcement in the first place. If RPM packages are being rebuilt\n and a new version of a package is published on the ftp server, all\n md5 sums for the files are useless. \n\n 2) rpm package signatures provide an easy way to verify the authenticity\n of an rpm package. Use the command\n rpm -v --checksig \u003cfile.rpm\u003e\n to verify the signature of the package, where \u003cfile.rpm\u003e is the\n filename of the rpm package that you have downloaded. Of course,\n package authenticity verification can only target an un-installed rpm\n package file. \n Prerequisites:\n a) gpg is installed\n b) The package is signed using a certain key. The public part of this\n key must be installed by the gpg program in the directory\n ~/.gnupg/ under the user\u0027s home directory who performs the\n signature verification (usually root). You can import the key\n that is used by SUSE in rpm packages for SUSE Linux by saving\n this announcement to a file (\"announcement.txt\") and\n running the command (do \"su -\" to be root):\n gpg --batch; gpg \u003c announcement.txt | gpg --import\n SUSE Linux distributions version 7.1 and thereafter install the\n key \"build@suse.de\" upon installation or upgrade, provided that\n the package gpg is installed. The file containing the public key\n is placed at the top-level directory of the first CD (pubring.gpg)\n and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de . \n\n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n suse-security@suse.com\n - general/linux/SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-subscribe@suse.com\u003e. \n\n suse-security-announce@suse.com\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-announce-subscribe@suse.com\u003e. \n\n For general information or the frequently asked questions (faq)\n send mail to:\n \u003csuse-security-info@suse.com\u003e or\n \u003csuse-security-faq@suse.com\u003e respectively. \n\n =====================================================================\n SUSE\u0027s security contact is \u003csecurity@suse.com\u003e or \u003csecurity@suse.de\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular,\n it is desired that the clear-text signature must show proof of the\n authenticity of the text. \n SUSE Linux AG makes no warranties of any kind whatsoever with respect\n to the information contained in this security advisory. \n\nType Bits/KeyID Date User ID\npub 2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n#####-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.0.6 (GNU/Linux)\nComment: For info see http://www.gnupg.org\n\nmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff\n4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d\nM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO\nQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK\nXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE\nD3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd\nG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM\nCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE\nmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr\nYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD\nwmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d\nNfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe\nQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe\nLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t\nXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU\nD9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3\n0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot\n1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW\ncRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E\nExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f\nAJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E\nOe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/\nHZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h\nt5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT\ntGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM\n523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q\n2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8\nQnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw\nJxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ\n1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH\nORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1\nwwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY\nEQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol\n0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK\nCRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co\nSPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo\nomuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt\nA46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J\n/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE\nGrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf\nebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT\nZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8\nRQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ\n8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb\nB6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X\n11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA\n8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj\nqY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p\nWH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL\nhn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG\nBafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+\nAvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi\nRZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0\nzinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM\n/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7\nwhaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl\nD+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz\ndbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI\nRgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI\nDgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=\n=LRKC\n- -----END PGP PUBLIC KEY BLOCK-----\n\n- -- \n - -\n| Roman Drahtm\\xfcller \u003cdraht@suse.de\u003e // \"You don\u0027t need eyes to see, |\n SUSE Linux AG - Security Phone: // you need vision!\"\n| N\\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |\n - -\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.0.7 (GNU/Linux)\n\niQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy\nBi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt\nOsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD\njwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA\niud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT\nWntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ==\n=24bz\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0495"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000233"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "VULHUB",
"id": "VHN-8925"
},
{
"db": "PACKETSTORM",
"id": "33705"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-8925",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8925"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0495",
"trust": 2.9
},
{
"db": "BID",
"id": "10566",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000233",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200408-045",
"trust": 0.7
},
{
"db": "REDHAT",
"id": "RHSA-2004:260",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2004:255",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200407-02",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2004:020",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2004:846",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2004:845",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2961",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:10155",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2004:066",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2004-186",
"trust": 0.6
},
{
"db": "XF",
"id": "16449",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "33705",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-8925",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8925"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000233"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0495"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
]
},
"id": "VAR-200408-0118",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8925"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:40:05.119000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "kernel_30",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/kernel_30.html"
},
{
"title": "kernel_se20",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/kernel_se20.html"
},
{
"title": "RHSA-2004:260",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-260.html"
},
{
"title": "RHSA-2004:255",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-255.html"
},
{
"title": "RHSA-2004:327",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-327.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/"
},
{
"title": "RHSA-2004:327",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-327j.html"
},
{
"title": "RHSA-2004:260",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-260j.html"
},
{
"title": "RHSA-2004:255",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-255j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000233"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0495"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/10566"
},
{
"trust": 1.7,
"url": "http://lwn.net/articles/91155/"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
},
{
"trust": 1.7,
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2004:066"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2004-255.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2004-260.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
},
{
"trust": 1.6,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
},
{
"trust": 1.6,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000846"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10155"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2961"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16449"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0495"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0495"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16449"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:10155"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2961"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-255.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-260.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-327.html"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000845"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000846"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0535"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0497"
},
{
"trust": 0.1,
"url": "http://www.gnupg.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0495"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0496"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8925"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000233"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0495"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-8925"
},
{
"db": "BID",
"id": "10566"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000233"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0495"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-06T00:00:00",
"db": "VULHUB",
"id": "VHN-8925"
},
{
"date": "2004-06-18T00:00:00",
"db": "BID",
"id": "10566"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000233"
},
{
"date": "2004-07-02T12:32:00",
"db": "PACKETSTORM",
"id": "33705"
},
{
"date": "2004-08-06T04:00:00",
"db": "NVD",
"id": "CVE-2004-0495"
},
{
"date": "2004-06-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-8925"
},
{
"date": "2007-01-17T21:30:00",
"db": "BID",
"id": "10566"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000233"
},
{
"date": "2017-10-11T01:29:26.717000",
"db": "NVD",
"id": "CVE-2004-0495"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "10566"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel Multiple Device Driver Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "10566"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "10566"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-045"
}
],
"trust": 0.9
}
}
VAR-200208-0244
Vulnerability from variot - Updated: 2023-12-18 11:36Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. The DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10 contains buffer overflows in code that handles responses for network name and address requests. Other resolver libraries derived from BIND 4 such as BSD libc, GNU glibc, and those used by System V UNIX systems may also be affected. An attacker could execute arbitrary code with the privileges of the application that made the request or cause a denial of service. This vulnerability is resolved in BIND versions 4.9.11, 8.2.7, 8.3.4, and BIND 9. Based on recent reports, we believe this vulnerability is being actively exploited. OpenSSL is an open-source implementation of the Secure Sockets Layer (SSL) protocol. A remotely exploitable vulnerability exists in OpenSSL servers that could lead to the execution of arbitrary code on the server. OpenSSL Is OpenSSL On the server SSL version 2.0 ( Less than, SSLv2) The buffer overflow vulnerability is caused by handshake processing. The issue occurs in the handling of the client key value during the negotiation of the SSLv2 protocol. ***UPDATE: A worm that likely exploits this vulnerability has been discovered propagating in the wild. Additionally, this code includes peer-to-peer and distributed denial-of-service capabilities. There have been numerous reports of intrusions in Europe. It is not yet confirmed whether this vulnerability is in OpenSSL, mod_ssl, or another component. Administrators are advised to upgrade to the most recent versions or to disable Apache, if possible, until more information is available. OpenSSL is prone to a buffer-overflow vulnerability involving overly long SSLv3 session IDs. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc.
-----BEGIN PGP SIGNED MESSAGE-----
CERT Summary CS-2002-04
November 26, 2002
Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT Summary to draw attention to the types of attacks reported to our incident response team, as well as other noteworthy incident and vulnerability information. The summary includes pointers to sources of information for dealing with the problems.
Past CERT summaries are available from:
CERT Summaries
http://www.cert.org/summaries/
Recent Activity
Since the last regularly scheduled CERT summary, issued in August 2002 (CS-2002-03), we have seen trojan horses for three popular distributions, new self-propagating malicious code (Apache/mod_ssl), and multiple vulnerabilities in BIND. In addition, we have issued a new PGP Key.
For more current information on activity being reported to the CERT/CC, please visit the CERT/CC Current Activity page. The Current Activity page is a regularly updated summary of the most frequent, high-impact types of security incidents and vulnerabilities being reported to the CERT/CC. The information on the Current Activity page is reviewed and updated as reporting trends change.
CERT/CC Current Activity
http://www.cert.org/current/current_activity.html
1. Reports received by the CERT/CC indicate
that the Apache/mod_ssl worm has already infected thousands of
systems. Over a month earlier, the CERT/CC issued an advisory
(CA-2002-23) describing four remotely exploitable buffer overflows
in OpenSSL. Trojan Horse Sendmail Distribution
The CERT/CC has received confirmation that some copies of the
source code for the Sendmail package have been modified by an
intruder to contain a Trojan horse. These copies began to appear
in downloads from the FTP server ftp.sendmail.org on or around
September 28, 2002. On October 8, 2002, the CERT/CC issued an
advisory (CA-2002-28) describing various methods to verify
software authenticity.
CERT Advisory CA-2002-28
Trojan Horse Sendmail Distribution
http://www.cert.org/advisories/CA-2002-28.html
3. Trojan Horse tcpdump and libpcap Distributions
The CERT/CC has received reports that some copies of the source
code for libpcap, a packet acquisition library, and tcpdump, a
network sniffer, have been modified by an intruder and contain a
Trojan horse. These modified distributions began to appear in
downloads from the HTTP server www.tcpdump.org on or around Nov
11, 2002. The CERT/CC issued an advisory (CA-2002-30) listing MD5
checksums and official distribution sites for libpcap and tcpdump.
CERT Advisory CA-2002-30
Trojan Horse tcpdump and libpcap Distributions
http://www.cert.org/advisories/CA-2002-30.html
4. Multiple Vulnerabilities in BIND
The CERT/CC has documented multiple vulnerabilities in BIND, the
popular domain name server and client library software package
from the Internet Software Consortium (ISC). Several vulnerabilities are referenced in the advisory;
they are listed here individually.
CERT Advisory CA-2002-31
Multiple Vulnerabilities in BIND
http://www.cert.org/advisories/CA-2002-31.html
Vulnerability Note #852283
Cached malformed SIG record buffer overflow
http://www.kb.cert.org/vuls/id/852283
Vulnerability Note #229595
Overly large OPT record assertion
http://www.kb.cert.org/vuls/id/229595
Vulnerability Note #581682
ISC Bind 8 fails to properly dereference cache SIG RR
elements invalid expiry times from the internal database
http://www.kb.cert.org/vuls/id/581682
Vulnerability Note #844360
Domain Name System (DNS) stub resolver libraries
vulnerable to buffer overflows via network name or
address lookups
http://www.kb.cert.org/vuls/id/844360
5. Heap Overflow Vulnerability in Microsoft Data Access Components
(MDAC)
On November 21, 2002 the CERT/CC issued an advisory (CA-2002-33)
describing a vulnerability in MDAC, a collection of Microsoft
utilities and routines that process requests between databases and
network applications.
CERT Advisory CA-2002-33
Heap Overflow Vulnerability in Microsoft Data Access
Components (MDAC)
http://www.cert.org/advisories/CA-2002-33.html
New CERT/CC PGP Key
On September 19, the CERT/CC issued a new PGP key, which should be used when sending sensitive information to the CERT/CC.
CERT/CC PGP Public Key
https://www.cert.org/pgp/cert_pgp_key.asc
Sending Sensitive Information To The CERT/CC
http://www.cert.org/contact_cert/encryptmail.html
What's New and Updated
Since the last CERT Summary, we have published new and updated * Advisories http://www.cert.org/advisories/ * Congressional Testimony http://www.cert.org/congressional_testimony/ * CERT/CC Statistics http://www.cert.org/stats/cert_stats.html * Home User Security http://www.cert.org/homeusers/HomeComputerSecurity * Tech Tips http://www.cert.org/tech_tips/ * Training Schedule http:/www.cert.org/training/
This document is available from: http://www.cert.org/summaries/CS-2002-04.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. ___________
Conditions for use, disclaimers, and sponsorship information
Copyright \xa92002 Carnegie Mellon University.
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBPePMQWjtSoHZUTs5AQGdxwP9HK4mSF15bMQ9MZ4mMFcLIhvdXykANg8A 6nEIAyB8CJpbuWdP7sPh3qAwaZ9BhRFEGeLakONOpoo7bmjkwAWrJHxF3b1CrgHS ZuKQsgEhnm9wpPdU6w6SG1cJBkwz70b8d7YK0vcVuKhmaW0JOx9OLGKsAe3SFePD OiZbNHX+eb8= =Mnbn -----END PGP SIGNATURE----- . OpenSSL Security Advisory [30 July 2002]
This advisory consists of two independent advisories, merged, and is an official OpenSSL advisory.
Advisory 1
A.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are conducting a security review of OpenSSL, under the DARPA program CHATS.
-
The client master key in SSL2 could be oversized and overrun a buffer. Exploit code is NOT available at this time.
-
This issues only affects OpenSSL 0.9.7 before 0.9.7-beta3 with Kerberos enabled.
-
Various buffers for ASCII representations of integers were too small on 64 bit platforms.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0656 to issues 1-2, CAN-2002-0657 to issue 3, and CAN-2002-0655 to issue 4.
In addition various potential buffer overflows not known to be exploitable have had assertions added to defend against them.
Who is affected?
Everyone using OpenSSL 0.9.6d or earlier, or 0.9.7-beta2 or earlier or current development snapshots of 0.9.7 to provide SSL or TLS is vulnerable, whether client or server. 0.9.6d servers on 32-bit systems with SSL 2.0 disabled are not vulnerable.
SSLeay is probably also affected.
Recommendations
Apply the attached patch to OpenSSL 0.9.6d, or upgrade to OpenSSL 0.9.6e. Recompile all applications using OpenSSL to provide SSL or TLS.
A patch for 0.9.7 is available from the OpenSSL website (https://www.openssl.org/).
Servers can disable SSL2, alternatively disable all applications using SSL or TLS until the patches are applied. Users of 0.9.7 pre-release versions with Kerberos enabled will also have to disable Kerberos.
Client should be disabled altogether until the patches are applied.
Known Exploits
There are no know exploits available for these vulnerabilities. As noted above, Neohapsis have demonstrated internally that an exploit is possible, but have not released the exploit code.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0655 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0656 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0657
Acknowledgements
The project leading to this advisory is sponsored by the Defense Advanced Research Projects Agency (DARPA) and Air Force Research Laboratory, Air Force Materiel Command, USAF, under agreement number F30602-01-2-0537.
The patch and advisory were prepared by Ben Laurie.
Advisory 2
Vulnerabilities
The ASN1 parser can be confused by supplying it with certain invalid encodings.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0659 to this issue.
Who is affected?
Any OpenSSL program which uses the ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines.
Recommendations
Apply the patch to OpenSSL, or upgrade to OpenSSL 0.9.6e. Recompile all applications using OpenSSL.
Users of 0.9.7 pre-release versions should apply the patch or upgrade to 0.9.7-beta3 or later. Recompile all applications using OpenSSL.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0659
Acknowledgements
This vulnerability was discovered by Adi Stav stav@mercury.co.il and James Yonan jim@ntlp.com independently. The patch is partly based on a version by Adi Stav.
The patch and advisory were prepared by Dr. Stephen Henson.
Combined patches for OpenSSL 0.9.6d: https://www.openssl.org/news/patch_20020730_0_9_6d.txt
Combined patches for OpenSSL 0.9.7 beta 2: https://www.openssl.org/news/patch_20020730_0_9_7.txt
URL for this Security Advisory: https://www.openssl.org/news/secadv_20020730.txt
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200208-0244",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "trustix",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.7,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.7,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.0.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.0.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.0.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.1.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.1.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.1.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.7,
"vendor": "apple",
"version": "10.1.5"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openldap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "isc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nortel",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.1,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "application server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "*"
},
{
"model": "application server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "1.0.2.1s"
},
{
"model": "application server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "corporate time outlook connector",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "corporate time outlook connector",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "3.1.1"
},
{
"model": "corporate time outlook connector",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "3.1.2"
},
{
"model": "corporate time outlook connector",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "3.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.1,
"vendor": "apple",
"version": "10.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnu glibc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "metasolv",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sco group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xerox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engarde",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "covalent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "application server",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2.0.0"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9ias"
},
{
"model": "database",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1.7.1"
},
{
"model": "database",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "cobalt raq3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "internet express eak",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.6,
"vendor": "gentoo",
"version": "1.2"
},
{
"model": "linux affinity toolkit",
"scope": null,
"trust": 0.6,
"vendor": "ibm",
"version": null
},
{
"model": "oracle9i application server .1s",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "linux rc3",
"scope": "eq",
"trust": 0.6,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.6,
"vendor": "gentoo",
"version": "0.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "openssl for openvms alpha",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.0"
},
{
"model": "project openssl beta3",
"scope": "ne",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux rc1",
"scope": "eq",
"trust": 0.6,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "webproxy",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "2.0"
},
{
"model": "tru64 unix compaq secure web server",
"scope": "ne",
"trust": 0.6,
"vendor": "hp",
"version": "5.9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "corporatetime outlook connector",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "enterprise ready server",
"scope": "eq",
"trust": 0.6,
"vendor": "covalent",
"version": "2.2"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "3.10"
},
{
"model": "enterprise ready server",
"scope": "eq",
"trust": 0.6,
"vendor": "covalent",
"version": "2.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "netmail e",
"scope": "ne",
"trust": 0.6,
"vendor": "novell",
"version": "3.10"
},
{
"model": "virtualvault",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.6"
},
{
"model": "tru64 unix compaq secure web server",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.8.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "3.10"
},
{
"model": "project openssl g",
"scope": "ne",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "tru64 unix compaq secure web server",
"scope": "ne",
"trust": 0.6,
"vendor": "hp",
"version": "5.8.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "corporatetime outlook connector",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "3.1.2"
},
{
"model": "corporatetime outlook connector",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "3.1.1"
},
{
"model": "webproxy",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.0"
},
{
"model": "netmail c",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "3.10"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "project openssl e",
"scope": "ne",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "corporatetime outlook connector",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "fast start server",
"scope": "eq",
"trust": 0.6,
"vendor": "covalent",
"version": "3.1"
},
{
"model": "tru64 unix internet express",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "tcp/ip services for openvms",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "5.3"
},
{
"model": "openssl for openvms alpha -a",
"scope": "ne",
"trust": 0.6,
"vendor": "hp",
"version": "1.0"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.2"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "oracle9i application server",
"scope": null,
"trust": 0.6,
"vendor": "oracle",
"version": null
},
{
"model": "virtualvault",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "4.5"
},
{
"model": "tru64 unix compaq secure web server",
"scope": "ne",
"trust": 0.6,
"vendor": "hp",
"version": "5.9.2"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "netmail d",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "3.10"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "linux a",
"scope": "eq",
"trust": 0.6,
"vendor": "gentoo",
"version": "1.1"
},
{
"model": "secure os software for linux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "1.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux rc2",
"scope": "eq",
"trust": 0.6,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mgetty-sendfax-1.1.14-8.i386.rpm",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "2.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.6,
"vendor": "gentoo",
"version": "0.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.7"
},
{
"model": "bsafe ssl-j sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "rsa",
"version": "3.0.1"
},
{
"model": "-beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"model": "bsafe ssl-c",
"scope": "eq",
"trust": 0.3,
"vendor": "rsa",
"version": "2.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"model": "ssl-r6",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "4.0.18"
},
{
"model": "bsafe ssl-c",
"scope": "eq",
"trust": 0.3,
"vendor": "rsa",
"version": "2.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"model": "safeword premieraccess",
"scope": "eq",
"trust": 0.3,
"vendor": "securecomputing",
"version": "3.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.16"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.13"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"model": "bsafe ssl-c me",
"scope": "ne",
"trust": 0.3,
"vendor": "rsa",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.25"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.2"
},
{
"model": "bsafe ssl-j sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "rsa",
"version": "3.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0"
},
{
"model": "bsafe ssl-j sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "rsa",
"version": "3.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.1"
},
{
"model": "ssl-r",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "4.0.18"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.15"
},
{
"model": "ssl-rx",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "4.0.18"
},
{
"model": "mac",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"model": "bsafe ssl-c",
"scope": "eq",
"trust": 0.3,
"vendor": "rsa",
"version": "2.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.23"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3"
},
{
"model": "sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1.1"
},
{
"model": "-beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.34"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"model": "sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.18"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.2.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.3"
},
{
"model": "-beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"model": "ssl-r3",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "4.0.18"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "jetdirect rev. u.23.99",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "security bsafe ssl-j sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "rsa",
"version": "3.1"
},
{
"model": "networks m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "omniswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "88000"
},
{
"model": "omniaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "2100"
},
{
"model": "crypto accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1000"
},
{
"model": "networks m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "security bsafe ssl-c me",
"scope": "ne",
"trust": 0.3,
"vendor": "rsa",
"version": null
},
{
"model": "security bsafe ssl-c",
"scope": "eq",
"trust": 0.3,
"vendor": "rsa",
"version": "2.3"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "networks m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1.1"
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "omniswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "77000"
},
{
"model": "rcp",
"scope": "eq",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "77700"
},
{
"model": "networks m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "computing safeword premieraccess",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "3.1"
},
{
"model": "networks m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security bsafe ssl-j sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "rsa",
"version": "3.0.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "omniswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "66000"
},
{
"model": "networks t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security bsafe ssl-c",
"scope": "eq",
"trust": 0.3,
"vendor": "rsa",
"version": "2.2"
},
{
"model": "security bsafe ssl-c",
"scope": "eq",
"trust": 0.3,
"vendor": "rsa",
"version": "2.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "security bsafe ssl-j sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "rsa",
"version": "3.0"
},
{
"model": "omniswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "alcatel lucent",
"version": "78000"
},
{
"model": "jetdirect rev. l.23.99",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect rev. u.22.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jetdirect rev. l.22.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#258555"
},
{
"db": "CERT/CC",
"id": "VU#844360"
},
{
"db": "CERT/CC",
"id": "VU#852283"
},
{
"db": "CERT/CC",
"id": "VU#581682"
},
{
"db": "CERT/CC",
"id": "VU#229595"
},
{
"db": "CERT/CC",
"id": "VU#102795"
},
{
"db": "VULMON",
"id": "CVE-2002-0656"
},
{
"db": "BID",
"id": "5363"
},
{
"db": "BID",
"id": "5362"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000172"
},
{
"db": "NVD",
"id": "CVE-2002-0656"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-027"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:corporate_time_outlook_connector:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:corporate_time_outlook_connector:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:corporate_time_outlook_connector:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:9.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:corporate_time_outlook_connector:3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:9.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0656"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A.L. Digital Ltd\nThe Bunker",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200208-027"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0656",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2002-0656",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-5047",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0656",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#258555",
"trust": 0.8,
"value": "3.19"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#844360",
"trust": 0.8,
"value": "8.91"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#852283",
"trust": 0.8,
"value": "30.38"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#581682",
"trust": 0.8,
"value": "27.54"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#229595",
"trust": 0.8,
"value": "33.05"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#102795",
"trust": 0.8,
"value": "17.63"
},
{
"author": "CNNVD",
"id": "CNNVD-200208-027",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-5047",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2002-0656",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#258555"
},
{
"db": "CERT/CC",
"id": "VU#844360"
},
{
"db": "CERT/CC",
"id": "VU#852283"
},
{
"db": "CERT/CC",
"id": "VU#581682"
},
{
"db": "CERT/CC",
"id": "VU#229595"
},
{
"db": "CERT/CC",
"id": "VU#102795"
},
{
"db": "VULHUB",
"id": "VHN-5047"
},
{
"db": "VULMON",
"id": "CVE-2002-0656"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000172"
},
{
"db": "NVD",
"id": "CVE-2002-0656"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-027"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. The DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10 contains buffer overflows in code that handles responses for network name and address requests. Other resolver libraries derived from BIND 4 such as BSD libc, GNU glibc, and those used by System V UNIX systems may also be affected. An attacker could execute arbitrary code with the privileges of the application that made the request or cause a denial of service. This vulnerability is resolved in BIND versions 4.9.11, 8.2.7, 8.3.4, and BIND 9. Based on recent reports, we believe this vulnerability is being actively exploited. OpenSSL is an open-source implementation of the Secure Sockets Layer (SSL) protocol. A remotely exploitable vulnerability exists in OpenSSL servers that could lead to the execution of arbitrary code on the server. OpenSSL Is OpenSSL On the server SSL version 2.0 ( Less than, SSLv2) The buffer overflow vulnerability is caused by handshake processing. \nThe issue occurs in the handling of the client key value during the negotiation of the SSLv2 protocol. \n***UPDATE: A worm that likely exploits this vulnerability has been discovered propagating in the wild. Additionally, this code includes peer-to-peer and distributed denial-of-service capabilities. There have been numerous reports of intrusions in Europe. It is not yet confirmed whether this vulnerability is in OpenSSL, mod_ssl, or another component. Administrators are advised to upgrade to the most recent versions or to disable Apache, if possible, until more information is available. OpenSSL is prone to a buffer-overflow vulnerability involving overly long SSLv3 session IDs. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. \n\n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Summary CS-2002-04\n\n November 26, 2002\n\n Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT\n Summary to draw attention to the types of attacks reported to our\n incident response team, as well as other noteworthy incident and\n vulnerability information. The summary includes pointers to sources of\n information for dealing with the problems. \n\n Past CERT summaries are available from:\n\n CERT Summaries\n http://www.cert.org/summaries/\n ______________________________________________________________________\n\nRecent Activity\n\n Since the last regularly scheduled CERT summary, issued in August 2002\n (CS-2002-03), we have seen trojan horses for three popular\n distributions, new self-propagating malicious code (Apache/mod_ssl),\n and multiple vulnerabilities in BIND. In addition, we have issued a\n new PGP Key. \n\n For more current information on activity being reported to the\n CERT/CC, please visit the CERT/CC Current Activity page. The Current\n Activity page is a regularly updated summary of the most frequent,\n high-impact types of security incidents and vulnerabilities being\n reported to the CERT/CC. The information on the Current Activity page\n is reviewed and updated as reporting trends change. \n\n CERT/CC Current Activity\n http://www.cert.org/current/current_activity.html\n\n\n 1. Reports received by the CERT/CC indicate\n that the Apache/mod_ssl worm has already infected thousands of\n systems. Over a month earlier, the CERT/CC issued an advisory\n (CA-2002-23) describing four remotely exploitable buffer overflows\n in OpenSSL. Trojan Horse Sendmail Distribution\n\n The CERT/CC has received confirmation that some copies of the\n source code for the Sendmail package have been modified by an\n intruder to contain a Trojan horse. These copies began to appear\n in downloads from the FTP server ftp.sendmail.org on or around\n September 28, 2002. On October 8, 2002, the CERT/CC issued an\n advisory (CA-2002-28) describing various methods to verify\n software authenticity. \n\n\t\tCERT Advisory CA-2002-28\n\t\tTrojan Horse Sendmail Distribution\n\t\thttp://www.cert.org/advisories/CA-2002-28.html\n\n\n 3. Trojan Horse tcpdump and libpcap Distributions\n\n The CERT/CC has received reports that some copies of the source\n code for libpcap, a packet acquisition library, and tcpdump, a\n network sniffer, have been modified by an intruder and contain a\n Trojan horse. These modified distributions began to appear in\n downloads from the HTTP server www.tcpdump.org on or around Nov\n 11, 2002. The CERT/CC issued an advisory (CA-2002-30) listing MD5\n checksums and official distribution sites for libpcap and tcpdump. \n\n\t\tCERT Advisory CA-2002-30\n\t\tTrojan Horse tcpdump and libpcap Distributions\n\t\thttp://www.cert.org/advisories/CA-2002-30.html\n\n\n 4. Multiple Vulnerabilities in BIND\n\n The CERT/CC has documented multiple vulnerabilities in BIND, the\n popular domain name server and client library software package\n from the Internet Software Consortium (ISC). Several vulnerabilities are referenced in the advisory;\n they are listed here individually. \n\n\t\tCERT Advisory CA-2002-31\n\t\tMultiple Vulnerabilities in BIND\n\t\thttp://www.cert.org/advisories/CA-2002-31.html\n\n\t\tVulnerability Note #852283\n\t\tCached malformed SIG record buffer overflow\n\t\thttp://www.kb.cert.org/vuls/id/852283\n\n\t\tVulnerability Note #229595\n\t\tOverly large OPT record assertion\n\t\thttp://www.kb.cert.org/vuls/id/229595\n\n\t\tVulnerability Note #581682\n\t\tISC Bind 8 fails to properly dereference cache SIG RR \n\t\telements invalid expiry times from the internal database\n\t\thttp://www.kb.cert.org/vuls/id/581682\n\n\t\tVulnerability Note #844360\n\t\tDomain Name System (DNS) stub resolver libraries \n\t\tvulnerable to buffer overflows via network name or \n\t\taddress lookups\n\t\thttp://www.kb.cert.org/vuls/id/844360\n\n 5. Heap Overflow Vulnerability in Microsoft Data Access Components\n (MDAC)\n\n On November 21, 2002 the CERT/CC issued an advisory (CA-2002-33)\n describing a vulnerability in MDAC, a collection of Microsoft\n utilities and routines that process requests between databases and\n network applications. \n\n\t CERT Advisory CA-2002-33\n\t Heap Overflow Vulnerability in Microsoft Data Access \n\t Components (MDAC)\n\t http://www.cert.org/advisories/CA-2002-33.html\n ______________________________________________________________________\n\nNew CERT/CC PGP Key\n\n On September 19, the CERT/CC issued a new PGP key, which should be\n used when sending sensitive information to the CERT/CC. \n\n CERT/CC PGP Public Key\n https://www.cert.org/pgp/cert_pgp_key.asc\n Sending Sensitive Information To The CERT/CC\n\n http://www.cert.org/contact_cert/encryptmail.html\n ______________________________________________________________________\n\nWhat\u0027s New and Updated\n\n Since the last CERT Summary, we have published new and updated\n * Advisories\n http://www.cert.org/advisories/\n * Congressional Testimony\n http://www.cert.org/congressional_testimony/\n * CERT/CC Statistics\n http://www.cert.org/stats/cert_stats.html\n * Home User Security\n http://www.cert.org/homeusers/HomeComputerSecurity\n * Tech Tips\n http://www.cert.org/tech_tips/\n * Training Schedule\n http:/www.cert.org/training/\n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/summaries/CS-2002-04.html\n ______________________________________________________________________\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\n Using encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\n Getting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n _________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright \\xa92002 Carnegie Mellon University. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBPePMQWjtSoHZUTs5AQGdxwP9HK4mSF15bMQ9MZ4mMFcLIhvdXykANg8A\n6nEIAyB8CJpbuWdP7sPh3qAwaZ9BhRFEGeLakONOpoo7bmjkwAWrJHxF3b1CrgHS\nZuKQsgEhnm9wpPdU6w6SG1cJBkwz70b8d7YK0vcVuKhmaW0JOx9OLGKsAe3SFePD\nOiZbNHX+eb8=\n=Mnbn\n-----END PGP SIGNATURE-----\n. OpenSSL Security Advisory [30 July 2002]\n\nThis advisory consists of two independent advisories, merged, and is\nan official OpenSSL advisory. \n\nAdvisory 1\n==========\n\nA.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are\nconducting a security review of OpenSSL, under the DARPA program\nCHATS. \n\n1. The client master key in SSL2 could be oversized and overrun a\n buffer. Exploit code is\n NOT available at this time. \n\n2. \n\n3. This issues only affects OpenSSL\n 0.9.7 before 0.9.7-beta3 with Kerberos enabled. \n\n4. Various buffers for ASCII representations of integers were too\n small on 64 bit platforms. \n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2002-0656 to issues 1-2, CAN-2002-0657 to issue\n3, and CAN-2002-0655 to issue 4. \n\nIn addition various potential buffer overflows not known to be\nexploitable have had assertions added to defend against them. \n\nWho is affected?\n----------------\n\nEveryone using OpenSSL 0.9.6d or earlier, or 0.9.7-beta2 or earlier or\ncurrent development snapshots of 0.9.7 to provide SSL or TLS is\nvulnerable, whether client or server. 0.9.6d servers on 32-bit systems\nwith SSL 2.0 disabled are not vulnerable. \n\nSSLeay is probably also affected. \n\nRecommendations\n---------------\n\nApply the attached patch to OpenSSL 0.9.6d, or upgrade to OpenSSL\n0.9.6e. Recompile all applications using OpenSSL to provide SSL or\nTLS. \n\nA patch for 0.9.7 is available from the OpenSSL website\n(https://www.openssl.org/). \n\nServers can disable SSL2, alternatively disable all applications using\nSSL or TLS until the patches are applied. Users of 0.9.7 pre-release\nversions with Kerberos enabled will also have to disable Kerberos. \n\nClient should be disabled altogether until the patches are applied. \n\nKnown Exploits\n--------------\n\nThere are no know exploits available for these vulnerabilities. As\nnoted above, Neohapsis have demonstrated internally that an exploit is\npossible, but have not released the exploit code. \n\nReferences\n----------\n\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0655\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0656\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0657\n\nAcknowledgements\n----------------\n\nThe project leading to this advisory is sponsored by the Defense\nAdvanced Research Projects Agency (DARPA) and Air Force Research\nLaboratory, Air Force Materiel Command, USAF, under agreement number\nF30602-01-2-0537. \n\nThe patch and advisory were prepared by Ben Laurie. \n\n\n\nAdvisory 2\n==========\n\nVulnerabilities\n---------------\n\nThe ASN1 parser can be confused by supplying it with certain invalid\nencodings. \n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2002-0659 to this issue. \n\nWho is affected?\n----------------\n\nAny OpenSSL program which uses the ASN1 library to parse untrusted\ndata. This includes all SSL or TLS applications, those using S/MIME\n(PKCS#7) or certificate generation routines. \n\nRecommendations\n---------------\n\nApply the patch to OpenSSL, or upgrade to OpenSSL 0.9.6e. Recompile\nall applications using OpenSSL. \n\nUsers of 0.9.7 pre-release versions should apply the patch or upgrade\nto 0.9.7-beta3 or later. Recompile all applications using OpenSSL. \n\nReferences\n----------\n\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0659\n\nAcknowledgements\n----------------\n\nThis vulnerability was discovered by Adi Stav \u003cstav@mercury.co.il\u003e\nand James Yonan \u003cjim@ntlp.com\u003e independently. The patch is partly\nbased on a version by Adi Stav. \n\nThe patch and advisory were prepared by Dr. Stephen Henson. \n\n\n\n\nCombined patches for OpenSSL 0.9.6d:\nhttps://www.openssl.org/news/patch_20020730_0_9_6d.txt\n\nCombined patches for OpenSSL 0.9.7 beta 2:\nhttps://www.openssl.org/news/patch_20020730_0_9_7.txt\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20020730.txt\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0656"
},
{
"db": "CERT/CC",
"id": "VU#258555"
},
{
"db": "CERT/CC",
"id": "VU#844360"
},
{
"db": "CERT/CC",
"id": "VU#852283"
},
{
"db": "CERT/CC",
"id": "VU#581682"
},
{
"db": "CERT/CC",
"id": "VU#229595"
},
{
"db": "CERT/CC",
"id": "VU#102795"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000172"
},
{
"db": "BID",
"id": "5363"
},
{
"db": "BID",
"id": "5362"
},
{
"db": "VULHUB",
"id": "VHN-5047"
},
{
"db": "VULMON",
"id": "CVE-2002-0656"
},
{
"db": "PACKETSTORM",
"id": "30532"
},
{
"db": "PACKETSTORM",
"id": "169647"
}
],
"trust": 6.84
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5047",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=40347",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5047"
},
{
"db": "VULMON",
"id": "CVE-2002-0656"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0656",
"trust": 3.3
},
{
"db": "BID",
"id": "5362",
"trust": 3.1
},
{
"db": "CERT/CC",
"id": "VU#102795",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#258555",
"trust": 2.8
},
{
"db": "BID",
"id": "5363",
"trust": 1.5
},
{
"db": "CERT/CC",
"id": "VU#844360",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#852283",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#581682",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#229595",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000172",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200208-027",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "40347",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-75494",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-75495",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5047",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2002-0656",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "30532",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169647",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#258555"
},
{
"db": "CERT/CC",
"id": "VU#844360"
},
{
"db": "CERT/CC",
"id": "VU#852283"
},
{
"db": "CERT/CC",
"id": "VU#581682"
},
{
"db": "CERT/CC",
"id": "VU#229595"
},
{
"db": "CERT/CC",
"id": "VU#102795"
},
{
"db": "VULHUB",
"id": "VHN-5047"
},
{
"db": "VULMON",
"id": "CVE-2002-0656"
},
{
"db": "BID",
"id": "5363"
},
{
"db": "BID",
"id": "5362"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000172"
},
{
"db": "PACKETSTORM",
"id": "30532"
},
{
"db": "PACKETSTORM",
"id": "169647"
},
{
"db": "NVD",
"id": "CVE-2002-0656"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-027"
}
]
},
"id": "VAR-200208-0244",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5047"
}
],
"trust": 0.38947368000000004
},
"last_update_date": "2023-12-18T11:36:12Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX0209-217",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1041818851527+28353475\u0026amp;docid=hpsbux0209-217"
},
{
"title": "HPSBUX0209-217",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0209-217.html"
},
{
"title": "secadv_20020730",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20020730.txt"
},
{
"title": "#37",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/htdocs/opensslalert.html"
},
{
"title": "RHSA-2002:155",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2002-155.html"
},
{
"title": "46424",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-46424-1"
},
{
"title": "RHSA-2002:155",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2002-155j.html"
},
{
"title": "Debian Security Advisories: DSA-136-1 openssl -- multiple remote exploits",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=8ab1654e85c2f0d32d45eef6fce839f1"
},
{
"title": "LinuxFlaw",
"trust": 0.1,
"url": "https://github.com/mudongliang/linuxflaw "
},
{
"title": "cve-",
"trust": 0.1,
"url": "https://github.com/oneoy/cve- "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2002-0656"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0656"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.securityfocus.com/bid/5362"
},
{
"trust": 2.4,
"url": "http://www.isc.org/products/bind/bind-security.html"
},
{
"trust": 2.2,
"url": "http://www.kb.cert.org/vuls/id/102795"
},
{
"trust": 2.1,
"url": "http://www.cert.org/advisories/ca-2002-23.html"
},
{
"trust": 2.0,
"url": "http://www.kb.cert.org/vuls/id/258555"
},
{
"trust": 1.6,
"url": "about vulnerability notes"
},
{
"trust": 1.6,
"url": "contact us about this vulnerability"
},
{
"trust": 1.6,
"url": "provide a vendor statement"
},
{
"trust": 1.6,
"url": "http://bvlive01.iss.net/issen/delivery/xforce/alertdetail.jsp?oid=21469"
},
{
"trust": 1.6,
"url": "http://www.ciac.org/ciac/bulletins/n-013.shtml"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/5363"
},
{
"trust": 1.2,
"url": "ftp://ftp.caldera.com/pub/security/openlinux/cssa-2002-033.0.txt"
},
{
"trust": 1.2,
"url": "ftp://ftp.caldera.com/pub/security/openlinux/cssa-2002-033.1.txt"
},
{
"trust": 1.2,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-02:33.openssl.asc"
},
{
"trust": 1.2,
"url": "http://www.linux-mandrake.com/en/security/2002/mdksa-2002-046.php"
},
{
"trust": 1.2,
"url": "http://www.iss.net/security_center/static/9714.php"
},
{
"trust": 1.2,
"url": "http://www.iss.net/security_center/static/9716.php"
},
{
"trust": 1.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000513"
},
{
"trust": 0.9,
"url": "http://www.cert.org/advisories/ca-2002-27.html"
},
{
"trust": 0.8,
"url": "http://wp.netscape.com/eng/ssl3/draft302.txt"
},
{
"trust": 0.8,
"url": "http://www.isc.org/products/bind/patches/bind4910.diff"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/m-103.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0656"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20020731openssl.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr023001.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr023101.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr023201.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2002/wr023601.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-27"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2002-23"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0656"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030424_144742.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030416_114510.html"
},
{
"trust": 0.6,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2965676.htm"
},
{
"trust": 0.6,
"url": "http://otn.oracle.com/deploy/security/htdocs/opensslalert.html"
},
{
"trust": 0.6,
"url": "http://www.rsasecurity.com/products/bsafe/bulletins/bsafe_ssl_products_security_bulletin_aug_8_2002.pdf"
},
{
"trust": 0.6,
"url": "http://docs.info.apple.com/article.html?artnum=120139"
},
{
"trust": 0.6,
"url": "http://docs.info.apple.com/article.html?artnum=120141"
},
{
"trust": 0.4,
"url": "http://www.openssl.org/news/secadv_20020730.txt"
},
{
"trust": 0.3,
"url": "http://support.coresecurity.com/impact/exploits/b4bc2930d33dc6d98cf1c6c819f241e1.html"
},
{
"trust": 0.3,
"url": "http://www.sonicwall.com/support/security_advisories/security_advisory-openssl.html"
},
{
"trust": 0.3,
"url": "http://www.hp.com/cposupport/networking/support_doc/bpj05999.html#p26_2431"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/securitypatch"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000513"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/http-openssl-malformed-client-key-bof"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/40347/"
},
{
"trust": 0.1,
"url": "https://www.tcpdump.org"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/cs-2002-04.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/homeusers/homecomputersecurity"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/852283"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/581682"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/844360"
},
{
"trust": 0.1,
"url": "http://www.cert.org/stats/cert_stats.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/congressional_testimony/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2002-31.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/current_activity.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/229595"
},
{
"trust": 0.1,
"url": "https://www.cert.org/training/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/contact_cert/encryptmail.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "https://www.cert.org/pgp/cert_pgp_key.asc"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2002-30.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/tech_tips/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2002-33.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2002-28.html"
},
{
"trust": 0.1,
"url": "http://www.neohapsis.com/)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0657"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2002-0657"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/patch_20020730_0_9_6d.txt"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2002-0656"
},
{
"trust": 0.1,
"url": "http://www.thebunker.net/)"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/news/patch_20020730_0_9_7.txt"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/)."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0655"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2002-0655"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2002-0659"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#258555"
},
{
"db": "CERT/CC",
"id": "VU#844360"
},
{
"db": "CERT/CC",
"id": "VU#852283"
},
{
"db": "CERT/CC",
"id": "VU#581682"
},
{
"db": "CERT/CC",
"id": "VU#229595"
},
{
"db": "CERT/CC",
"id": "VU#102795"
},
{
"db": "VULHUB",
"id": "VHN-5047"
},
{
"db": "VULMON",
"id": "CVE-2002-0656"
},
{
"db": "BID",
"id": "5363"
},
{
"db": "BID",
"id": "5362"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000172"
},
{
"db": "PACKETSTORM",
"id": "30532"
},
{
"db": "PACKETSTORM",
"id": "169647"
},
{
"db": "NVD",
"id": "CVE-2002-0656"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#258555"
},
{
"db": "CERT/CC",
"id": "VU#844360"
},
{
"db": "CERT/CC",
"id": "VU#852283"
},
{
"db": "CERT/CC",
"id": "VU#581682"
},
{
"db": "CERT/CC",
"id": "VU#229595"
},
{
"db": "CERT/CC",
"id": "VU#102795"
},
{
"db": "VULHUB",
"id": "VHN-5047"
},
{
"db": "VULMON",
"id": "CVE-2002-0656"
},
{
"db": "BID",
"id": "5363"
},
{
"db": "BID",
"id": "5362"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000172"
},
{
"db": "PACKETSTORM",
"id": "30532"
},
{
"db": "PACKETSTORM",
"id": "169647"
},
{
"db": "NVD",
"id": "CVE-2002-0656"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-027"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-07-30T00:00:00",
"db": "CERT/CC",
"id": "VU#258555"
},
{
"date": "2002-11-13T00:00:00",
"db": "CERT/CC",
"id": "VU#844360"
},
{
"date": "2002-11-13T00:00:00",
"db": "CERT/CC",
"id": "VU#852283"
},
{
"date": "2002-11-13T00:00:00",
"db": "CERT/CC",
"id": "VU#581682"
},
{
"date": "2002-11-13T00:00:00",
"db": "CERT/CC",
"id": "VU#229595"
},
{
"date": "2002-07-30T00:00:00",
"db": "CERT/CC",
"id": "VU#102795"
},
{
"date": "2002-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-5047"
},
{
"date": "2002-08-12T00:00:00",
"db": "VULMON",
"id": "CVE-2002-0656"
},
{
"date": "2002-07-30T00:00:00",
"db": "BID",
"id": "5363"
},
{
"date": "2002-07-30T00:00:00",
"db": "BID",
"id": "5362"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000172"
},
{
"date": "2002-11-30T11:13:52",
"db": "PACKETSTORM",
"id": "30532"
},
{
"date": "2002-07-30T12:12:12",
"db": "PACKETSTORM",
"id": "169647"
},
{
"date": "2002-08-12T04:00:00",
"db": "NVD",
"id": "CVE-2002-0656"
},
{
"date": "2002-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200208-027"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#258555"
},
{
"date": "2003-04-24T00:00:00",
"db": "CERT/CC",
"id": "VU#844360"
},
{
"date": "2004-10-18T00:00:00",
"db": "CERT/CC",
"id": "VU#852283"
},
{
"date": "2003-02-25T00:00:00",
"db": "CERT/CC",
"id": "VU#581682"
},
{
"date": "2003-05-30T00:00:00",
"db": "CERT/CC",
"id": "VU#229595"
},
{
"date": "2002-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#102795"
},
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-5047"
},
{
"date": "2008-09-10T00:00:00",
"db": "VULMON",
"id": "CVE-2002-0656"
},
{
"date": "2007-12-20T17:11:00",
"db": "BID",
"id": "5363"
},
{
"date": "2007-11-15T00:40:00",
"db": "BID",
"id": "5362"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000172"
},
{
"date": "2008-09-10T19:12:40.070000",
"db": "NVD",
"id": "CVE-2002-0656"
},
{
"date": "2006-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200208-027"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "5363"
},
{
"db": "BID",
"id": "5362"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL clients contain a buffer overflow during the SSL3 handshake process",
"sources": [
{
"db": "CERT/CC",
"id": "VU#258555"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "5363"
},
{
"db": "BID",
"id": "5362"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-027"
}
],
"trust": 1.2
}
}
VAR-200501-0463
Vulnerability from variot - Updated: 2023-12-18 11:26Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Linux Kernel of (1) load_elf_library() function, (2) binfmt_aout() Functions include brk There is a flaw in the handling of the segment that causes a race condition.root You may get permission. Linux kernel is reported prone to a local privilege-escalation vulnerability. This issue arises in the 'uselib()' functions of the Linux binary-format loader as a result of a race condition. Successful exploitation of this vulnerability can allow a local attacker to gain elevated privileges on a vulnerable computer. The ELF and a.out loaders are reportedly affected by this vulnerability. The Linux kernel provides a binary format loader layer to load programs in different formats such as ELF or a.out or others, and the kernel also provides the sys_uselib() function to load corresponding binary programs. From the analysis of the uselib function of load_elf_library() in the binfmt_elf.c file, there is a problem in the processing of the BRK segment (VMA) of the library. This segment is established through current->mm->mmap_sem. When modifying the memory layout of the calling process\ '\' semaphore \'\' (semaphore) is not maintained, this can be used to mess with memory management and elevate privileges. Part of the source code fs/binfmt_elf.c is as follows: static int load_elf_library(struct file *file) { [904] down_write(¤t->mm->mmap_sem); error = do_mmap(file, ELF_PAGESTART(elf_phdata->p_vaddr), ( elf_phdata- > p_filesz + ELF_PAGEOFFSET(elf_phdata- > p_vaddr)), PROT_READ | PROT_WRITE | PROT_EXEC, MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE, (elf_phdata- > p_offset - ELF_PAGEOFFSET(elf_phdata- > p_vaddr))); >mmap_sem); if (error != ELF_PAGESTART(elf_phdata->p_vaddr)) goto out_free_ph;.
Want to join the Secunia Security Team?
Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports.
http://secunia.com/secunia_security_specialist/
TITLE: Debian update for kernel-source-2.4.17
SECUNIA ADVISORY ID: SA20338
VERIFY ADVISORY: http://secunia.com/advisories/20338/
CRITICAL: Moderately critical
IMPACT: Exposure of system information, Exposure of sensitive information, Privilege escalation, DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Debian GNU/Linux 3.0 http://secunia.com/product/143/
DESCRIPTION: Debian has issued an update for kernel-source-2.4.17. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information, cause a DoS (Denial of Service), gain escalated privileges, and by malicious people to cause a DoS, and disclose potentially sensitive information.
For more information: SA10533 SA11464 SA11861 SA11943 SA13232 SA13469 SA13126 SA13308 SA13627 SA13756 SA13493 SA13822 SA14295 SA14570 SA13784
SOLUTION: Apply updated packages.
-- Debian GNU/Linux 3.0 alias woody --
Source archives:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-hppa_32.5.dsc Size/MD5 checksum: 713 6ff55b14d3ae957c55bbed7fabf4c047 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-hppa_32.5.tar.gz Size/MD5 checksum: 30437486 86601103169da686167972e5e560e3d4 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.18.dsc Size/MD5 checksum: 736 f97d95c6ecc26401f8f2fc2ead6cf421 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.18.tar.gz Size/MD5 checksum: 25419305 9bc354f889edd4964840475400b088b7 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.5.dsc Size/MD5 checksum: 800 d20db4ab99e311150734b70519cc31e9 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.5.tar.gz Size/MD5 checksum: 12283 f51a7e01941baca7010fb8c2f0f67fe3 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-6.dsc Size/MD5 checksum: 694 2d48f4cfa4917904b6c1f806ecc1bdb4 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-6.tar.gz Size/MD5 checksum: 491935 94638c0c03b6b163f46319e777d4aa71 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody7.dsc Size/MD5 checksum: 805 b48cbc9c2cd59eee3a52f54cfa5356e0 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody7.tar.gz Size/MD5 checksum: 1150966 6748462e7bce7c917e066e0594d42571 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.4.dsc Size/MD5 checksum: 664 f49e9cba55a8a4b098e5dc522f2a07fc http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.4.tar.gz Size/MD5 checksum: 344642 3a488cc38ffc619bfff4bfbb75eff4cd http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4.dsc Size/MD5 checksum: 609 4e0f66c1811cfb9e926c21566e55b202 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4.tar.gz Size/MD5 checksum: 29768549 bc1f8eab880a33bfe2ebeb3ef8b6557a
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-source-2.4.17-hppa_32.5_all.deb Size/MD5 checksum: 24455128 ed5362b12c6327295cd89027ff8e80ab http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-source-2.4.17-ia64_011226.18_all.deb Size/MD5 checksum: 24735538 cf9ddb702811464ac2dd2231512053f9 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody7_all.deb Size/MD5 checksum: 1151866 6f2575f26e7800e1e7a7cafdaf02b3a6 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.4_all.deb Size/MD5 checksum: 300202 0f5db53cdab20024b4a3a75bd0799b1a http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-doc-2.4.17_2.4.17-1woody4_all.deb Size/MD5 checksum: 1708122 7d18878351662289ac0841e0ad8f10f4 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4_all.deb Size/MD5 checksum: 23972270 a0bf4a2796a9b49c36579166e6a72d62
HP Precision architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-headers-2.4.17-hppa_32.5_hppa.deb Size/MD5 checksum: 3523044 63c790a70164e579c8bb3b8a08ea69b5 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-32_32.5_hppa.deb Size/MD5 checksum: 2869994 e9e2be22d5fdf40f2e879570adc1132d http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-32-smp_32.5_hppa.deb Size/MD5 checksum: 3006192 cf53ac718c6ed26a59802e74c5926f00 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-64_32.5_hppa.deb Size/MD5 checksum: 3029436 d0e0fd747af9ff7a3633ee9cc6b1f1e6 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-64-smp_32.5_hppa.deb Size/MD5 checksum: 3170356 ca408698a580463da3a547b2f87006e4 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_hppa.deb Size/MD5 checksum: 16886 437018078d9d01e25702cf1a20c23414
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-headers-2.4.17-ia64_011226.18_ia64.deb Size/MD5 checksum: 3638280 b6cd4e0d4129b6f4d0734253818cd828 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium_011226.18_ia64.deb Size/MD5 checksum: 7026800 55e4cd610c06297c7132ce2aeb88d029 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium-smp_011226.18_ia64.deb Size/MD5 checksum: 7172892 a66f94c18d8ee4354e9446655837c72a http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley_011226.18_ia64.deb Size/MD5 checksum: 7014470 d99cc0f293c747a295230de934328007 http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley-smp_011226.18_ia64.deb Size/MD5 checksum: 7165570 997a9dbf17821067de6ceb65548e7c2b http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody4_ia64.deb Size/MD5 checksum: 21616 1eab80187061fbd304b6328533d7dc33
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-headers-2.4.17_2.4.17-2.woody.5_s390.deb Size/MD5 checksum: 3379418 74817217abf90896eb63d6c6792839fe http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.5_s390.deb Size/MD5 checksum: 1346190 39433c757763336b6c14bf0d00652596 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_s390.deb Size/MD5 checksum: 16404 9cfcf10a2a2ef99bbb009a650cddd227
PowerPC architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-headers-2.4.17-apus_2.4.17-6_powerpc.deb Size/MD5 checksum: 3409712 698750e3998ee3792db43f445a8a8d96 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-2.4.17-apus_2.4.17-6_powerpc.deb Size/MD5 checksum: 2211146 103890e43508a5913a10ff8be80e9cdc http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-apus_2.4.17-6_powerpc.deb Size/MD5 checksum: 4602 31ef3f45675fc13836337dee97486e20 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-6_powerpc.deb Size/MD5 checksum: 490842 799441a4e49b88f780353d7aff9f29d2 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_powerpc.deb Size/MD5 checksum: 16280 4e54c040bc83523d8122287bab6df7a5
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody7_mips.deb Size/MD5 checksum: 3523520 45f001c255a3a66f22148d84d035abb1 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody7_mips.deb Size/MD5 checksum: 2045436 c840c6ff8c9e3ab455d38021d09a391d http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody7_mips.deb Size/MD5 checksum: 2045226 709ccbc6754644fa448c93058f0df504 http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_mips.deb Size/MD5 checksum: 16556 019623b1dbc75bff84d7f056435dc6db
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody7_mipsel.deb Size/MD5 checksum: 3522422 2118440d1658730fd93f47867848573c http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody7_mipsel.deb Size/MD5 checksum: 2200968 63bc732deee6df19b83f10a50485a476 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody7_mipsel.deb Size/MD5 checksum: 2195278 697eb9b05f765c332eca175284eb24b8 http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/mips-tools_2.4.17-0.020226.2.woody7_mipsel.deb Size/MD5 checksum: 17836 61df1f292dccb4e64cb956a629f729fc http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_mipsel.deb Size/MD5 checksum: 16558 f8382b01aca2c535988b5ab5709dae90
Alpha architecture:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_alpha.deb Size/MD5 checksum: 17180 7d1cf8fb24431c01f45fadf7becb6d2e
ARM architecture:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_arm.deb Size/MD5 checksum: 15878 fcf97ed103c205699fb5396c3a49e293
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_i386.deb Size/MD5 checksum: 15518 2e7d50090a469a84ef7f3ae8aa97b85f
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_m68k.deb Size/MD5 checksum: 15368 41a11620bf7ea34b15742ccf59ff6895
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_sparc.deb Size/MD5 checksum: 18356 71b076d3eeff837bfb54a7f538b11b58
ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1082
OTHER REFERENCES: SA10533: http://secunia.com/advisories/10533/
SA11464: http://secunia.com/advisories/11464/
SA11861: http://secunia.com/advisories/11861/
SA11943: http://secunia.com/advisories/11943/
SA13232: http://secunia.com/advisories/13232/
SA13469: http://secunia.com/advisories/13469/
SA13126: http://secunia.com/advisories/13126/
SA13308: http://secunia.com/advisories/13308/
SA13627: http://secunia.com/advisories/13627/
SA13756: http://secunia.com/advisories/13756/
SA13493: http://secunia.com/advisories/13493/
SA13822: http://secunia.com/advisories/13822/
SA14295: http://secunia.com/advisories/14295/
SA14570: http://secunia.com/advisories/14570/
SA13784: http://secunia.com/advisories/13784/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0463",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.6,
"vendor": "mandrakesoft",
"version": "9.2"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.6,
"vendor": "mandrakesoft",
"version": "10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.6.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.28"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.1"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 1.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "s8710",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.1"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "fedora core",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "core_1.0"
},
{
"model": "mandrake multi network firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.6.0"
},
{
"model": "s8300",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8.2"
},
{
"model": "s8710",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "mn100",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "10.0"
},
{
"model": "s8700",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "intuity audix",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.4.24_ow1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "1.0"
},
{
"model": "fedora core",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "core_3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "s8700",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.6_test9_cvs"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.4.29"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.4.23_ow2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "network routing",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "*"
},
{
"model": "s8500",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.0"
},
{
"model": "modular messaging message storage server",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "fedora core",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "core_2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.4.0"
},
{
"model": "s8300",
"scope": "eq",
"trust": 1.0,
"vendor": "avaya",
"version": "r2.0.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "linux ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "linux ia32",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "fedora core3",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "fedora core2",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.10"
},
{
"model": "kernel rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.8"
},
{
"model": "kernel rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.8"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.8"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.7"
},
{
"model": "kernel rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.6"
},
{
"model": "kernel -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel -rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6.1"
},
{
"model": "kernel -test9-cvs",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test9",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test8",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test7",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test5",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test11",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test10",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -test1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.6"
},
{
"model": "kernel -rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.29"
},
{
"model": "kernel -pre5",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.27"
},
{
"model": "kernel -pre4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.27"
},
{
"model": "kernel -pre3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.27"
},
{
"model": "kernel -pre2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.27"
},
{
"model": "kernel -pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.27"
},
{
"model": "kernel -ow1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.24"
},
{
"model": "kernel -pre9",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.23"
},
{
"model": "kernel -ow2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.23"
},
{
"model": "kernel pre7",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel pre4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel -pre6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre5",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel pre-8",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-7",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-5",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18x86"
},
{
"model": "kernel .0-test9",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test8",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test7",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test5",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test12",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test11",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test10",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "network routing",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "mn100",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "12190"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000008"
},
{
"db": "NVD",
"id": "CVE-2004-1235"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:avaya:network_routing:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.29:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8710:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8710:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1235"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Paul Starzetz paul@starzetz.de",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1235",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2004-1235",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "VHN-9665",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:H/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1235",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200504-062",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9665",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2004-1235",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9665"
},
{
"db": "VULMON",
"id": "CVE-2004-1235"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000008"
},
{
"db": "NVD",
"id": "CVE-2004-1235"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Linux Kernel of (1) load_elf_library() function, (2) binfmt_aout() Functions include brk There is a flaw in the handling of the segment that causes a race condition.root You may get permission. Linux kernel is reported prone to a local privilege-escalation vulnerability. This issue arises in the \u0027uselib()\u0027 functions of the Linux binary-format loader as a result of a race condition. Successful exploitation of this vulnerability can allow a local attacker to gain elevated privileges on a vulnerable computer. \nThe ELF and a.out loaders are reportedly affected by this vulnerability. The Linux kernel provides a binary format loader layer to load programs in different formats such as ELF or a.out or others, and the kernel also provides the sys_uselib() function to load corresponding binary programs. From the analysis of the uselib function of load_elf_library() in the binfmt_elf.c file, there is a problem in the processing of the BRK segment (VMA) of the library. This segment is established through current-\u003emm-\u003emmap_sem. When modifying the memory layout of the calling process\\ \u0027\\\u0027 semaphore \\\u0027\\\u0027 (semaphore) is not maintained, this can be used to mess with memory management and elevate privileges. Part of the source code fs/binfmt_elf.c is as follows: static int load_elf_library(struct file *file) { [904] down_write(\u00a4t-\u003emm-\u003emmap_sem); error = do_mmap(file, ELF_PAGESTART(elf_phdata-\u003ep_vaddr), ( elf_phdata- \u003e p_filesz + ELF_PAGEOFFSET(elf_phdata- \u003e p_vaddr)), PROT_READ | PROT_WRITE | PROT_EXEC, MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE, (elf_phdata- \u003e p_offset - ELF_PAGEOFFSET(elf_phdata- \u003e p_vaddr))); \u003emmap_sem); if (error != ELF_PAGESTART(elf_phdata-\u003ep_vaddr)) goto out_free_ph;. \n\n----------------------------------------------------------------------\n\nWant to join the Secunia Security Team?\n\nSecunia offers a position as a security specialist, where your daily\nwork involves reverse engineering of software and exploit code,\nauditing of source code, and analysis of vulnerability reports. \n\nhttp://secunia.com/secunia_security_specialist/\n\n----------------------------------------------------------------------\n\nTITLE:\nDebian update for kernel-source-2.4.17\n\nSECUNIA ADVISORY ID:\nSA20338\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/20338/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nExposure of system information, Exposure of sensitive information,\nPrivilege escalation, DoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nDebian GNU/Linux 3.0\nhttp://secunia.com/product/143/\n\nDESCRIPTION:\nDebian has issued an update for kernel-source-2.4.17. This fixes some\nvulnerabilities, which can be exploited by malicious, local users to\ngain knowledge of sensitive information, cause a DoS (Denial of\nService), gain escalated privileges, and by malicious people to cause\na DoS, and disclose potentially sensitive information. \n\nFor more information:\nSA10533\nSA11464\nSA11861\nSA11943\nSA13232\nSA13469\nSA13126\nSA13308\nSA13627\nSA13756\nSA13493\nSA13822\nSA14295\nSA14570\nSA13784\n\nSOLUTION:\nApply updated packages. \n\n-- Debian GNU/Linux 3.0 alias woody --\n\nSource archives:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-hppa_32.5.dsc\nSize/MD5 checksum: 713 6ff55b14d3ae957c55bbed7fabf4c047\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-hppa_32.5.tar.gz\nSize/MD5 checksum: 30437486 86601103169da686167972e5e560e3d4\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.18.dsc\nSize/MD5 checksum: 736 f97d95c6ecc26401f8f2fc2ead6cf421\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.18.tar.gz\nSize/MD5 checksum: 25419305 9bc354f889edd4964840475400b088b7\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.5.dsc\nSize/MD5 checksum: 800 d20db4ab99e311150734b70519cc31e9\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.5.tar.gz\nSize/MD5 checksum: 12283 f51a7e01941baca7010fb8c2f0f67fe3\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-6.dsc\nSize/MD5 checksum: 694 2d48f4cfa4917904b6c1f806ecc1bdb4\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-6.tar.gz\nSize/MD5 checksum: 491935 94638c0c03b6b163f46319e777d4aa71\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody7.dsc\nSize/MD5 checksum: 805 b48cbc9c2cd59eee3a52f54cfa5356e0\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody7.tar.gz\nSize/MD5 checksum: 1150966 6748462e7bce7c917e066e0594d42571\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.4.dsc\nSize/MD5 checksum: 664 f49e9cba55a8a4b098e5dc522f2a07fc\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.4.tar.gz\nSize/MD5 checksum: 344642 3a488cc38ffc619bfff4bfbb75eff4cd\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4.dsc\nSize/MD5 checksum: 609 4e0f66c1811cfb9e926c21566e55b202\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4.tar.gz\nSize/MD5 checksum: 29768549 bc1f8eab880a33bfe2ebeb3ef8b6557a\n\nArchitecture independent components:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-source-2.4.17-hppa_32.5_all.deb\nSize/MD5 checksum: 24455128 ed5362b12c6327295cd89027ff8e80ab\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-source-2.4.17-ia64_011226.18_all.deb\nSize/MD5 checksum: 24735538 cf9ddb702811464ac2dd2231512053f9\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody7_all.deb\nSize/MD5 checksum: 1151866 6f2575f26e7800e1e7a7cafdaf02b3a6\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.4_all.deb\nSize/MD5 checksum: 300202 0f5db53cdab20024b4a3a75bd0799b1a\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-doc-2.4.17_2.4.17-1woody4_all.deb\nSize/MD5 checksum: 1708122 7d18878351662289ac0841e0ad8f10f4\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4_all.deb\nSize/MD5 checksum: 23972270 a0bf4a2796a9b49c36579166e6a72d62\n\nHP Precision architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-headers-2.4.17-hppa_32.5_hppa.deb\nSize/MD5 checksum: 3523044 63c790a70164e579c8bb3b8a08ea69b5\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-32_32.5_hppa.deb\nSize/MD5 checksum: 2869994 e9e2be22d5fdf40f2e879570adc1132d\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-32-smp_32.5_hppa.deb\nSize/MD5 checksum: 3006192 cf53ac718c6ed26a59802e74c5926f00\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-64_32.5_hppa.deb\nSize/MD5 checksum: 3029436 d0e0fd747af9ff7a3633ee9cc6b1f1e6\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-64-smp_32.5_hppa.deb\nSize/MD5 checksum: 3170356 ca408698a580463da3a547b2f87006e4\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_hppa.deb\nSize/MD5 checksum: 16886 437018078d9d01e25702cf1a20c23414\n\nIntel IA-64 architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-headers-2.4.17-ia64_011226.18_ia64.deb\nSize/MD5 checksum: 3638280 b6cd4e0d4129b6f4d0734253818cd828\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium_011226.18_ia64.deb\nSize/MD5 checksum: 7026800 55e4cd610c06297c7132ce2aeb88d029\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium-smp_011226.18_ia64.deb\nSize/MD5 checksum: 7172892 a66f94c18d8ee4354e9446655837c72a\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley_011226.18_ia64.deb\nSize/MD5 checksum: 7014470 d99cc0f293c747a295230de934328007\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley-smp_011226.18_ia64.deb\nSize/MD5 checksum: 7165570 997a9dbf17821067de6ceb65548e7c2b\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody4_ia64.deb\nSize/MD5 checksum: 21616 1eab80187061fbd304b6328533d7dc33\n\nIBM S/390 architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-headers-2.4.17_2.4.17-2.woody.5_s390.deb\nSize/MD5 checksum: 3379418 74817217abf90896eb63d6c6792839fe\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.5_s390.deb\nSize/MD5 checksum: 1346190 39433c757763336b6c14bf0d00652596\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_s390.deb\nSize/MD5 checksum: 16404 9cfcf10a2a2ef99bbb009a650cddd227\n\nPowerPC architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-headers-2.4.17-apus_2.4.17-6_powerpc.deb\nSize/MD5 checksum: 3409712 698750e3998ee3792db43f445a8a8d96\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-2.4.17-apus_2.4.17-6_powerpc.deb\nSize/MD5 checksum: 2211146 103890e43508a5913a10ff8be80e9cdc\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-apus_2.4.17-6_powerpc.deb\nSize/MD5 checksum: 4602 31ef3f45675fc13836337dee97486e20\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-6_powerpc.deb\nSize/MD5 checksum: 490842 799441a4e49b88f780353d7aff9f29d2\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_powerpc.deb\nSize/MD5 checksum: 16280 4e54c040bc83523d8122287bab6df7a5\n\nBig endian MIPS architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody7_mips.deb\nSize/MD5 checksum: 3523520 45f001c255a3a66f22148d84d035abb1\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody7_mips.deb\nSize/MD5 checksum: 2045436 c840c6ff8c9e3ab455d38021d09a391d\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody7_mips.deb\nSize/MD5 checksum: 2045226 709ccbc6754644fa448c93058f0df504\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_mips.deb\nSize/MD5 checksum: 16556 019623b1dbc75bff84d7f056435dc6db\n\nLittle endian MIPS architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody7_mipsel.deb\nSize/MD5 checksum: 3522422 2118440d1658730fd93f47867848573c\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody7_mipsel.deb\nSize/MD5 checksum: 2200968 63bc732deee6df19b83f10a50485a476\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody7_mipsel.deb\nSize/MD5 checksum: 2195278 697eb9b05f765c332eca175284eb24b8\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/mips-tools_2.4.17-0.020226.2.woody7_mipsel.deb\nSize/MD5 checksum: 17836 61df1f292dccb4e64cb956a629f729fc\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_mipsel.deb\nSize/MD5 checksum: 16558 f8382b01aca2c535988b5ab5709dae90\n\nAlpha architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_alpha.deb\nSize/MD5 checksum: 17180 7d1cf8fb24431c01f45fadf7becb6d2e\n\nARM architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_arm.deb\nSize/MD5 checksum: 15878 fcf97ed103c205699fb5396c3a49e293\n\nIntel IA-32 architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_i386.deb\nSize/MD5 checksum: 15518 2e7d50090a469a84ef7f3ae8aa97b85f\n\nMotorola 680x0 architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_m68k.deb\nSize/MD5 checksum: 15368 41a11620bf7ea34b15742ccf59ff6895\n\nSun Sparc architecture:\n\nhttp://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_sparc.deb\nSize/MD5 checksum: 18356 71b076d3eeff837bfb54a7f538b11b58\n\nORIGINAL ADVISORY:\nhttp://www.us.debian.org/security/2006/dsa-1082\n\nOTHER REFERENCES:\nSA10533:\nhttp://secunia.com/advisories/10533/\n\nSA11464:\nhttp://secunia.com/advisories/11464/\n\nSA11861:\nhttp://secunia.com/advisories/11861/\n\nSA11943:\nhttp://secunia.com/advisories/11943/\n\nSA13232:\nhttp://secunia.com/advisories/13232/\n\nSA13469:\nhttp://secunia.com/advisories/13469/\n\nSA13126:\nhttp://secunia.com/advisories/13126/\n\nSA13308:\nhttp://secunia.com/advisories/13308/\n\nSA13627:\nhttp://secunia.com/advisories/13627/\n\nSA13756:\nhttp://secunia.com/advisories/13756/\n\nSA13493:\nhttp://secunia.com/advisories/13493/\n\nSA13822:\nhttp://secunia.com/advisories/13822/\n\nSA14295:\nhttp://secunia.com/advisories/14295/\n\nSA14570:\nhttp://secunia.com/advisories/14570/\n\nSA13784:\nhttp://secunia.com/advisories/13784/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1235"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000008"
},
{
"db": "BID",
"id": "12190"
},
{
"db": "VULHUB",
"id": "VHN-9665"
},
{
"db": "VULMON",
"id": "CVE-2004-1235"
},
{
"db": "PACKETSTORM",
"id": "46535"
},
{
"db": "PACKETSTORM",
"id": "46873"
},
{
"db": "PACKETSTORM",
"id": "46534"
},
{
"db": "PACKETSTORM",
"id": "46587"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=744",
"trust": 0.3,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-9665",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9665"
},
{
"db": "VULMON",
"id": "CVE-2004-1235"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "12190",
"trust": 2.9
},
{
"db": "NVD",
"id": "CVE-2004-1235",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "20202",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "20338",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "20162",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "20163",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "13756",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1012810",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000008",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200504-062",
"trust": 0.7
},
{
"db": "REDHAT",
"id": "RHSA-2005:017",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:043",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:016",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2005:092",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1069",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1070",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1082",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1067",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2005:001",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2005-014",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2005-013",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FLSA:2336",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2005:022",
"trust": 0.6
},
{
"db": "XF",
"id": "18800",
"trust": 0.6
},
{
"db": "TRUSTIX",
"id": "2005-0001",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2005:930",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20050107 LINUX KERNEL SYS_USELIB LOCAL ROOT VULNERABILITY",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "744",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-62968",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "35641",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "35920",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "778",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "895",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9665",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2004-1235",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46873",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46534",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46587",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9665"
},
{
"db": "VULMON",
"id": "CVE-2004-1235"
},
{
"db": "BID",
"id": "12190"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000008"
},
{
"db": "PACKETSTORM",
"id": "46535"
},
{
"db": "PACKETSTORM",
"id": "46873"
},
{
"db": "PACKETSTORM",
"id": "46534"
},
{
"db": "PACKETSTORM",
"id": "46587"
},
{
"db": "NVD",
"id": "CVE-2004-1235"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
]
},
"id": "VAR-200501-0463",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9665"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:26:36.727000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "kernel_30",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/kernel_30.html"
},
{
"title": "RHSA-2005:017",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-017.html"
},
{
"title": "RHSA-2005:092",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-092.html"
},
{
"title": "RHSA-2005:043",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-043.html"
},
{
"title": "RHSA-2005:016",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-016.html"
},
{
"title": "TLSA-2005-29",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2005/tlsa-2005-29.txt"
},
{
"title": "RHSA-2005:043",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-043j.html"
},
{
"title": "RHSA-2005:016",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-016j.html"
},
{
"title": "RHSA-2005:017",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-017j.html"
},
{
"title": "RHSA-2005:092",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-092j.html"
},
{
"title": "TLSA-2005-29",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2005/tlsa-2005-29j.txt"
},
{
"title": "Ubuntu Security Notice: linux-source-2.6.8.1 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-57-1"
},
{
"title": "Red Hat: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-2005043 - security advisory"
},
{
"title": "Red Hat: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-2005016 - security advisory"
},
{
"title": "Red Hat: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-2005017 - security advisory"
},
{
"title": "Red Hat: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-2005092 - security advisory"
},
{
"title": "Debian Security Advisories: DSA-1069-1 kernel-source-2.4.18 -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=8f142ef483ef182da579a853641273b4"
},
{
"title": "Debian Security Advisories: DSA-1067-1 kernel-source-2.4.16 -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=b7e58f3ba3a41c2f220a9b5beec79066"
},
{
"title": "Debian Security Advisories: DSA-1070-1 kernel-source-2.4.19 -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=43028482bc5e84e25f6599c9be08b557"
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/shadowshusky/linux-kernel-exploits "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/feng4/linux-kernel-exploits "
},
{
"title": "Linux-kernel-EoP-exp",
"trust": 0.1,
"url": "https://github.com/de4dcr0w/linux-kernel-eop-exp "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/zyjsuper/linux-kernel-exploits "
},
{
"title": "linux-exp",
"trust": 0.1,
"url": "https://github.com/qchilan/linux-exp "
},
{
"title": "LinuxEelvation",
"trust": 0.1,
"url": "https://github.com/al1ex/linuxeelvation "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/straight-wood/linux-kernel-exploits "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/yige666/linux-kernel-exploits "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/kumardineshwar/linux-kernel-exploits "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/vahalen/linux-kernel-exploits "
},
{
"title": "linux-exp",
"trust": 0.1,
"url": "https://github.com/coffee727/linux-exp "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/m0mkris/linux-kernel-exploits "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/xssfile/linux-kernel-exploits "
},
{
"title": "LinuxElevation",
"trust": 0.1,
"url": "https://github.com/al1ex/linuxelvation "
},
{
"title": "LinuxEelvation",
"trust": 0.1,
"url": "https://github.com/fei9747/linuxeelvation "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/c0dak/linux-kernel-exploits "
},
{
"title": "local-root-exploit-",
"trust": 0.1,
"url": "https://github.com/sohaip-hackerdz/local-root-exploit- "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/xfinest/linux-kernel-exploits "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/secwiki/linux-kernel-exploits "
},
{
"title": "Localroot-ALL-CVE",
"trust": 0.1,
"url": "https://github.com/snoopy-sec/localroot-all-cve "
},
{
"title": "linux-kernel-exploits",
"trust": 0.1,
"url": "https://github.com/micr067/linux-kernel-exploits "
},
{
"title": "LinuxElevation",
"trust": 0.1,
"url": "https://github.com/al1ex/linuxelevation "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2004-1235"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000008"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1235"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/12190"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/advisories/7804"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/advisories/7806"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/advisories/7805"
},
{
"trust": 1.8,
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2005:022"
},
{
"trust": 1.8,
"url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2005-016.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2005-017.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2005-043.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2005-092.html"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/20162"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/20163"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/20202"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/20338"
},
{
"trust": 1.8,
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"trust": 1.8,
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9567"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/13756/"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1235"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-1235"
},
{
"trust": 0.8,
"url": "http://www.securiteam.com/unixfocus/5gp022kekq.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/jan/1012810.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/18800"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=110512575901427\u0026w=2"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/13232/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/13469/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/13308/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/13822/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/11464/"
},
{
"trust": 0.4,
"url": "http://secunia.com/product/143/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/10533/"
},
{
"trust": 0.4,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/13126/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/11943/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/13627/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/14570/"
},
{
"trust": 0.4,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/11861/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/13784/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/14295/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/13493/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-034_rhsa-2005-016rhsa-2006-017rhsa-2005-043.pdf"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2005-043.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2005-092.html"
},
{
"trust": 0.3,
"url": "/archive/1/386399"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=110512575901427\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026amp;anuncio=000930"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=8612"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/57-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/744/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20162/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-doc-2.4.16_2.4.16-1woody3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419woody1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419woody1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-headers-2.4.16_20040419woody1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419woody1_arm.deb"
},
{
"trust": 0.1,
"url": "http://www.us.debian.org/security/2006/dsa-1067"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-hppa_32.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium_011226.18_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-source-2.4.17-hppa_32.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-6.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_s390.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody7_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.5.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley_011226.18_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-apus_2.4.17-6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-headers-2.4.17-apus_2.4.17-6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-2.4.17-apus_2.4.17-6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody7_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-doc-2.4.17_2.4.17-1woody4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-64_32.5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody7_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium-smp_011226.18_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-32_32.5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody7.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-headers-2.4.17-ia64_011226.18_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley-smp_011226.18_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-6.tar.gz"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20338/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-source-2.4.17-ia64_011226.18_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-64-smp_32.5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody7_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody7.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.4.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-hppa_32.5.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.18.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.18.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody7_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody7_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody7_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/mips-tools_2.4.17-0.020226.2.woody7_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://www.us.debian.org/security/2006/dsa-1082"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-32-smp_32.5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-headers-2.4.17_2.4.17-2.woody.5_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/mkcramfs_2.4.17-1woody3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-headers-2.4.17-hppa_32.5_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r5k-ip22_2.4.19-0.020911.1.woody5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.tar.gz"
},
{
"trust": 0.1,
"url": "http://www.us.debian.org/security/2006/dsa-1070"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-doc-2.4.19_2.4.19-4.woody3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.dsc"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20163/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u_26woody1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/mips-tools_2.4.19-0.020911.1.woody5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r4k-ip22_2.4.19-0.020911.1.woody5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.18-sparc_22woody1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u-smp_22woody1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-headers-2.4.19_2.4.19-0.020911.1.woody5_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u_22woody1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.19-sparc_26woody1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u-smp_26woody1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://www.us.debian.org/security/2006/dsa-1069"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-headers-2.4.18_2.4.18-1woody6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody6.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-benh/kernel-patch-benh_20020304woody1.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-15woody1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20202/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-15woody1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-benh/kernel-patch-benh_20020304woody1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-15woody1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-15woody1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody6.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-14.4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-15woody1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-powerpc-xfs/kernel-image-2.4.18-powerpc-xfs_20020329woody1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-powerpc-xfs/kernel-image-2.4.18-powerpc-xfs_20020329woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.2.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-13.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-patch-benh/kernel-patch-benh_20020304woody1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-powerpc-xfs/kernel-image-2.4.18-powerpc-xfs_20020329woody1.tar.gz"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9665"
},
{
"db": "VULMON",
"id": "CVE-2004-1235"
},
{
"db": "BID",
"id": "12190"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000008"
},
{
"db": "PACKETSTORM",
"id": "46535"
},
{
"db": "PACKETSTORM",
"id": "46873"
},
{
"db": "PACKETSTORM",
"id": "46534"
},
{
"db": "PACKETSTORM",
"id": "46587"
},
{
"db": "NVD",
"id": "CVE-2004-1235"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9665"
},
{
"db": "VULMON",
"id": "CVE-2004-1235"
},
{
"db": "BID",
"id": "12190"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000008"
},
{
"db": "PACKETSTORM",
"id": "46535"
},
{
"db": "PACKETSTORM",
"id": "46873"
},
{
"db": "PACKETSTORM",
"id": "46534"
},
{
"db": "PACKETSTORM",
"id": "46587"
},
{
"db": "NVD",
"id": "CVE-2004-1235"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-9665"
},
{
"date": "2005-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2004-1235"
},
{
"date": "2005-01-07T00:00:00",
"db": "BID",
"id": "12190"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000008"
},
{
"date": "2006-05-23T05:09:34",
"db": "PACKETSTORM",
"id": "46535"
},
{
"date": "2006-05-31T21:33:01",
"db": "PACKETSTORM",
"id": "46873"
},
{
"date": "2006-05-23T05:09:34",
"db": "PACKETSTORM",
"id": "46534"
},
{
"date": "2006-05-23T16:45:46",
"db": "PACKETSTORM",
"id": "46587"
},
{
"date": "2005-04-14T04:00:00",
"db": "NVD",
"id": "CVE-2004-1235"
},
{
"date": "2005-01-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9665"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULMON",
"id": "CVE-2004-1235"
},
{
"date": "2007-01-18T02:41:00",
"db": "BID",
"id": "12190"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000008"
},
{
"date": "2017-10-11T01:29:43.527000",
"db": "NVD",
"id": "CVE-2004-1235"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "12190"
},
{
"db": "PACKETSTORM",
"id": "46535"
},
{
"db": "PACKETSTORM",
"id": "46873"
},
{
"db": "PACKETSTORM",
"id": "46534"
},
{
"db": "PACKETSTORM",
"id": "46587"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel of Multiple function race condition vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000008"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competitive condition",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200504-062"
}
],
"trust": 0.6
}
}
VAR-200304-0013
Vulnerability from variot - Updated: 2023-12-18 11:16The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. Sendmail contains a buffer overflow in code that parses email addresses. A remote attacker could execute arbitrary code or cause a denial of service on a vulnerable system. The flaw is present in the 'prescan()' procedure, which is used for processing email addresses in SMTP headers. This vulnerability stems from a logic error in the conversion of a char to an integer value. The issue has been fixed Sendmail 8.12.9. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. Sendmail is one of the most popular MTAs. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\% to 75\% of the total. Many UNIX and Linux workstations run Sendmail by default. This vulnerability exists in the prescan() process. The vulnerability is for messages, not connections. This means that the vulnerability is triggered by the content of a specially crafted email message, rather than by lower-level network communications. This is important because a non-vulnerable MTA can send malicious messages along with other protected MTAs in the network. In other words, even if the software used by the boundary MTA of the site is not sendmail, the sendmail service program with loopholes inside the network is still threatened. Messages that exploit this vulnerability can also pass through many common packet filters or firewalls undetected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0013",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "switch",
"scope": "eq",
"trust": 1.8,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "10.24"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.34"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.30"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.26"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.16"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk3_bl3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk6_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk2_bl2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d_pk9_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk5_bl19"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0f"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk7_bl18"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk4_bl18"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "hp-ux series 700",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk1_bl1"
},
{
"model": "sis",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0a"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0a_pk3_bl17"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk3_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0_pk4_bl18"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "8.0"
},
{
"model": "hp-ux series 800",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.20"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.00"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk1_bl1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.08"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0_pk4_bl17"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk6_bl20"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk3_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.4"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.09"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0b"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mirapoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sequent ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sendmail consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.12.8"
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "advanced message server",
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.1.x"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2.x"
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "11.04"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.6,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "hp-ux sis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "z/os v1r4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "os/390 v2r6",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "tru64 f pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "tru64 pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "nonstop-ux whitney",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "z/os",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "os/390 v2r9",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "solaris x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.9"
},
{
"model": "hp-ux series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20700"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "z/os v1r2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.7"
},
{
"model": "tru64 g pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 d pk9",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "os/390 v2r8",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "solaris 2.4 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq 4100r",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "tru64 d",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.8"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "nonstop-ux puma",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "tru64 f pk7",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "openlinux server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.1.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64 pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "cobalt qube3 4000wg",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.8"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "os/390 v2r10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "altavista firewall avfw98",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 b pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.9"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "solaris 2.5 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "openlinux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.1.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "tru64 a pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "tru64 a pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2"
},
{
"model": "lx50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "alphaserver sc",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "tru64 pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "solaris ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "hp-ux series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20800"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "mvs",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cobalt raq4 3001r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "cobalt raq xtr 3500r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "altavista firewall raptor ec",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:sis:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0161"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michal Zalewski\u203b lcamtuf@dione.ids.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0161",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2003-0161",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-6991",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0161",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#897604",
"trust": 0.8,
"value": "67.20"
},
{
"author": "CNNVD",
"id": "CNNVD-200304-025",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-6991",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2003-0161",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. Sendmail contains a buffer overflow in code that parses email addresses. A remote attacker could execute arbitrary code or cause a denial of service on a vulnerable system. The flaw is present in the \u0027prescan()\u0027 procedure, which is used for processing email addresses in SMTP headers. This vulnerability stems from a logic error in the conversion of a char to an integer value. The issue has been fixed Sendmail 8.12.9. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. Sendmail is one of the most popular MTAs. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\\\\% to 75\\\\% of the total. Many UNIX and Linux workstations run Sendmail by default. This vulnerability exists in the prescan() process. The vulnerability is for messages, not connections. This means that the vulnerability is triggered by the content of a specially crafted email message, rather than by lower-level network communications. This is important because a non-vulnerable MTA can send malicious messages along with other protected MTAs in the network. In other words, even if the software used by the boundary MTA of the site is not sendmail, the sendmail service program with loopholes inside the network is still threatened. Messages that exploit this vulnerability can also pass through many common packet filters or firewalls undetected",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=24",
"trust": 0.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-6991",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#897604",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2003-0161",
"trust": 2.9
},
{
"db": "BID",
"id": "7230",
"trust": 2.9
},
{
"db": "XF",
"id": "11653",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025",
"trust": 0.7
},
{
"db": "REDHAT",
"id": "RHSA-2003:121",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:120",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-278",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-290",
"trust": 0.6
},
{
"db": "SCO",
"id": "SCOSA-2004.11",
"trust": 0.6
},
{
"db": "IMMUNIX",
"id": "IMNX-2003-7+-002-01",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "52620",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "52700",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "1001088",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030329 SENDMAIL 8.12.9 AVAILABLE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030520 [FWD: 127 RESEARCH AND DEVELOPMENT: 127 DAY!]",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030331 GLSA: SENDMAIL (200303-27)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030329 SENDMAIL: -1 GONE WILD",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030330 [OPENPKG-SA-2003.027] OPENPKG SECURITY ADVISORY (SENDMAIL)",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20030329 SENDMAIL: -1 GONE WILD",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-12",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2003:614",
"trust": 0.6
},
{
"db": "SGI",
"id": "20030401-01-P",
"trust": 0.6
},
{
"db": "CALDERA",
"id": "CSSA-2003-016.0",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200303-27",
"trust": 0.6
},
{
"db": "FREEBSD",
"id": "FREEBSD-SA-03:07",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "24",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-15232",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-62723",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76244",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22442",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-6991",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2003-0161",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"id": "VAR-200304-0013",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6991"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:16:12.729000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00253",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00958571"
},
{
"title": "HPSBUX0304-253",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0304-253.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ibm.com/jp/"
},
{
"title": "RHSA-2003:120",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-120.html"
},
{
"title": "sendmail 8.12.9 available",
"trust": 0.8,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"title": "52620",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"title": "52700",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"title": "52700",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-3"
},
{
"title": "52620",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-3"
},
{
"title": "4 Sendmail Security Update 2.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026amp;nav=patchpage"
},
{
"title": "XTR Sendmail Security Update 1.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026amp;nav=patchpage"
},
{
"title": "550 Sendmail Security Update 0.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-24",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-24.txt"
},
{
"title": "Sendmail Inc. Information for VU#897604",
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/aamn-5kuutz"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sendmail.co.jp/"
},
{
"title": "RHSA-2003:120",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-120j.html"
},
{
"title": "TLSA-2003-24",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-24j.txt"
},
{
"title": "Debian Security Advisories: DSA-290-1 sendmail-wide -- char-to-int conversion",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=8086c3d7d3014252ce37b8626383010c"
},
{
"title": "cumes",
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0161"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/897604"
},
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/7230"
},
{
"trust": 2.6,
"url": "http://www.cert.org/advisories/ca-2003-12.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/archive/1/321997"
},
{
"trust": 1.8,
"url": "ftp://ftp.caldera.com/pub/security/openlinux/cssa-2003-016.0.txt"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-278"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-290"
},
{
"trust": 1.8,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-03:07.sendmail.asc"
},
{
"trust": 1.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-march/004295.html"
},
{
"trust": 1.8,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-120.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-121.html"
},
{
"trust": 1.8,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2004.11/scosa-2004.11.txt"
},
{
"trust": 1.8,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-p"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/archive/1/317135/30/25220/threaded"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/316773/2003-03-28/2003-04-03/0"
},
{
"trust": 0.8,
"url": "http://www.iss.net/issen/delivery/xforce/alertdetail.jsp?oid=22127"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org/secure-install.html"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org/ftp/release_notes"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2047.txt"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-067.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0161"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20030331sendmail.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031401.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031501.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031301.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2003/at030004.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-12"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-07/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0161"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/11653"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/sendmail033103_xforce.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030330_153031.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030506_122656.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/316961/30/25250/threaded"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f52620"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2003.0793.1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2003-121.html"
},
{
"trust": 0.3,
"url": "http://www.sendmail.org/"
},
{
"trust": 0.3,
"url": "http://www.sotlinux.org/en/sotlinux/sa/2003/2003-0019.php"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v4.0f/duv40fb18-c0093400-17811-es-20030403.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1a/t64v51ab21-c0112900-17770-es-20030402.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1b/t64v51bb1-c0008000-17812-es-20030403.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51b20-c0176700-17773-es-20030402.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v4.0g/t64v40gb17-c0029200-17810-es-20030403.readme"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f52700\u0026zone_32=category%3asecurity"
},
{
"trust": 0.3,
"url": "/archive/1/321997"
},
{
"trust": 0.3,
"url": "/archive/1/316760"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104897487512238\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104896621106790\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104914999806315\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000614"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-290"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/24/"
},
{
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-29T00:00:00",
"db": "CERT/CC",
"id": "VU#897604"
},
{
"date": "2003-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-6991"
},
{
"date": "2003-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"date": "2003-03-29T00:00:00",
"db": "BID",
"id": "7230"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"date": "2003-04-02T05:00:00",
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"date": "2003-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-25T00:00:00",
"db": "CERT/CC",
"id": "VU#897604"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-6991"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"date": "2007-09-21T23:40:00",
"db": "BID",
"id": "7230"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"date": "2010-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sendmail address parsing buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "7230"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
],
"trust": 0.9
}
}
VAR-200410-0047
Vulnerability from variot - Updated: 2023-12-18 11:03Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. Cyrus SASL is affected by multiple critical vulnerabilities that may be remotely exploitable. The first issue is due to a boundary condition error, the second issue is due to a failure of the application to properly handle environment variables. Information currently available regarding these issues is insufficient to provide a more detailed analysis. This BID will be updated and split into separate BIDs when more information becomes available. An attacker can leverage the boundary condition issue to exploit arbitrary code on the affected computer. The impact of the environment variable issue is currently unknown. Cyrus SASL provides several open source implementations for security authentication. Cyrus SASL incorrectly handles the SASL_PATH environment variable, which could be exploited by a local attacker for privilege escalation attacks. Attackers can use the SASL_PATH environment variable to make privileged applications load arbitrary library files from any directory specified by the user, which can cause malicious programs to run with high privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200410-0047",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.0.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.0.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.0.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 1.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 1.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "1.5.28"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.1"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.18"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.4"
},
{
"model": "fedora core",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "core_1.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "10.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.3"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.12"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "1.5.24"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.16"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.15"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "9.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.2"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.18_r1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.2"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.10"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "cvsup",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "16.1h_36.i586"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.9"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.17"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.11"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "1.5.27"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.5"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.14"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.5"
},
{
"model": "sasl",
"scope": "eq",
"trust": 1.0,
"vendor": "cyrus",
"version": "2.1.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "cvsup-16.1h-36.i586.rpm",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.4"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.15"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "sasl -r1",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.18"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "1.5.27"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.11"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.03"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.14"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.17"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.12"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "1.5.28"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.16"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "sasl -r2",
"scope": "ne",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.18"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "1.5.24"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "sasl",
"scope": "eq",
"trust": 0.3,
"vendor": "cyrus utils",
"version": "2.1.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
}
],
"sources": [
{
"db": "BID",
"id": "11347"
},
{
"db": "NVD",
"id": "CVE-2005-0373"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:1.5.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:1.5.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:1.5.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.18_r1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cyrus:sasl:2.1.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_cvsup:16.1h_36.i586:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0373"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cyrus",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0373",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-11582",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0373",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0373",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200410-006",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-11582",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2005-0373",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11582"
},
{
"db": "VULMON",
"id": "CVE-2005-0373"
},
{
"db": "NVD",
"id": "CVE-2005-0373"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. Cyrus SASL is affected by multiple critical vulnerabilities that may be remotely exploitable. The first issue is due to a boundary condition error, the second issue is due to a failure of the application to properly handle environment variables. \nInformation currently available regarding these issues is insufficient to provide a more detailed analysis. This BID will be updated and split into separate BIDs when more information becomes available. \nAn attacker can leverage the boundary condition issue to exploit arbitrary code on the affected computer. The impact of the environment variable issue is currently unknown. Cyrus SASL provides several open source implementations for security authentication. Cyrus SASL incorrectly handles the SASL_PATH environment variable, which could be exploited by a local attacker for privilege escalation attacks. Attackers can use the SASL_PATH environment variable to make privileged applications load arbitrary library files from any directory specified by the user, which can cause malicious programs to run with high privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0373"
},
{
"db": "BID",
"id": "11347"
},
{
"db": "VULHUB",
"id": "VHN-11582"
},
{
"db": "VULMON",
"id": "CVE-2005-0373"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11347",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2005-0373",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-200410-006",
"trust": 0.7
},
{
"db": "XF",
"id": "5",
"trust": 0.6
},
{
"db": "XF",
"id": "17642",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OPENBSD-PORTS] 20040717 UPDATE: CYRUS-SASL-2.1.19",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200410-05",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2005:006",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2005:054",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-11582",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2005-0373",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11582"
},
{
"db": "VULMON",
"id": "CVE-2005-0373"
},
{
"db": "BID",
"id": "11347"
},
{
"db": "NVD",
"id": "CVE-2005-0373"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
]
},
"id": "VAR-200410-0047",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11582"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:03:06.320000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0373"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/11347"
},
{
"trust": 1.8,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2005:054"
},
{
"trust": 1.8,
"url": "http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html"
},
{
"trust": 1.8,
"url": "http://www.linuxcompatible.org/print42495.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026r2=1.171"
},
{
"trust": 1.7,
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026content-type=text/x-cvsweb-markup"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17642"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17642"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=301061"
},
{
"trust": 0.3,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000959"
},
{
"trust": 0.3,
"url": "http://asg.web.cmu.edu/cyrus/"
},
{
"trust": 0.3,
"url": "http://asg.web.cmu.edu/sasl/"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-546.html"
},
{
"trust": 0.1,
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026amp;r2=1.171"
},
{
"trust": 0.1,
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026amp;content-type=text/x-cvsweb-markup"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=8238"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/linuxrpm-rhsa-2004-546"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11582"
},
{
"db": "VULMON",
"id": "CVE-2005-0373"
},
{
"db": "BID",
"id": "11347"
},
{
"db": "NVD",
"id": "CVE-2005-0373"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11582"
},
{
"db": "VULMON",
"id": "CVE-2005-0373"
},
{
"db": "BID",
"id": "11347"
},
{
"db": "NVD",
"id": "CVE-2005-0373"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-07T00:00:00",
"db": "VULHUB",
"id": "VHN-11582"
},
{
"date": "2004-10-07T00:00:00",
"db": "VULMON",
"id": "CVE-2005-0373"
},
{
"date": "2004-10-07T00:00:00",
"db": "BID",
"id": "11347"
},
{
"date": "2004-10-07T04:00:00",
"db": "NVD",
"id": "CVE-2005-0373"
},
{
"date": "2004-10-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-11582"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULMON",
"id": "CVE-2005-0373"
},
{
"date": "2009-07-12T07:06:00",
"db": "BID",
"id": "11347"
},
{
"date": "2017-07-11T01:32:15.687000",
"db": "NVD",
"id": "CVE-2005-0373"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cyrus SASL SASL_PATH Environment variable privilege escalation vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "11347"
},
{
"db": "CNNVD",
"id": "CNNVD-200410-006"
}
],
"trust": 0.9
}
}
VAR-200408-0086
Vulnerability from variot - Updated: 2023-12-18 11:02The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. This issue is due to a failure of the application to validate user input lengths before processing them. It might be possible to leverage this issue to access sensitive information from kernel memory. Local attackers can use this vulnerability to carry out buffer overflow attacks, which may destroy memory space information and cause privilege escalation. -----BEGIN PGP SIGNED MESSAGE-----
SUSE Security Announcement
Package: kernel
Announcement-ID: SUSE-SA:2004:020
Date: Tuesday, Jul 2nd 2004 18:00 MEST
Affected products: 8.0, 8.1, 8.2, 9.0, 9.1
SUSE Linux Database Server,
SUSE eMail Server III, 3.1
SUSE Linux Enterprise Server 7, 8
SUSE Linux Firewall on CD/Admin host
SUSE Linux Connectivity Server
SUSE Linux Office Server
Vulnerability Type: local privilege escalation
Severity (1-10): 6
SUSE default package: yes
Cross References: CAN-2004-0495
CAN-2004-0496
CAN-2004-0497
CAN-2004-0535
CAN-2004-0626
Content of this advisory:
1) security vulnerability resolved:
- chown: users can change the group affiliation of arbitrary
files to the group they belong to
- missing DAC check in chown(2): local privilege escalation
- overflow with signals: local denial-of-service
- pss, mpu401 sound driver: read/write to complete memory
- airo driver: read/write to complete memory
- ALSA: copy_from_user/copy_to_user confused
- acpi_asus: read from random memory
- decnet: write to memory without checking
- e1000 driver: read complete memory
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds:
- icecast
- sitecopy
- cadaver
- OpenOffice_org
- tripwire
- postgresql*
- mod_proxy
- freeswan
- ipsec-tools
- less
- libpng
- pavuk
- XFree86*
- kdebase3
3) standard appendix (further information)
1) problem description, brief discussion, solution, upgrade information
Multiple security vulnerabilities are being addressed with this security
update of the Linux kernel. These
vulnerabilities can lead to kernel memory read access, write access
and local denial of service conditions, resulting in access to the
root account for an attacker with a local account on the affected
system.
Missing Discretionary Access Control (DAC) checks in the chown(2) system
call allow an attacker with a local account to change the group
ownership of arbitrary files, which leads to root privileges on affected
systems. It is specific to kernel version 2.6 based systems such as
the SUSE Linux 9.1 product, that only local shell access is needed to
exploit this vulnerability. An interesting variant of the missing
checks is that the ownership of files in the /proc filesystem can be
altered, while the changed ownership still does not allow the files to
be accessed as a non-root user for to be able to exploit the
vulnerability. Systems that are based on a version 2.4 kernel are not
vulnerable to the /proc weakness, and exploitation of the weakness
requires the use of the kernel NFS server (knfsd). If the knfsd NFS
server is not activated (it is off by default), the vulnerability is
not exposed. These issues related to the chown(2) system call have been
discovered by Michael Schroeder and Ruediger Oertel, both SUSE LINUX. Found and reported
to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability
allows a remote attacker to send a specially crafted TCP packet to a
vulnerable system, causing that system to stall if it makes use of
TCP option matching netfilter rules.
In some rare configurations of the SUSE Linux 9.1 distribution, some
users have experienced stalling systems during system startup. These
problems are fixed with this kernel update.
SPECIAL INSTALL INSTRUCTIONS:
==============================
For the impatient: Run YOU (Yast2 Online Update, command
"yast2 online_update" as root) to install the updates (semi)
automatically, if you have a SUSE Linux 8.1 and newer system.
For those who wish to install their kernel updates manually and for
those who use a SUSE Linux 8.0 system:
The following paragraphs will guide you through the installation
process in a step-by-step fashion. The character sequence "****"
marks the beginning of a new paragraph. In some cases, the steps
outlined in a particular paragraph may or may not be applicable
to your situation.
Therefore, please make sure to read through all of the steps below
before attempting any of these procedures.
All of the commands that need to be executed are required to be
run as the superuser (root). Each step relies on the steps before
it to complete successfully.
**** Step 1: Determine the needed kernel type
Please use the following command to find the kernel type that is
installed on your system:
rpm -qf /boot/vmlinuz
Following are the possible kernel types (disregard the version and
build number following the name separated by the "-" character)
k_deflt # default kernel, good for most systems.
k_i386 # kernel for older processors and chipsets
k_athlon # kernel made specifically for AMD Athlon(tm) family processors
k_psmp # kernel for Pentium-I dual processor systems
k_smp # kernel for SMP systems (Pentium-II and above)
k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM
kernel-64k-pagesize
kernel-bigsmp
kernel-default
kernel-smp
**** Step 2: Download the package for your system
Please download the kernel RPM package for your distribution with the
name as indicated by Step 1. The list of all kernel rpm packages is
appended below. Note: The kernel-source package does not
contain a binary kernel in bootable form. Instead, it contains the
sources that the binary kernel rpm packages are created from. It can be
used by administrators who have decided to build their own kernel.
Since the kernel-source.rpm is an installable (compiled) package that
contains sources for the linux kernel, it is not the source RPM for
the kernel RPM binary packages.
The kernel RPM binary packages for the distributions can be found at the
locations below ftp://ftp.suse.com/pub/suse/i386/update/.
8.0/images/
8.1/rpm/i586
8.2/rpm/i586
9.0/rpm/i586
9.1/rpm/i586
After downloading the kernel RPM package for your system, you should
verify the authenticity of the kernel rpm package using the methods as
listed in section 3) of each SUSE Security Announcement.
**** Step 3: Installing your kernel rpm package
Install the rpm package that you have downloaded in Steps 3 or 4 with
the command
rpm -Uhv --nodeps --force <K_FILE.RPM>
where <K_FILE.RPM> is the name of the rpm package that you downloaded.
Warning: After performing this step, your system will likely not be
able to boot if the following steps have not been fully
followed.
If you run SUSE LINUX 8.1 and haven't applied the kernel update
(SUSE-SA:2003:034), AND you are using the freeswan package, you also
need to update the freeswan rpm as a dependency as offered
by YOU (YaST Online Update). The package can be downloaded from
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/
**** Step 4: configuring and creating the initrd
The initrd is a ramdisk that is loaded into the memory of your
system together with the kernel boot image by the bootloader. The
kernel uses the content of this ramdisk to execute commands that must
be run before the kernel can mount its actual root filesystem. It is
usually used to initialize SCSI drivers or NIC drivers for diskless
operation.
The variable INITRD_MODULES in /etc/sysconfig/kernel determines
which kernel modules will be loaded in the initrd before the kernel
has mounted its actual root filesystem. The variable should contain
your SCSI adapter (if any) or filesystem driver modules.
With the installation of the new kernel, the initrd has to be
re-packed with the update kernel modules. Please run the command
mk_initrd
as root to create a new init ramdisk (initrd) for your system.
On SuSE Linux 8.1 and later, this is done automatically when the
RPM is installed.
**** Step 5: bootloader
If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there
are two options:
Depending on your software configuration, you have either the lilo
bootloader or the grub bootloader installed and initialized on your
system.
The grub bootloader does not require any further actions to be
performed after the new kernel images have been moved in place by the
rpm Update command.
If you have a lilo bootloader installed and initialized, then the lilo
program must be run as root. Use the command
grep LOADER_TYPE /etc/sysconfig/bootloader
to find out which boot loader is configured. If it is lilo, then you
must run the lilo command as root. If grub is listed, then your system
does not require any bootloader initialization.
Warning: An improperly installed bootloader may render your system
unbootable.
**** Step 6: reboot
If all of the steps above have been successfully completed on your
system, then the new kernel including the kernel modules and the
initrd should be ready to boot. The system needs to be rebooted for
the changes to become active. Please make sure that all steps have
completed, then reboot using the command
shutdown -r now
or
init 6
Your system should now shut down and reboot with the new kernel.
There is no workaround known.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
x86 Platform:
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.95.i586.rpm
800418d3dddf6d3b83925f562842205a
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.95.i586.rpm
0cb990b159e10685bb29b76d312ddd25
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm
7446bb70f52bce57a914066be4ed8e45
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm
7446bb70f52bce57a914066be4ed8e45
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.95.i586.rpm
ede031495ee19d8b6eca1873e7155332
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm
620ef40226fec31a773397cf3051bf36
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm
9b61b5a70b304f5554cb18a6bae5b5fd
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.95.nosrc.rpm
227c85280ee17a66c8590fe1bb14c596
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm
895fee3033de0810ff1173ce8ee87936
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-231.i586.rpm
48be395b96329909486ae3a5152348fa
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-231.i586.rpm
4cd322b4f511d5fe4c483ed28a82097e
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-231.i586.rpm
262e33cebf1b0d35fb6d3235c9ab8815
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-231.i586.rpm
8d81370f90736b12aa71b9c744f6e0e2
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-231.i586.rpm
bc59c838c84ba318dc4d24da08a3022e
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-231.i586.rpm
f9586ba982e0398c3e48871955b661aa
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm
18673b0bf347fe9557d4e67ca02000c0
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-231.src.rpm
71496daac44196b0e0a3836ee6a3b4ed
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm
7c208e9e3f7be1a68c3c8457eb2cafc4
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-231.src.rpm
b77863c863aaf4b931bff263220e6ec9
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-231.src.rpm
bed7e964e22c5e5d2f5e7a5e3816dde4
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm
6b5137bf379fbfc861441151039575da
SUSE Linux 8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-115.i586.rpm
50d261b44616f9145a0dc16df501a504
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-115.i586.rpm
10095854c0bdae20991d90b822352e14
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-115.i586.rpm
a2ef7cfb0e62ad955dda2b0574eb3150
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-115.i586.rpm
1d2b0d0e2c7998685ed04c24e593b196
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-115.i586.rpm
d8bf98c46ba5313db286d5706f7fb3b8
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-115.src.rpm
e13a7b4c2b185cfeb991c31607f79ccb
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-115.src.rpm
0e2f2cf20e7d7a20f3e50b245105df61
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-115.src.rpm
6cfac2914d3827ec562ff9d6be29c566
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-115.src.rpm
afd29843aa69d805ef5f25d39ecd0e7f
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-115.src.rpm
098a1400a48404931acb8b3eb2e821fb
SUSE Linux 8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-231.i586.rpm
3bdaa593d09a7cbff632a2c4446d5603
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-231.i586.rpm
ba60d0b2b6d3bc9c38b4e8b3859e1586
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-231.i586.rpm
ffa8983669004826a0cbedbe34dced76
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-231.i586.rpm
25174fd007f5a39ee0342dd6f18f2eaa
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-231.i586.rpm
10837fa561cd5104e55d48e46c837764
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-231.src.rpm
c37e8b87819602e77b14206affef00fa
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-231.src.rpm
7be68a677db5a65be1a46ec194b35497
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-231.src.rpm
8e4b7d5a6bb81da5a00971cdcc4ec641
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-231.src.rpm
d8ba1db81a9b517f867c970e4fc443a7
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-231.src.rpm
96a0a9242d066083c7bff8e0f70b7bbe
SUSE Linux 8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-303.i386.rpm
ec1e53b3812c0c0bd3681435d69fb134
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-303.i386.rpm
583164e52019ae090fd47e425c2a933e
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-303.i386.rpm
9ac8983abef05697d75f3117e37e5f18
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-303.i386.rpm
4932c4d6a42fc9be02013f398ab5bb96
ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-303.i386.rpm
b9de0731f9bbc4b016455a6d52cd8296
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-303.src.rpm
a73bacad80432c26e856c41338b154bd
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-303.src.rpm
782902cd14e7776db66bd61a12beee03
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-303.src.rpm
d71fa5cda488ae18f8d023cd8f28bb73
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-303.src.rpm
a360a9e6ed2db54f69e17db36f02614f
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-303.nosrc.rpm
8017fd6ff8a6fc1a0660ab35ad174388
x86-64 Platform:
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.95.x86_64.rpm
e2c53fd24991f739fd754c07f7aa8293
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.95.x86_64.rpm
f4a69622b7628cdd662a4e39aa59b60e
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.95.x86_64.rpm
e71adfb1fc662600eb11d3acf67c3dc3
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm
f6a364879d1f2ae2cf854810d61be3ac
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm
a0096d1fc067d89c9200ea3904713d59
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm
bf6d0439cfc37b50b4f6822c3403a74f
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-231.x86_64.rpm
17e008a737e5e95e71335e34fa7f86cf
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-231.x86_64.rpm
ca742b550b1a503595b02cbfc9e0e481
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-231.x86_64.rpm
8e0c16c42d1a89aa6a09be1dd575de47
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm
58b1bf42b5661119d06a04888144707a
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm
5103001136e39fca5a59f4cbde82822b
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm
231c9e5e00f17df8cfd72d6c8a68d9cf
2) Pending vulnerabilities in SUSE Distributions and Workarounds:
- icecast
The icecast service is vulnerable to a remote denial-of-service
attack. Update packages will be available soon.
- sitecopy
The sitecopy package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- cadaver
The cadaver package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- OpenOffice_org
The OpenOffice_org package includes a vulnerable version
of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages
will be available soon.
- tripwire
A format string bug in tripwire can be exploited locally
to gain root permissions.
New packages are available.
- postgresql
A buffer overflow in psqlODBC could be exploited to crash the
application using it. E.g. a PHP script that uses ODBC to access a
PostgreSQL database can be utilized to crash the surrounding Apache
web-server. Other parts of PostgreSQL are not affected.
New packages are available.
- XDM/XFree86
This update resolves random listening to ports by XDM
that allows to connect via the XDMCP. SUSE LINUX 9.1
is affected only.
New packages are available.
- mod_proxy
A buffer overflow can be triggered by malicious remote
servers that return a negative Content-Length value.
This vulnerability can be used to execute commands remotely
New packages are available.
- freeswan
A bug in the certificate chain authentication code could allow an
attacker to authenticate any host against a FreeS/WAN server by
presenting specially crafted certificates wrapped in a PKCS#7 file.
The packages are currently being tested and will be available soon.
- ipsec-tools
The racoon daemon which is responsible for handling IKE messages
fails to reject invalid or self-signed X.509 certificates which
allows for man-in-the-middle attacks on IPsec tunnels established
via racoon.
The packages are currently being tested and will be available soon.
- less
This update fixes a possible symlink attack in lessopen.sh. The
attack can be executed by local users to overwrite arbitrary files
with the privileges of the user running less.
New packages are available.
- libpng
This update adds a missing fix for CAN-2002-1363.
New packages are available.
- pavuk
This update fixes a remotely exploitable buffer overflow in pavuk.
Thanks to Ulf Harnhammar for reporting this to us.
New packages are available.
- kdebase3
This update fixes a possible attack on tmp files created at the
first login of a user using KDE or at the first time running a
KDE application. This bug can be exploited locally to overwrite
arbitrary files with the privilege of the victim user.
Just affects SUSE LINUX 9.1
New packages are available.
3) standard appendix: authenticity verification, additional information
-
Package authenticity verification:
SUSE update packages are available on many mirror ftp servers around the world. While this service is considered valuable and important to the free and open source software community, many users wish to be certain as to be the origin of the package and its content before installing the package. There are two independent verification methods that can be used to prove the authenticity of a downloaded file or rpm package: 1) md5sums as provided in the (cryptographically signed) announcement. 2) using the internal gpg signatures of the rpm package.
1) execute the command md5sum after you have downloaded the file from a SUSE ftp server or its mirrors. Then, compare the resulting md5sum with the one that is listed in the announcement. Since the announcement containing the checksums is cryptographically signed (usually using the key security@suse.de), the checksums offer proof of the authenticity of the package. We recommend against subscribing to security lists which cause the email message containing the announcement to be modified so that the signature does not match after transport through the mailing list software. Downsides: You must be able to verify the authenticity of the announcement in the first place. If RPM packages are being rebuilt and a new version of a package is published on the ftp server, all md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity of an rpm package. Use the command rpm -v --checksig to verify the signature of the package, where is the filename of the rpm package that you have downloaded. Of course, package authenticity verification can only target an un-installed rpm package file. Prerequisites: a) gpg is installed b) The package is signed using a certain key. The public part of this key must be installed by the gpg program in the directory ~/.gnupg/ under the user's home directory who performs the signature verification (usually root). You can import the key that is used by SUSE in rpm packages for SUSE Linux by saving this announcement to a file ("announcement.txt") and running the command (do "su -" to be root): gpg --batch; gpg < announcement.txt | gpg --import SUSE Linux distributions version 7.1 and thereafter install the key "build@suse.de" upon installation or upgrade, provided that the package gpg is installed. The file containing the public key is placed at the top-level directory of the first CD (pubring.gpg) and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
-
SUSE runs two security mailing lists to which any interested party may subscribe:
suse-security@suse.com - general/linux/SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an email to suse-security-subscribe@suse.com.
suse-security-announce@suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an email to suse-security-announce-subscribe@suse.com.
For general information or the frequently asked questions (faq) send mail to: suse-security-info@suse.com or suse-security-faq@suse.com respectively.
===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, it is desired that the clear-text signature must show proof of the authenticity of the text. SUSE Linux AG makes no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK-----
- - | Roman Drahtm\xfcller draht@suse.de // "You don't need eyes to see, | SUSE Linux AG - Security Phone: // you need vision!" | N\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy Bi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt OsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD jwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA iud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT WntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ== =24bz -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200408-0086",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "linux",
"version": "2.4.27"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.26"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.25"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.24"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.3,
"vendor": "linux",
"version": "2.4.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "email server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "3.1"
},
{
"model": "linux firewall cd",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "9.0"
},
{
"model": "linux connectivity server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "8.0"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "mandrake multi network firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.2"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "9.1"
},
{
"model": "linux admin-cd for firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "secure community",
"scope": "eq",
"trust": 1.0,
"vendor": "engardelinux",
"version": "2.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.4.23_ow2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8.2"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.0"
},
{
"model": "office server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.0,
"vendor": "engardelinux",
"version": "1.5"
},
{
"model": "linux database server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "linux firewall live-cd",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8"
},
{
"model": "linux office server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "*"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "9.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.0"
},
{
"model": "email server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "iii"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.4.24_ow1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "suse email server iii",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "suse email server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "3.1"
},
{
"model": "office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "linux office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux live-cd for firewall",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux firewall on cd",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux database server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "linux connectivity server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux admin-cd for firewall",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "kernel -pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.27"
},
{
"model": "kernel -ow1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.24"
},
{
"model": "kernel -pre9",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.23"
},
{
"model": "kernel -ow2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.23"
},
{
"model": "kernel pre7",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel pre4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.21"
},
{
"model": "kernel -pre6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre5",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel -pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.19"
},
{
"model": "kernel pre-8",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-7",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-5",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel pre-1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.18x86"
},
{
"model": "kernel .0-test9",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test8",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test7",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test6",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test5",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test4",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test3",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test2",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test12",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test11",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test10",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel .0-test1",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "2.4"
},
{
"model": "secure professional",
"scope": "eq",
"trust": 0.3,
"vendor": "engarde",
"version": "1.5"
},
{
"model": "secure community",
"scope": "eq",
"trust": 0.3,
"vendor": "engarde",
"version": "2.0"
},
{
"model": "kernel -pre2",
"scope": "ne",
"trust": 0.3,
"vendor": "linux",
"version": "2.4.27"
}
],
"sources": [
{
"db": "BID",
"id": "10352"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000194"
},
{
"db": "NVD",
"id": "CVE-2004-0535"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:suse_email_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_email_server:iii:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_office_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_firewall_live-cd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:suse_linux_firewall_cd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:engardelinux:secure_linux:1.5:*:professional:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0535"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chris Wright",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0535",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2004-0535",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-8965",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0535",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-200408-072",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-8965",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8965"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000194"
},
{
"db": "NVD",
"id": "CVE-2004-0535"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources. This issue is due to a failure of the application to validate user input lengths before processing them. It might be possible to leverage this issue to access sensitive information from kernel memory. Local attackers can use this vulnerability to carry out buffer overflow attacks, which may destroy memory space information and cause privilege escalation. -----BEGIN PGP SIGNED MESSAGE-----\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: kernel\n Announcement-ID: SUSE-SA:2004:020\n Date: Tuesday, Jul 2nd 2004 18:00 MEST\n Affected products: 8.0, 8.1, 8.2, 9.0, 9.1\n SUSE Linux Database Server,\n SUSE eMail Server III, 3.1\n SUSE Linux Enterprise Server 7, 8\n SUSE Linux Firewall on CD/Admin host\n SUSE Linux Connectivity Server\n SUSE Linux Office Server\n Vulnerability Type: local privilege escalation\n Severity (1-10): 6\n SUSE default package: yes\n Cross References:\tCAN-2004-0495\n\t\t\t\tCAN-2004-0496\n\t\t\t\tCAN-2004-0497\n\t\t\t\tCAN-2004-0535\n\t\t\t\tCAN-2004-0626\n\n\n Content of this advisory:\n 1) security vulnerability resolved:\n\t\t- chown: users can change the group affiliation of arbitrary\n\t\t files to the group they belong to\n\t\t- missing DAC check in chown(2): local privilege escalation\n\t - overflow with signals: local denial-of-service\n \t- pss, mpu401 sound driver: read/write to complete memory\n\t - airo driver: read/write to complete memory\n \t- ALSA: copy_from_user/copy_to_user confused\n \t- acpi_asus: read from random memory\n \t- decnet: write to memory without checking\n \t- e1000 driver: read complete memory\n problem description, discussion, solution and upgrade information\n 2) pending vulnerabilities, solutions, workarounds:\n\t\t- icecast\n - sitecopy\n - cadaver\n - OpenOffice_org\n - tripwire\n - postgresql*\n - mod_proxy\n\t\t- freeswan\n\t\t- ipsec-tools\n\t\t- less\n\t\t- libpng\n\t\t- pavuk\n\t\t- XFree86*\n\t\t- kdebase3\n 3) standard appendix (further information)\n\n______________________________________________________________________________\n\n1) problem description, brief discussion, solution, upgrade information\n\n Multiple security vulnerabilities are being addressed with this security\n update of the Linux kernel. These \n vulnerabilities can lead to kernel memory read access, write access \n and local denial of service conditions, resulting in access to the \n root account for an attacker with a local account on the affected \n system. \n\n Missing Discretionary Access Control (DAC) checks in the chown(2) system\n call allow an attacker with a local account to change the group\n ownership of arbitrary files, which leads to root privileges on affected\n systems. It is specific to kernel version 2.6 based systems such as \n the SUSE Linux 9.1 product, that only local shell access is needed to \n exploit this vulnerability. An interesting variant of the missing \n checks is that the ownership of files in the /proc filesystem can be \n altered, while the changed ownership still does not allow the files to \n be accessed as a non-root user for to be able to exploit the \n vulnerability. Systems that are based on a version 2.4 kernel are not \n vulnerable to the /proc weakness, and exploitation of the weakness \n requires the use of the kernel NFS server (knfsd). If the knfsd NFS \n server is not activated (it is off by default), the vulnerability is \n not exposed. These issues related to the chown(2) system call have been \n discovered by Michael Schroeder and Ruediger Oertel, both SUSE LINUX. Found and reported \n to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability \n allows a remote attacker to send a specially crafted TCP packet to a \n vulnerable system, causing that system to stall if it makes use of \n TCP option matching netfilter rules. \n\n In some rare configurations of the SUSE Linux 9.1 distribution, some \n users have experienced stalling systems during system startup. These \n problems are fixed with this kernel update. \n\n\n\n SPECIAL INSTALL INSTRUCTIONS:\n ==============================\n For the impatient: Run YOU (Yast2 Online Update, command \n \"yast2 online_update\" as root) to install the updates (semi) \n automatically, if you have a SUSE Linux 8.1 and newer system. \n\n For those who wish to install their kernel updates manually and for \n those who use a SUSE Linux 8.0 system:\n\n The following paragraphs will guide you through the installation\n process in a step-by-step fashion. The character sequence \"****\"\n marks the beginning of a new paragraph. In some cases, the steps\n outlined in a particular paragraph may or may not be applicable\n to your situation. \n Therefore, please make sure to read through all of the steps below\n before attempting any of these procedures. \n All of the commands that need to be executed are required to be\n run as the superuser (root). Each step relies on the steps before\n it to complete successfully. \n\n\n **** Step 1: Determine the needed kernel type\n\n Please use the following command to find the kernel type that is\n installed on your system:\n\n rpm -qf /boot/vmlinuz\n\n Following are the possible kernel types (disregard the version and\n build number following the name separated by the \"-\" character)\n\n k_deflt # default kernel, good for most systems. \n k_i386 # kernel for older processors and chipsets\n k_athlon # kernel made specifically for AMD Athlon(tm) family processors\n k_psmp # kernel for Pentium-I dual processor systems\n k_smp # kernel for SMP systems (Pentium-II and above)\n k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM\n kernel-64k-pagesize\n kernel-bigsmp\n kernel-default\n kernel-smp\n\n **** Step 2: Download the package for your system\n\n Please download the kernel RPM package for your distribution with the\n name as indicated by Step 1. The list of all kernel rpm packages is\n appended below. Note: The kernel-source package does not\n contain a binary kernel in bootable form. Instead, it contains the\n sources that the binary kernel rpm packages are created from. It can be\n used by administrators who have decided to build their own kernel. \n Since the kernel-source.rpm is an installable (compiled) package that\n contains sources for the linux kernel, it is not the source RPM for\n the kernel RPM binary packages. \n\n The kernel RPM binary packages for the distributions can be found at the\n locations below ftp://ftp.suse.com/pub/suse/i386/update/. \n\n 8.0/images/\n 8.1/rpm/i586\n 8.2/rpm/i586\n 9.0/rpm/i586\n 9.1/rpm/i586\n\n After downloading the kernel RPM package for your system, you should\n verify the authenticity of the kernel rpm package using the methods as\n listed in section 3) of each SUSE Security Announcement. \n\n\n **** Step 3: Installing your kernel rpm package\n\n Install the rpm package that you have downloaded in Steps 3 or 4 with\n the command\n rpm -Uhv --nodeps --force \u003cK_FILE.RPM\u003e\n where \u003cK_FILE.RPM\u003e is the name of the rpm package that you downloaded. \n\n Warning: After performing this step, your system will likely not be\n able to boot if the following steps have not been fully\n followed. \n\n\n If you run SUSE LINUX 8.1 and haven\u0027t applied the kernel update\n (SUSE-SA:2003:034), AND you are using the freeswan package, you also\n need to update the freeswan rpm as a dependency as offered\n by YOU (YaST Online Update). The package can be downloaded from\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/\n\n **** Step 4: configuring and creating the initrd\n\n The initrd is a ramdisk that is loaded into the memory of your\n system together with the kernel boot image by the bootloader. The\n kernel uses the content of this ramdisk to execute commands that must\n be run before the kernel can mount its actual root filesystem. It is\n usually used to initialize SCSI drivers or NIC drivers for diskless\n operation. \n\n The variable INITRD_MODULES in /etc/sysconfig/kernel determines\n which kernel modules will be loaded in the initrd before the kernel\n has mounted its actual root filesystem. The variable should contain\n your SCSI adapter (if any) or filesystem driver modules. \n\n With the installation of the new kernel, the initrd has to be\n re-packed with the update kernel modules. Please run the command\n\n mk_initrd\n\n as root to create a new init ramdisk (initrd) for your system. \n On SuSE Linux 8.1 and later, this is done automatically when the\n RPM is installed. \n\n\n **** Step 5: bootloader\n\n If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there\n are two options:\n Depending on your software configuration, you have either the lilo\n bootloader or the grub bootloader installed and initialized on your\n system. \n The grub bootloader does not require any further actions to be\n performed after the new kernel images have been moved in place by the\n rpm Update command. \n If you have a lilo bootloader installed and initialized, then the lilo\n program must be run as root. Use the command\n\n grep LOADER_TYPE /etc/sysconfig/bootloader\n\n to find out which boot loader is configured. If it is lilo, then you\n must run the lilo command as root. If grub is listed, then your system\n does not require any bootloader initialization. \n\n Warning: An improperly installed bootloader may render your system\n unbootable. \n\n **** Step 6: reboot\n\n If all of the steps above have been successfully completed on your\n system, then the new kernel including the kernel modules and the\n initrd should be ready to boot. The system needs to be rebooted for\n the changes to become active. Please make sure that all steps have\n completed, then reboot using the command\n shutdown -r now\n or\n init 6\n\n Your system should now shut down and reboot with the new kernel. \n\n\n There is no workaround known. \n\n\n Please download the update package for your distribution and verify its\n integrity by the methods listed in section 3) of this announcement. \n Then, install the package using the command \"rpm -Fhv file.rpm\" to apply\n the update. \n Our maintenance customers are being notified individually. The packages\n are being offered to install from the maintenance web. \n\n\n\n\n\n x86 Platform:\n\n SUSE Linux 9.1:\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.95.i586.rpm\n 800418d3dddf6d3b83925f562842205a\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.95.i586.rpm\n 0cb990b159e10685bb29b76d312ddd25\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm\n 7446bb70f52bce57a914066be4ed8e45\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm\n 7446bb70f52bce57a914066be4ed8e45\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.95.i586.rpm\n ede031495ee19d8b6eca1873e7155332\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm\n 620ef40226fec31a773397cf3051bf36\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm\n 9b61b5a70b304f5554cb18a6bae5b5fd\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.95.nosrc.rpm\n 227c85280ee17a66c8590fe1bb14c596\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm\n 895fee3033de0810ff1173ce8ee87936\n\n SUSE Linux 9.0:\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-231.i586.rpm\n 48be395b96329909486ae3a5152348fa\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-231.i586.rpm\n 4cd322b4f511d5fe4c483ed28a82097e\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-231.i586.rpm\n 262e33cebf1b0d35fb6d3235c9ab8815\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-231.i586.rpm\n 8d81370f90736b12aa71b9c744f6e0e2\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-231.i586.rpm\n bc59c838c84ba318dc4d24da08a3022e\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-231.i586.rpm\n f9586ba982e0398c3e48871955b661aa\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm\n 18673b0bf347fe9557d4e67ca02000c0\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-231.src.rpm\n 71496daac44196b0e0a3836ee6a3b4ed\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm\n 7c208e9e3f7be1a68c3c8457eb2cafc4\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-231.src.rpm\n b77863c863aaf4b931bff263220e6ec9\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-231.src.rpm\n bed7e964e22c5e5d2f5e7a5e3816dde4\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm\n 6b5137bf379fbfc861441151039575da\n\n SUSE Linux 8.2:\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-115.i586.rpm\n 50d261b44616f9145a0dc16df501a504\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-115.i586.rpm\n 10095854c0bdae20991d90b822352e14\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-115.i586.rpm\n a2ef7cfb0e62ad955dda2b0574eb3150\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-115.i586.rpm\n 1d2b0d0e2c7998685ed04c24e593b196\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-115.i586.rpm\n d8bf98c46ba5313db286d5706f7fb3b8\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-115.src.rpm\n e13a7b4c2b185cfeb991c31607f79ccb\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-115.src.rpm\n 0e2f2cf20e7d7a20f3e50b245105df61\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-115.src.rpm\n 6cfac2914d3827ec562ff9d6be29c566\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-115.src.rpm\n afd29843aa69d805ef5f25d39ecd0e7f\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-115.src.rpm\n 098a1400a48404931acb8b3eb2e821fb\n\n SUSE Linux 8.1:\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-231.i586.rpm\n 3bdaa593d09a7cbff632a2c4446d5603\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-231.i586.rpm\n ba60d0b2b6d3bc9c38b4e8b3859e1586\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-231.i586.rpm\n ffa8983669004826a0cbedbe34dced76\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-231.i586.rpm\n 25174fd007f5a39ee0342dd6f18f2eaa\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-231.i586.rpm\n 10837fa561cd5104e55d48e46c837764\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-231.src.rpm\n c37e8b87819602e77b14206affef00fa\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-231.src.rpm\n 7be68a677db5a65be1a46ec194b35497\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-231.src.rpm\n 8e4b7d5a6bb81da5a00971cdcc4ec641\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-231.src.rpm\n d8ba1db81a9b517f867c970e4fc443a7\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-231.src.rpm\n 96a0a9242d066083c7bff8e0f70b7bbe\n\n SUSE Linux 8.0:\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-303.i386.rpm\n ec1e53b3812c0c0bd3681435d69fb134\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-303.i386.rpm\n 583164e52019ae090fd47e425c2a933e\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-303.i386.rpm\n 9ac8983abef05697d75f3117e37e5f18\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-303.i386.rpm\n 4932c4d6a42fc9be02013f398ab5bb96\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-303.i386.rpm\n b9de0731f9bbc4b016455a6d52cd8296\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-303.src.rpm\n a73bacad80432c26e856c41338b154bd\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-303.src.rpm\n 782902cd14e7776db66bd61a12beee03\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-303.src.rpm\n d71fa5cda488ae18f8d023cd8f28bb73\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-303.src.rpm\n a360a9e6ed2db54f69e17db36f02614f\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-303.nosrc.rpm\n 8017fd6ff8a6fc1a0660ab35ad174388\n\n\n\n x86-64 Platform:\n\n SUSE Linux 9.1:\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.95.x86_64.rpm\n e2c53fd24991f739fd754c07f7aa8293\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.95.x86_64.rpm\n f4a69622b7628cdd662a4e39aa59b60e\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.95.x86_64.rpm\n e71adfb1fc662600eb11d3acf67c3dc3\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm\n f6a364879d1f2ae2cf854810d61be3ac\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm\n a0096d1fc067d89c9200ea3904713d59\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm\n bf6d0439cfc37b50b4f6822c3403a74f\n\n SUSE Linux 9.0:\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-231.x86_64.rpm\n 17e008a737e5e95e71335e34fa7f86cf\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-231.x86_64.rpm\n ca742b550b1a503595b02cbfc9e0e481\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-231.x86_64.rpm\n 8e0c16c42d1a89aa6a09be1dd575de47\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm\n 58b1bf42b5661119d06a04888144707a\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm\n 5103001136e39fca5a59f4cbde82822b\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm\n 231c9e5e00f17df8cfd72d6c8a68d9cf\n\n\n______________________________________________________________________________\n\n2) Pending vulnerabilities in SUSE Distributions and Workarounds:\n\n - icecast\n The icecast service is vulnerable to a remote denial-of-service\n attack. Update packages will be available soon. \n\n - sitecopy\n The sitecopy package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - cadaver\n The cadaver package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - OpenOffice_org\n The OpenOffice_org package includes a vulnerable version\n of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages\n will be available soon. \n\n - tripwire\n A format string bug in tripwire can be exploited locally\n to gain root permissions. \n New packages are available. \n\n - postgresql\n A buffer overflow in psqlODBC could be exploited to crash the\n application using it. E.g. a PHP script that uses ODBC to access a\n PostgreSQL database can be utilized to crash the surrounding Apache\n web-server. Other parts of PostgreSQL are not affected. \n New packages are available. \n\n - XDM/XFree86\n This update resolves random listening to ports by XDM\n that allows to connect via the XDMCP. SUSE LINUX 9.1\n is affected only. \n New packages are available. \n\n - mod_proxy\n A buffer overflow can be triggered by malicious remote\n servers that return a negative Content-Length value. \n This vulnerability can be used to execute commands remotely\n New packages are available. \n\n - freeswan\n A bug in the certificate chain authentication code could allow an\n attacker to authenticate any host against a FreeS/WAN server by\n presenting specially crafted certificates wrapped in a PKCS#7 file. \n The packages are currently being tested and will be available soon. \n\n - ipsec-tools\n The racoon daemon which is responsible for handling IKE messages\n fails to reject invalid or self-signed X.509 certificates which\n allows for man-in-the-middle attacks on IPsec tunnels established\n via racoon. \n The packages are currently being tested and will be available soon. \n\n - less\n This update fixes a possible symlink attack in lessopen.sh. The\n attack can be executed by local users to overwrite arbitrary files\n with the privileges of the user running less. \n New packages are available. \n\n - libpng\n This update adds a missing fix for CAN-2002-1363. \n New packages are available. \n\n - pavuk\n This update fixes a remotely exploitable buffer overflow in pavuk. \n Thanks to Ulf Harnhammar for reporting this to us. \n New packages are available. \n\n - kdebase3\n This update fixes a possible attack on tmp files created at the\n first login of a user using KDE or at the first time running a\n KDE application. This bug can be exploited locally to overwrite\n arbitrary files with the privilege of the victim user. \n Just affects SUSE LINUX 9.1\n New packages are available. \n\n______________________________________________________________________________\n\n3) standard appendix: authenticity verification, additional information\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror ftp servers around\n the world. While this service is considered valuable and important\n to the free and open source software community, many users wish to be\n certain as to be the origin of the package and its content before\n installing the package. There are two independent verification methods\n that can be used to prove the authenticity of a downloaded file or\n rpm package:\n 1) md5sums as provided in the (cryptographically signed) announcement. \n 2) using the internal gpg signatures of the rpm package. \n\n 1) execute the command\n md5sum \u003cname-of-the-file.rpm\u003e\n after you have downloaded the file from a SUSE ftp server or its\n mirrors. Then, compare the resulting md5sum with the one that is\n listed in the announcement. Since the announcement containing the\n checksums is cryptographically signed (usually using the key\n security@suse.de), the checksums offer proof of the authenticity\n of the package. \n We recommend against subscribing to security lists which cause the\n email message containing the announcement to be modified so that\n the signature does not match after transport through the mailing\n list software. \n Downsides: You must be able to verify the authenticity of the\n announcement in the first place. If RPM packages are being rebuilt\n and a new version of a package is published on the ftp server, all\n md5 sums for the files are useless. \n\n 2) rpm package signatures provide an easy way to verify the authenticity\n of an rpm package. Use the command\n rpm -v --checksig \u003cfile.rpm\u003e\n to verify the signature of the package, where \u003cfile.rpm\u003e is the\n filename of the rpm package that you have downloaded. Of course,\n package authenticity verification can only target an un-installed rpm\n package file. \n Prerequisites:\n a) gpg is installed\n b) The package is signed using a certain key. The public part of this\n key must be installed by the gpg program in the directory\n ~/.gnupg/ under the user\u0027s home directory who performs the\n signature verification (usually root). You can import the key\n that is used by SUSE in rpm packages for SUSE Linux by saving\n this announcement to a file (\"announcement.txt\") and\n running the command (do \"su -\" to be root):\n gpg --batch; gpg \u003c announcement.txt | gpg --import\n SUSE Linux distributions version 7.1 and thereafter install the\n key \"build@suse.de\" upon installation or upgrade, provided that\n the package gpg is installed. The file containing the public key\n is placed at the top-level directory of the first CD (pubring.gpg)\n and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de . \n\n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n suse-security@suse.com\n - general/linux/SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-subscribe@suse.com\u003e. \n\n suse-security-announce@suse.com\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-announce-subscribe@suse.com\u003e. \n\n For general information or the frequently asked questions (faq)\n send mail to:\n \u003csuse-security-info@suse.com\u003e or\n \u003csuse-security-faq@suse.com\u003e respectively. \n\n =====================================================================\n SUSE\u0027s security contact is \u003csecurity@suse.com\u003e or \u003csecurity@suse.de\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular,\n it is desired that the clear-text signature must show proof of the\n authenticity of the text. \n SUSE Linux AG makes no warranties of any kind whatsoever with respect\n to the information contained in this security advisory. \n\nType Bits/KeyID Date User ID\npub 2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n#####-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.0.6 (GNU/Linux)\nComment: For info see http://www.gnupg.org\n\nmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff\n4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d\nM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO\nQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK\nXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE\nD3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd\nG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM\nCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE\nmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr\nYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD\nwmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d\nNfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe\nQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe\nLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t\nXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU\nD9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3\n0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot\n1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW\ncRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E\nExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f\nAJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E\nOe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/\nHZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h\nt5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT\ntGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM\n523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q\n2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8\nQnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw\nJxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ\n1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH\nORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1\nwwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY\nEQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol\n0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK\nCRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co\nSPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo\nomuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt\nA46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J\n/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE\nGrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf\nebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT\nZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8\nRQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ\n8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb\nB6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X\n11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA\n8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj\nqY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p\nWH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL\nhn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG\nBafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+\nAvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi\nRZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0\nzinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM\n/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7\nwhaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl\nD+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz\ndbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI\nRgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI\nDgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=\n=LRKC\n- -----END PGP PUBLIC KEY BLOCK-----\n\n- -- \n - -\n| Roman Drahtm\\xfcller \u003cdraht@suse.de\u003e // \"You don\u0027t need eyes to see, |\n SUSE Linux AG - Security Phone: // you need vision!\"\n| N\\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |\n - -\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.0.7 (GNU/Linux)\n\niQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy\nBi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt\nOsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD\njwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA\niud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT\nWntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ==\n=24bz\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0535"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000194"
},
{
"db": "BID",
"id": "10352"
},
{
"db": "VULHUB",
"id": "VHN-8965"
},
{
"db": "PACKETSTORM",
"id": "33705"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0535",
"trust": 2.9
},
{
"db": "BID",
"id": "10352",
"trust": 2.8
},
{
"db": "XF",
"id": "16159",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000194",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200408-072",
"trust": 0.7
},
{
"db": "GENTOO",
"id": "GLSA-200407-02",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2004:020",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:11136",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2004:418",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2004:413",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2004:845",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2004:062",
"trust": 0.6
},
{
"db": "XF",
"id": "1000",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2004-186",
"trust": 0.6
},
{
"db": "SGI",
"id": "20040804-01-U",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-8965",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33705",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8965"
},
{
"db": "BID",
"id": "10352"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000194"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0535"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
]
},
"id": "VAR-200408-0086",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8965"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:02:35.169000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "kernel_30",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/kernel_30.html"
},
{
"title": "kernel_se20",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/kernel_se20.html"
},
{
"title": "RHSA-2004:418",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-418.html"
},
{
"title": "RHSA-2004:413",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-413.html"
},
{
"title": "RHSA-2004:327",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2004-327.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/"
},
{
"title": "RHSA-2004:327",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-327j.html"
},
{
"title": "RHSA-2004:418",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-418j.html"
},
{
"title": "RHSA-2004:413",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2004-413j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000194"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0535"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/10352"
},
{
"trust": 2.0,
"url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
},
{
"trust": 1.7,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
},
{
"trust": 1.7,
"url": "http://lwn.net/articles/91155/"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:062"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2004-413.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2004-418.html"
},
{
"trust": 1.7,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-u.asc"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
},
{
"trust": 1.6,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/16159"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11136"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0535"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0535"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:11136"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-327.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-413.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2004-418.html"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000845"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0535"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0497"
},
{
"trust": 0.1,
"url": "http://www.gnupg.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0495"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0496"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8965"
},
{
"db": "BID",
"id": "10352"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000194"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0535"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-8965"
},
{
"db": "BID",
"id": "10352"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000194"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "NVD",
"id": "CVE-2004-0535"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-06T00:00:00",
"db": "VULHUB",
"id": "VHN-8965"
},
{
"date": "2004-05-14T00:00:00",
"db": "BID",
"id": "10352"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000194"
},
{
"date": "2004-07-02T12:32:00",
"db": "PACKETSTORM",
"id": "33705"
},
{
"date": "2004-08-06T04:00:00",
"db": "NVD",
"id": "CVE-2004-0535"
},
{
"date": "2004-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-8965"
},
{
"date": "2010-08-05T19:46:00",
"db": "BID",
"id": "10352"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000194"
},
{
"date": "2017-10-11T01:29:27.607000",
"db": "NVD",
"id": "CVE-2004-0535"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "10352"
},
{
"db": "PACKETSTORM",
"id": "33705"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel of e1000 Driver memory leak vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000194"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "10352"
},
{
"db": "CNNVD",
"id": "CNNVD-200408-072"
}
],
"trust": 0.9
}
}
VAR-200504-0063
Vulnerability from variot - Updated: 2023-12-18 10:49exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ PHP 4 Later, at compile time --enable-exif By compiling with EXIF ( Image file standards for digital cameras ) Enable support for. This generated by the digital camera JPEG/TIFF In the image EXIF Included in header IFD (Image File Directory) tag ( Information such as image size and type, compression method, color information, copyright ) You can get PHP 4.3.10 Before, 5.0.3 Included before EXIF module (exif.c) Contained within a specific image file IFD The following security issues exist due to inadequate handling of tags. still, PHP Group More distributed PHP By default, EXIF Support will not be activated, Red Hat Enterprise Linux Some as Linux Included with the distribution PHP In the package EXIF Support is enabled. PHP 4.3.11/5.0.4 In addition to the above issues, there are multiple security issues (CAN-2005-0524 And CAN-2005-0525 Such ) , And bugs have been fixed, PHP 4.3.11/5.0.4 Can be updated to PHP Group It is strongly recommended.Please refer to the “Overview” for the impact of this vulnerability. PHP is prone to a denial of service vulnerability. This issue could manifest itself in Web applications that allow users to upload images. PHP is a server-side scripting language designed to be embedded in HTML files and can run on Windows, Linux and many Unix operating systems
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200504-0063",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.9,
"vendor": "suse",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.9,
"vendor": "suse",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.9,
"vendor": "suse",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.9,
"vendor": "suse",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "8.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "6.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "6.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "5.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "4.4.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "4.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "4.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "4.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "1.0"
},
{
"model": "propack",
"scope": "eq",
"trust": 1.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.10"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.9"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.8"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.7"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.6"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.5"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.4"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.3"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.2"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "8.2"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "4.3.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "10.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "peachtree",
"version": "release_1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.0"
},
{
"model": "php",
"scope": "lte",
"trust": 0.8,
"vendor": "the php group",
"version": "4.3.10"
},
{
"model": "php",
"scope": "lte",
"trust": 0.8,
"vendor": "the php group",
"version": "5.0.3"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1x86"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "7.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.4"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.3"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.3"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "6.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "linux i686",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "fedora core2",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "4.3"
},
{
"model": "linux release",
"scope": "eq",
"trust": 0.3,
"vendor": "peachtree",
"version": "1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "modular messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "mn100",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "php",
"scope": "ne",
"trust": 0.3,
"vendor": "php",
"version": "4.3.11"
}
],
"sources": [
{
"db": "BID",
"id": "13164"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000256"
},
{
"db": "NVD",
"id": "CVE-2005-1043"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:peachtree:peachtree_linux:release_1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1043"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martin Pitt martin.pitt@canonical.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
],
"trust": 0.6
},
"cve": "CVE-2005-1043",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2005-1043",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-12252",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-1043",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200504-048",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-12252",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12252"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000256"
},
{
"db": "NVD",
"id": "CVE-2005-1043"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ PHP 4 Later, at compile time --enable-exif By compiling with EXIF ( Image file standards for digital cameras ) Enable support for. This generated by the digital camera JPEG/TIFF In the image EXIF Included in header IFD (Image File Directory) tag ( Information such as image size and type, compression method, color information, copyright ) You can get PHP 4.3.10 Before, 5.0.3 Included before EXIF module (exif.c) Contained within a specific image file IFD The following security issues exist due to inadequate handling of tags. still, PHP Group More distributed PHP By default, EXIF Support will not be activated, Red Hat Enterprise Linux Some as Linux Included with the distribution PHP In the package EXIF Support is enabled. PHP 4.3.11/5.0.4 In addition to the above issues, there are multiple security issues (CAN-2005-0524 And CAN-2005-0525 Such ) , And bugs have been fixed, PHP 4.3.11/5.0.4 Can be updated to PHP Group It is strongly recommended.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. PHP is prone to a denial of service vulnerability. \nThis issue could manifest itself in Web applications that allow users to upload images. PHP is a server-side scripting language designed to be embedded in HTML files and can run on Windows, Linux and many Unix operating systems",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1043"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000256"
},
{
"db": "BID",
"id": "13164"
},
{
"db": "VULHUB",
"id": "VHN-12252"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-1043",
"trust": 2.8
},
{
"db": "BID",
"id": "13164",
"trust": 1.2
},
{
"db": "BID",
"id": "13163",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000256",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200504-048",
"trust": 0.7
},
{
"db": "REDHAT",
"id": "RHSA-2005:406",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200504-15",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-112-1",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2005:072",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2005-06-08",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-12252",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12252"
},
{
"db": "BID",
"id": "13164"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000256"
},
{
"db": "NVD",
"id": "CVE-2005-1043"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
]
},
"id": "VAR-200504-0063",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-12252"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:49:59.024000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ChangeLog-4",
"trust": 0.8,
"url": "http://jp2.php.net/changelog-4.php"
},
{
"title": "ChangeLog-5",
"trust": 0.8,
"url": "http://jp2.php.net/changelog-5.php"
},
{
"title": "release notes 4.3.11",
"trust": 0.8,
"url": "http://jp2.php.net/release_4_3_11.php"
},
{
"title": "#28451",
"trust": 0.8,
"url": "http://bugs.php.net/bug.php?id=28451"
},
{
"title": "#31797",
"trust": 0.8,
"url": "http://bugs.php.net/bug.php?id=31797"
},
{
"title": "154021",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154021"
},
{
"title": "154025",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025"
},
{
"title": "RHSA-2005:406",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-406.html"
},
{
"title": "RHSA-2005:405",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2005-405.html"
},
{
"title": "TLSA-2005-50",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2005/tlsa-2005-50.txt"
},
{
"title": "RHSA-2005:405",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-405j.html"
},
{
"title": "RHSA-2005:406",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2005-406j.html"
},
{
"title": "TLSA-2005-50",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2005/tlsa-2005-50j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000256"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1043"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2005/jun/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2005:072"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2005-406.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025"
},
{
"trust": 1.6,
"url": "http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29\u0026r2=1.118.2.30\u0026ty=u"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/112-1/"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10307"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1043"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1043"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/13164"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/13163"
},
{
"trust": 0.6,
"url": "http://www.ubuntulinux.org/support/documentation/usn/usn-112-1"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2005-136_rhsa-2005-405_rhsa-2005-406.pdf"
},
{
"trust": 0.3,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000955"
},
{
"trust": 0.3,
"url": "http://www.php.net/changelog-4.php#4.3.11"
},
{
"trust": 0.3,
"url": "http://www.php.net/"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2005-405.html"
},
{
"trust": 0.3,
"url": "/archive/1/396618"
},
{
"trust": 0.1,
"url": "http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29\u0026amp;r2=1.118.2.30\u0026amp;ty=u"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12252"
},
{
"db": "BID",
"id": "13164"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000256"
},
{
"db": "NVD",
"id": "CVE-2005-1043"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-12252"
},
{
"db": "BID",
"id": "13164"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000256"
},
{
"db": "NVD",
"id": "CVE-2005-1043"
},
{
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-04-14T00:00:00",
"db": "VULHUB",
"id": "VHN-12252"
},
{
"date": "2005-04-12T00:00:00",
"db": "BID",
"id": "13164"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000256"
},
{
"date": "2005-04-14T04:00:00",
"db": "NVD",
"id": "CVE-2005-1043"
},
{
"date": "2005-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-12252"
},
{
"date": "2009-07-12T12:56:00",
"db": "BID",
"id": "13164"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000256"
},
{
"date": "2018-10-30T16:25:35.387000",
"db": "NVD",
"id": "CVE-2005-1043"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "PHP of exif.c Specific in EXIF Service disruption due to header (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000256"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200504-048"
}
],
"trust": 0.6
}
}
VAR-200311-0091
Vulnerability from variot - Updated: 2022-05-29 21:30Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding. Multiple vulnerabilities exist in different vendors' SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL of ASN.1 (Abstract Syntax Notation number One) Structure (ASN1_TYPE) In the interpretation part of, there is a flaw in the process of releasing the memory allocated for the structure, and there is a vulnerability that destroys the values in the stack.OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----
OpenSSL Security Advisory [30 September 2003]
Vulnerabilities in ASN.1 parsing
NISCC (www.niscc.gov.uk) prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates.
Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite.
Vulnerabilities
-
Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be exploited to run malicious code. This issue does not affect OpenSSL 0.9.6.
-
Exploitation of an affected application would result in a denial of service vulnerability.
-
This by itself is not strictly speaking a vulnerability but it does mean that all SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication.
Who is affected?
All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected.
Any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines.
Recommendations
Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications statically linked to OpenSSL libraries.
References
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0545 for issue 1:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545
and CAN-2003-0543 and CAN-2003-0544 for issue 2:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544
URL for this Security Advisory: http://www.openssl.org/news/secadv_20030930.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q x4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS 3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un xjGKYbcITrM= =fFTe -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200311-0091",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stunnel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tawie server linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2s"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux apache-based web server",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "gsx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.15336"
},
{
"model": "esx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.05257"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5.2"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.30"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.200"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.11"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.10"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.01"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1x86"
},
{
"model": "one directory server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.1"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.9"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.8"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.6"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.5"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.4"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.3"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.18"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.17"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat high availability",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.1"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for isa server",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for gauntlet",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.8.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.6.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.8"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.7"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1"
},
{
"model": "communications security ssh sentinel",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ipsec express toolkit",
"scope": null,
"trust": 0.3,
"vendor": "ssh",
"version": null
},
{
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.4"
},
{
"model": "gpl",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "1.0"
},
{
"model": "express beta",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "2.0"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.3"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "oracle9i application server .1s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "nsure audit",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netmail e",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail d",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail c",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.1"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0.2"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.5"
},
{
"model": "ichain server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "groupwise webaccess sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "groupwise internet agent",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5.1"
},
{
"model": "groupwise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "edirectory su1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.6.2"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.27"
},
{
"model": "edirectory a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.12"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.0"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.8"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "8.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "networks t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1.1"
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1"
},
{
"model": "networks m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "rational rose",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2000"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.2"
},
{
"model": "hp-ux aaa server a.06.01.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "wbem services for hp-ux a.01.05.05",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "isman",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "firepass",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.3"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.1"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.3"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.0.1"
},
{
"model": "open software",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "3.4"
},
{
"model": "associates etrust security command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "threat response",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure policy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "520"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "515"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software vpn-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "3.0"
},
{
"model": "firewall server",
"scope": "eq",
"trust": 0.3,
"vendor": "borderware",
"version": "7.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.0"
},
{
"model": "coat systems cacheos ca/sa",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.40"
},
{
"model": "solaris 8 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one web server sp7",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp14",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 upgrade standard",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 upgrade platform",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.2"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "communications security ssh2",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.9"
},
{
"model": "communications security ssh sentinel",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4.1"
},
{
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.5"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.3"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.2"
},
{
"model": "netmail f",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "imanager",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.5"
},
{
"model": "edirectory su1",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "rational requisitepro",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "hp-ux aaa server a.06.01.02.04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "wbem services for hp-ux a.01.05.07",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0545",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0545",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2003-0545",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0545",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#104280",
"trust": 0.8,
"value": "11.81"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#732952",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#686224",
"trust": 0.8,
"value": "1.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#935264",
"trust": 0.8,
"value": "21.52"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#380864",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#255484",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CNNVD",
"id": "CNNVD-200311-033",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding. Multiple vulnerabilities exist in different vendors\u0027 SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL of ASN.1 (Abstract Syntax Notation number One) Structure (ASN1_TYPE) In the interpretation part of, there is a flaw in the process of releasing the memory allocated for the structure, and there is a vulnerability that destroys the values in the stack.OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\n\nOpenSSL Security Advisory [30 September 2003]\n\nVulnerabilities in ASN.1 parsing\n================================\n\nNISCC (www.niscc.gov.uk) prepared a test suite to check the operation\nof SSL/TLS software when presented with a wide range of malformed client\ncertificates. \n\nDr Stephen Henson (steve@openssl.org) of the OpenSSL core team\nidentified and prepared fixes for a number of vulnerabilities in the\nOpenSSL ASN1 code when running the test suite. \n\nVulnerabilities\n- ---------------\n\n1. Certain ASN.1 encodings that are rejected as invalid by the parser\ncan trigger a bug in the deallocation of the corresponding data\nstructure, corrupting the stack. This can be used as a denial of service\nattack. It is currently unknown whether this can be exploited to run\nmalicious code. This issue does not affect OpenSSL 0.9.6. \n\n2. \n\n3. Exploitation of an affected\napplication would result in a denial of service vulnerability. \n\n4. This by\nitself is not strictly speaking a vulnerability but it does mean that\n*all* SSL/TLS servers that use OpenSSL can be attacked using\nvulnerabilities 1, 2 and 3 even if they don\u0027t enable client authentication. \n\nWho is affected?\n- ----------------\n\nAll versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all\nversions of SSLeay are affected. \n\nAny application that makes use of OpenSSL\u0027s ASN1 library to parse\nuntrusted data. This includes all SSL or TLS applications, those using\nS/MIME (PKCS#7) or certificate generation routines. \n\nRecommendations\n- ---------------\n\nUpgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications\nstatically linked to OpenSSL libraries. \n\nReferences\n- ----------\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0545 for issue 1:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545\n\nand CAN-2003-0543 and CAN-2003-0544 for issue 2:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20030930.txt\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q\nx4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS\n3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un\nxjGKYbcITrM=\n=fFTe\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0545"
},
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "PACKETSTORM",
"id": "31738"
}
],
"trust": 6.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2003-0545",
"trust": 2.8
},
{
"db": "BID",
"id": "8732",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3900",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22249",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 1.1
},
{
"db": "XF",
"id": "13315",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "CA-2003-26",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2590",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:292",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-394",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31738",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"id": "VAR-200311-0091",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-29T21:30:21.532000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"title": "HPSBUX00290",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-290"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-284"
},
{
"title": "HPSBUX00288",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00891831"
},
{
"title": "HPSBUX00290",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-290.html"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-284.html"
},
{
"title": "openssl",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/openssl.html"
},
{
"title": "secadv_20030930",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://support.oracle.co.jp/open/owa/external_krown.search_doc?c_document_id=70482"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-292.html"
},
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20030930-ssl-j.shtml"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-292j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.8,
"url": "http://www.ietf.org/rfc/rfc2246.txt"
},
{
"trust": 4.5,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm"
},
{
"trust": 4.0,
"url": "http://wp.netscape.com/eng/ssl3/"
},
{
"trust": 4.0,
"url": "http://www.itu.int/itu-t/studygroups/com10/languages/"
},
{
"trust": 3.9,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"trust": 3.2,
"url": "http://www.ietf.org/html.charters/pkix-charter.html"
},
{
"trust": 2.7,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/8732"
},
{
"trust": 1.9,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21247112"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-292.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-394"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22249"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3900"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2590"
},
{
"trust": 0.9,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087450.htm"
},
{
"trust": 0.8,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/tls.htm"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/pkcs/"
},
{
"trust": 0.8,
"url": "http://wp.netscape.com/eng/ssl3/draft302.txt"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-159.shtml"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/o-065.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0545"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20031104-00753.xml"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13315"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-26"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-26"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0545"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20031104-00753.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20031001_103420.html"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3900"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2590"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-tech.shtml"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120400.shtml"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57599"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/swupdates/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967586.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968007.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/esx/esx2-openssh.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967420.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967421.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/products/firewall.php"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967425.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967411.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967408.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967399.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/gsx_security.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967175.htm"
},
{
"trust": 0.3,
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:098"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2004.0422.1"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967210.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967209.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967208.htm"
},
{
"trust": 0.3,
"url": "http://cirt.dk/advisories/cirt-32-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.cirt.dk/advisories/cirt-31-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3040.html"
},
{
"trust": 0.3,
"url": "http://metalink.oracle.com"
},
{
"trust": 0.3,
"url": "http://www.smoothwall.org/home/news/item/20031001.01.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-331.php"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_openssl_asn_vulnerability.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/security-alerts/"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3041.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/476/"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/477/"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57100"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57444"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57472"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57475"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57498"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://www.tarantella.com/security/bulletin-08.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 0.3,
"url": "/archive/1/343055"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0543"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0544"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0544"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2003-09-30T00:00:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"date": "2003-09-30T16:10:22",
"db": "PACKETSTORM",
"id": "31738"
},
{
"date": "2003-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"date": "2003-11-17T05:00:00",
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2016-07-06T14:32:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000287"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-033"
},
{
"date": "2018-05-03T01:29:00",
"db": "NVD",
"id": "CVE-2003-0545"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SSL/TLS implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-033"
}
],
"trust": 0.6
}
}
VAR-200311-0090
Vulnerability from variot - Updated: 2022-05-29 19:39OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used. Multiple vulnerabilities exist in different vendors' SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL Is X.509 With a certificate etc. ASN.1 Authentication information is exchanged using objects. In addition, SSL/TLS Implement the protocol OpenSSL Many other products also contain this vulnerability ASN.1 The existence of vulnerabilities related to processing has been confirmed.Crafted by a third party ASN.1 The client certificate containing the object OpenSSL By passing it to the application that uses (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----
OpenSSL Security Advisory [30 September 2003]
Vulnerabilities in ASN.1 parsing
NISCC (www.niscc.gov.uk) prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates.
Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite.
Vulnerabilities
-
Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be exploited to run malicious code. This issue does not affect OpenSSL 0.9.6.
-
Exploitation of an affected application would result in a denial of service vulnerability.
-
This by itself is not strictly speaking a vulnerability but it does mean that all SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication.
Who is affected?
All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected.
Any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines.
Recommendations
Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications statically linked to OpenSSL libraries.
References
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0545 for issue 1:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545
and CAN-2003-0543 and CAN-2003-0544 for issue 2:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544
URL for this Security Advisory: http://www.openssl.org/news/secadv_20030930.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q x4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS 3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un xjGKYbcITrM= =fFTe -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200311-0090",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stunnel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tawie server linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.1s"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "java system application server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 platform edition update 2"
},
{
"model": "java system application server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 standard edition update 2"
},
{
"model": "java system directory server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "4.1 sp13"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.0 sp6"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.1"
},
{
"model": "linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux apache-based web server",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "gsx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.15336"
},
{
"model": "esx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.05257"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5.2"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.30"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.200"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.11"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.10"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.01"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1x86"
},
{
"model": "one directory server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.1"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.9"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.8"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.6"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.5"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.4"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.3"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.18"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.17"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat high availability",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.1"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for isa server",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for gauntlet",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.8.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.6.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.8"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.7"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1"
},
{
"model": "communications security ssh sentinel",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ipsec express toolkit",
"scope": null,
"trust": 0.3,
"vendor": "ssh",
"version": null
},
{
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.4"
},
{
"model": "gpl",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "1.0"
},
{
"model": "express beta",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "2.0"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.3"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "oracle9i application server .1s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "nsure audit",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netmail e",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail d",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail c",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.1"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0.2"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.5"
},
{
"model": "ichain server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "groupwise webaccess sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "groupwise internet agent",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5.1"
},
{
"model": "groupwise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "edirectory su1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.6.2"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.27"
},
{
"model": "edirectory a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.12"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.0"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.8"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "8.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "networks t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1.1"
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1"
},
{
"model": "networks m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "rational rose",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2000"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.2"
},
{
"model": "hp-ux aaa server a.06.01.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "wbem services for hp-ux a.01.05.05",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "isman",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "firepass",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.3"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.1"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.3"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.0.1"
},
{
"model": "open software",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "3.4"
},
{
"model": "associates etrust security command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "threat response",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure policy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "520"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "515"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software vpn-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "3.0"
},
{
"model": "firewall server",
"scope": "eq",
"trust": 0.3,
"vendor": "borderware",
"version": "7.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.0"
},
{
"model": "coat systems cacheos ca/sa",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.40"
},
{
"model": "solaris 8 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one web server sp7",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp14",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 upgrade standard",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 upgrade platform",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.2"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "communications security ssh2",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.9"
},
{
"model": "communications security ssh sentinel",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4.1"
},
{
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.5"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.3"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.2"
},
{
"model": "netmail f",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "imanager",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.5"
},
{
"model": "edirectory su1",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "rational requisitepro",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "hp-ux aaa server a.06.01.02.04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "wbem services for hp-ux a.01.05.07",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0544",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0544",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.8,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0544",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#104280",
"trust": 0.8,
"value": "11.81"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#732952",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#686224",
"trust": 0.8,
"value": "1.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#935264",
"trust": 0.8,
"value": "21.52"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#380864",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#255484",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CNNVD",
"id": "CNNVD-200311-040",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used. Multiple vulnerabilities exist in different vendors\u0027 SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL Is X.509 With a certificate etc. ASN.1 Authentication information is exchanged using objects. In addition, SSL/TLS Implement the protocol OpenSSL Many other products also contain this vulnerability ASN.1 The existence of vulnerabilities related to processing has been confirmed.Crafted by a third party ASN.1 The client certificate containing the object OpenSSL By passing it to the application that uses (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\n\nOpenSSL Security Advisory [30 September 2003]\n\nVulnerabilities in ASN.1 parsing\n================================\n\nNISCC (www.niscc.gov.uk) prepared a test suite to check the operation\nof SSL/TLS software when presented with a wide range of malformed client\ncertificates. \n\nDr Stephen Henson (steve@openssl.org) of the OpenSSL core team\nidentified and prepared fixes for a number of vulnerabilities in the\nOpenSSL ASN1 code when running the test suite. \n\nVulnerabilities\n- ---------------\n\n1. Certain ASN.1 encodings that are rejected as invalid by the parser\ncan trigger a bug in the deallocation of the corresponding data\nstructure, corrupting the stack. This can be used as a denial of service\nattack. It is currently unknown whether this can be exploited to run\nmalicious code. This issue does not affect OpenSSL 0.9.6. \n\n2. \n\n3. Exploitation of an affected\napplication would result in a denial of service vulnerability. \n\n4. This by\nitself is not strictly speaking a vulnerability but it does mean that\n*all* SSL/TLS servers that use OpenSSL can be attacked using\nvulnerabilities 1, 2 and 3 even if they don\u0027t enable client authentication. \n\nWho is affected?\n- ----------------\n\nAll versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all\nversions of SSLeay are affected. \n\nAny application that makes use of OpenSSL\u0027s ASN1 library to parse\nuntrusted data. This includes all SSL or TLS applications, those using\nS/MIME (PKCS#7) or certificate generation routines. \n\nRecommendations\n- ---------------\n\nUpgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications\nstatically linked to OpenSSL libraries. \n\nReferences\n- ----------\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0545 for issue 1:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545\n\nand CAN-2003-0543 and CAN-2003-0544 for issue 2:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20030930.txt\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q\nx4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS\n3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un\nxjGKYbcITrM=\n=fFTe\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0544"
},
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "PACKETSTORM",
"id": "31738"
}
],
"trust": 6.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2003-0544",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 1.9
},
{
"db": "BID",
"id": "8732",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3900",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22249",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 1.1
},
{
"db": "XF",
"id": "13316",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "CA-2003-26",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:291",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:292",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "201029",
"trust": 0.6
},
{
"db": "ENGARDE",
"id": "ESA-20030930-027",
"trust": 0.6
},
{
"db": "XF",
"id": "1",
"trust": 0.6
},
{
"db": "XF",
"id": "43041",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-394",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-393",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:4574",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31738",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"id": "VAR-200311-0090",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-29T19:39:34.176000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"title": "HPSBUX00288",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00891831"
},
{
"title": "HPSBUX00290",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00901847"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-284"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-284.html"
},
{
"title": "openssl",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/openssl.html"
},
{
"title": "secadv_20030930",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/pdf/2003alert62.pdf"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-292.html"
},
{
"title": "RHSA-2003:291",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-291.html"
},
{
"title": "RHSA-2003:293",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"title": "57599",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-1"
},
{
"title": "57472",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-1"
},
{
"title": "57100",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-1"
},
{
"title": "57498",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-1"
},
{
"title": "57498",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-3"
},
{
"title": "57599",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-3"
},
{
"title": "57472",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-3"
},
{
"title": "57100",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-3"
},
{
"title": "TLSA-2003-55",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-55.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/031210_62/top.html"
},
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20030930-ssl-j.shtml"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-292j.html"
},
{
"title": "RHSA-2003:291",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-291j.html"
},
{
"title": "RHSA-2003:293",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-293j.html"
},
{
"title": "TLSA-2003-55",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-55j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.1,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm"
},
{
"trust": 4.8,
"url": "http://www.ietf.org/rfc/rfc2246.txt"
},
{
"trust": 4.0,
"url": "http://wp.netscape.com/eng/ssl3/"
},
{
"trust": 4.0,
"url": "http://www.itu.int/itu-t/studygroups/com10/languages/"
},
{
"trust": 3.9,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"trust": 3.2,
"url": "http://www.ietf.org/html.charters/pkix-charter.html"
},
{
"trust": 2.7,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 1.9,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21247112"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-292.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-291.html"
},
{
"trust": 1.6,
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3693.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-394"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-393"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1"
},
{
"trust": 1.6,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/8732"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22249"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3900"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43041"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4574"
},
{
"trust": 0.9,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087450.htm"
},
{
"trust": 0.8,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/tls.htm"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/pkcs/"
},
{
"trust": 0.8,
"url": "http://wp.netscape.com/eng/ssl3/draft302.txt"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-159.shtml"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/o-065.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0544"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/advisories/default.aspx?id=br-20031104-00633.xml"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13316"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-26"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-26"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0544"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20031104-00748.pdf"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20031001_103420.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/43041"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3900"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4574"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-tech.shtml"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120400.shtml"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57599"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/swupdates/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967586.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968007.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/esx/esx2-openssh.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967420.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967421.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/products/firewall.php"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967425.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967411.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967408.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967399.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/gsx_security.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967175.htm"
},
{
"trust": 0.3,
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:098"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2004.0422.1"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967210.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967209.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967208.htm"
},
{
"trust": 0.3,
"url": "http://cirt.dk/advisories/cirt-32-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.cirt.dk/advisories/cirt-31-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3040.html"
},
{
"trust": 0.3,
"url": "http://metalink.oracle.com"
},
{
"trust": 0.3,
"url": "http://www.smoothwall.org/home/news/item/20031001.01.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-331.php"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_openssl_asn_vulnerability.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/security-alerts/"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3041.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/476/"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/477/"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57100"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57444"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57472"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57475"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57498"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://www.tarantella.com/security/bulletin-08.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 0.3,
"url": "/archive/1/343055"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0543"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0544"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0544"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2003-09-30T00:00:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"date": "2003-09-30T16:10:22",
"db": "PACKETSTORM",
"id": "31738"
},
{
"date": "2003-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"date": "2003-11-17T05:00:00",
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2016-07-06T14:32:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000288"
},
{
"date": "2010-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-040"
},
{
"date": "2018-05-03T01:29:00",
"db": "NVD",
"id": "CVE-2003-0544"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SSL/TLS implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "8732"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-040"
}
],
"trust": 0.9
}
}
VAR-200311-0089
Vulnerability from variot - Updated: 2022-05-29 19:17Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values. Multiple vulnerabilities exist in different vendors' SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL Is X.509 With a certificate etc. ASN.1 Authentication information is exchanged using objects. OpenSSL 0.9.6j/0.9.7b Before ASN.1 An integer overflow vulnerability exists due to insufficient bounds checking on the value of the object's tag field. In addition, SSL/TLS Implement the protocol OpenSSL Many other products also contain this vulnerability ASN.1 The existence of vulnerabilities related to processing has been confirmed.Third party crafted ASN.1 The client certificate containing the object SSL/TSL Etc. OpenSSL By passing it through an application implemented using OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----
OpenSSL Security Advisory [30 September 2003]
Vulnerabilities in ASN.1 parsing
NISCC (www.niscc.gov.uk) prepared a test suite to check the operation of SSL/TLS software when presented with a wide range of malformed client certificates.
Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team identified and prepared fixes for a number of vulnerabilities in the OpenSSL ASN1 code when running the test suite.
Vulnerabilities
-
Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be exploited to run malicious code. This issue does not affect OpenSSL 0.9.6.
-
Exploitation of an affected application would result in a denial of service vulnerability.
-
This by itself is not strictly speaking a vulnerability but it does mean that all SSL/TLS servers that use OpenSSL can be attacked using vulnerabilities 1, 2 and 3 even if they don't enable client authentication.
Who is affected?
All versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all versions of SSLeay are affected.
Any application that makes use of OpenSSL's ASN1 library to parse untrusted data. This includes all SSL or TLS applications, those using S/MIME (PKCS#7) or certificate generation routines.
Recommendations
Upgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications statically linked to OpenSSL libraries.
References
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0545 for issue 1:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545
and CAN-2003-0543 and CAN-2003-0544 for issue 2:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544
URL for this Security Advisory: http://www.openssl.org/news/secadv_20030930.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q x4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS 3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un xjGKYbcITrM= =fFTe -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200311-0089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stunnel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tawie server linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "1.0.2.2s"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "database",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "java system application server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 platform edition update 2"
},
{
"model": "java system application server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 standard edition update 2"
},
{
"model": "java system directory server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "4.1 sp13"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.0 sp6"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.1"
},
{
"model": "linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux apache-based web server",
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "gsx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.15336"
},
{
"model": "esx server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.05257"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5.2"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.30"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.200"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.11"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.10"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.01"
},
{
"model": "enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1x86"
},
{
"model": "one directory server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one directory server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur1 platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.1"
},
{
"model": "cluster",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.0"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.9"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.8"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.6"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.5"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.4"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7.1"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.7"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.3"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.6.2"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.18"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.5.17"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat webcluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat securitycluster",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat high availability",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.1"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.5"
},
{
"model": "stonebeat fullcluster for raptor",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for isa server",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for gauntlet",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "3.0"
},
{
"model": "stonebeat fullcluster for firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "2.0"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.9"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.8.1"
},
{
"model": "ssleay",
"scope": "eq",
"trust": 0.3,
"vendor": "ssleay",
"version": "0.6.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.8"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.7"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.6"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.5"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.4"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.3"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.2"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1.1"
},
{
"model": "communications security ssh2",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "3.1"
},
{
"model": "communications security ssh sentinel",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ipsec express toolkit",
"scope": null,
"trust": 0.3,
"vendor": "ssh",
"version": null
},
{
"model": "os",
"scope": "eq",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.4"
},
{
"model": "gpl",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "1.0"
},
{
"model": "express beta",
"scope": "eq",
"trust": 0.3,
"vendor": "smoothwall",
"version": "2.0"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.3"
},
{
"model": "propack",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "2.2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.7"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.6"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "oracle9i application server .1s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.4"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "nsure audit",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "netmail e",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail d",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail c",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.10"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "netmail b",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.3"
},
{
"model": "netmail",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.0.1"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0.2"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.0"
},
{
"model": "imanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "1.5"
},
{
"model": "ichain server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "ichain server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.2"
},
{
"model": "groupwise webaccess sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise webaccess sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "groupwise internet agent",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5.1"
},
{
"model": "groupwise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "groupwise sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "edirectory su1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.7"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.6.2"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.27"
},
{
"model": "edirectory a",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5.12"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.5"
},
{
"model": "edirectory",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "8.0"
},
{
"model": "bordermanager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.8"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "8.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "networks t-series router t640",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks t-series router t320",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1.1"
},
{
"model": "networks sdx-300",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "3.1"
},
{
"model": "networks m-series router m5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40e",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m160",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks m-series router m10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "rational rose",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2000"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.2"
},
{
"model": "hp-ux aaa server a.06.01.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "wbem services for hp-ux a.01.05.05",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "isman",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "firepass",
"scope": null,
"trust": 0.3,
"vendor": "f5",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.4"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.3"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.2"
},
{
"model": "ssh for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.1"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.3"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.2.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.1.0"
},
{
"model": "ssh for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.0.1"
},
{
"model": "open software",
"scope": "eq",
"trust": 0.3,
"vendor": "cray",
"version": "3.4"
},
{
"model": "associates etrust security command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "threat response",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sn storage router sn5428-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-3.2.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2.5.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.2-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sn storage router sn5428-2-3.3.1-k9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5428"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure policy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "520"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "515"
},
{
"model": "network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "firewall services module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "css11000 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "css secure content accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ciscoworks wireless lan solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "ciscoworks hosting solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1105"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software vpn-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software providor-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "3.0"
},
{
"model": "firewall server",
"scope": "eq",
"trust": 0.3,
"vendor": "borderware",
"version": "7.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.0"
},
{
"model": "coat systems security gateway os",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.0"
},
{
"model": "coat systems cacheos ca/sa",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.1.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "tarantella",
"version": "33.40"
},
{
"model": "solaris 8 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one web server sp7",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "one web server sp14",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.1"
},
{
"model": "one directory server sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "5.1"
},
{
"model": "one application server ur2 upgrade standard",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "one application server ur2 upgrade platform",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.2"
},
{
"model": "cluster",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "2.1"
},
{
"model": "communications security ssh2",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "3.2.9"
},
{
"model": "communications security ssh sentinel",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4.1"
},
{
"model": "os",
"scope": "ne",
"trust": 0.3,
"vendor": "snapgear",
"version": "1.8.5"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.3"
},
{
"model": "nsure audit",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "1.0.2"
},
{
"model": "netmail f",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "3.1"
},
{
"model": "imanager",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.5"
},
{
"model": "edirectory su1",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "8.7.1"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "rational requisitepro",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "hp-ux aaa server a.06.01.02.04",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "wbem services for hp-ux a.01.05.07",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0543",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0543",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.8,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0543",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#104280",
"trust": 0.8,
"value": "11.81"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#732952",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#686224",
"trust": 0.8,
"value": "1.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#935264",
"trust": 0.8,
"value": "21.52"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#380864",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#255484",
"trust": 0.8,
"value": "11.25"
},
{
"author": "CNNVD",
"id": "CNNVD-200311-070",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values. Multiple vulnerabilities exist in different vendors\u0027 SSL/TLS implementations. The impacts of these vulnerabilities include remote execution of arbitrary code, denial of service, and disclosure of sensitive information. OpenSSL accepts unsolicited client certificate messages. This vulnerability requires as a precondition that an application is configured to ignore public key decoding errors, which is typically only the case during debugging. OpenSSL Is X.509 With a certificate etc. ASN.1 Authentication information is exchanged using objects. OpenSSL 0.9.6j/0.9.7b Before ASN.1 An integer overflow vulnerability exists due to insufficient bounds checking on the value of the object\u0027s tag field. In addition, SSL/TLS Implement the protocol OpenSSL Many other products also contain this vulnerability ASN.1 The existence of vulnerabilities related to processing has been confirmed.Third party crafted ASN.1 The client certificate containing the object SSL/TSL Etc. OpenSSL By passing it through an application implemented using OpenSSL Service disruption (DoS) It may be in a state. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\n\nOpenSSL Security Advisory [30 September 2003]\n\nVulnerabilities in ASN.1 parsing\n================================\n\nNISCC (www.niscc.gov.uk) prepared a test suite to check the operation\nof SSL/TLS software when presented with a wide range of malformed client\ncertificates. \n\nDr Stephen Henson (steve@openssl.org) of the OpenSSL core team\nidentified and prepared fixes for a number of vulnerabilities in the\nOpenSSL ASN1 code when running the test suite. \n\nVulnerabilities\n- ---------------\n\n1. Certain ASN.1 encodings that are rejected as invalid by the parser\ncan trigger a bug in the deallocation of the corresponding data\nstructure, corrupting the stack. This can be used as a denial of service\nattack. It is currently unknown whether this can be exploited to run\nmalicious code. This issue does not affect OpenSSL 0.9.6. \n\n2. \n\n3. Exploitation of an affected\napplication would result in a denial of service vulnerability. \n\n4. This by\nitself is not strictly speaking a vulnerability but it does mean that\n*all* SSL/TLS servers that use OpenSSL can be attacked using\nvulnerabilities 1, 2 and 3 even if they don\u0027t enable client authentication. \n\nWho is affected?\n- ----------------\n\nAll versions of OpenSSL up to and including 0.9.6j and 0.9.7b and all\nversions of SSLeay are affected. \n\nAny application that makes use of OpenSSL\u0027s ASN1 library to parse\nuntrusted data. This includes all SSL or TLS applications, those using\nS/MIME (PKCS#7) or certificate generation routines. \n\nRecommendations\n- ---------------\n\nUpgrade to OpenSSL 0.9.7c or 0.9.6k. Recompile any OpenSSL applications\nstatically linked to OpenSSL libraries. \n\nReferences\n- ----------\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0545 for issue 1:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0545\n\nand CAN-2003-0543 and CAN-2003-0544 for issue 2:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0543\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0544\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20030930.txt\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQCVAwUBP3mNKu6tTP1JpWPZAQFjPwP/Y8epYBa9oCK69dCT5Y90kg9Ir8pYuv+q\nx4NxuyhD5JaJfmStwbl3BUSE5juI0mh7d6yFjfI0Ci3sdC+5v10ZOanGwX7o4JlS\n3pGSSocAEiYS59qciRLtFsCbBt8jIOCG8KiTmKO2mI5dhAEB9UqPH9e8A1Wy/8un\nxjGKYbcITrM=\n=fFTe\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0543"
},
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "PACKETSTORM",
"id": "31738"
}
],
"trust": 6.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2003-0543",
"trust": 2.8
},
{
"db": "BID",
"id": "8732",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3900",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22249",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 1.1
},
{
"db": "XF",
"id": "13316",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "CA-2003-26",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:291",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:292",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "201029",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:4254",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:5292",
"trust": 0.6
},
{
"db": "ENGARDE",
"id": "ESA-20030930-027",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-394",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-393",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31738",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"id": "VAR-200311-0089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-29T19:17:04.347000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"title": "HPSBUX00288",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00891831"
},
{
"title": "HPSBUX00290",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00901847"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=hpsbux0310-284"
},
{
"title": "HPSBUX0310-290",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-290.html"
},
{
"title": "HPSBUX0310-284",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0310-284.html"
},
{
"title": "openssl",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/openssl.html"
},
{
"title": "secadv_20030930",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-292.html"
},
{
"title": "RHSA-2003:291",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-291.html"
},
{
"title": "RHSA-2003:293",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"title": "57472",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-1"
},
{
"title": "57100",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-1"
},
{
"title": "57498",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-1"
},
{
"title": "57599",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-1"
},
{
"title": "57498",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57498-3"
},
{
"title": "57472",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57472-3"
},
{
"title": "57100",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57100-3"
},
{
"title": "57599",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57599-3"
},
{
"title": "TLSA-2003-55",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-55.txt"
},
{
"title": "#62",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/031210_62/top.html"
},
{
"title": "cisco-sa-20030930-ssl",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20030930-ssl-j.shtml"
},
{
"title": "RHSA-2003:292",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-292j.html"
},
{
"title": "RHSA-2003:291",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-291j.html"
},
{
"title": "RHSA-2003:293",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-293j.html"
},
{
"title": "TLSA-2003-55",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-55j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.1,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm"
},
{
"trust": 4.8,
"url": "http://www.ietf.org/rfc/rfc2246.txt"
},
{
"trust": 4.0,
"url": "http://wp.netscape.com/eng/ssl3/"
},
{
"trust": 4.0,
"url": "http://www.itu.int/itu-t/studygroups/com10/languages/"
},
{
"trust": 3.9,
"url": "http://www.openssl.org/news/secadv_20030930.txt"
},
{
"trust": 3.2,
"url": "http://www.ietf.org/html.charters/pkix-charter.html"
},
{
"trust": 2.7,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/8732"
},
{
"trust": 1.9,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21247112"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-291.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2003-292.html"
},
{
"trust": 1.6,
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3693.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-394"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2003/dsa-393"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1"
},
{
"trust": 1.6,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22249"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3900"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5292"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4254"
},
{
"trust": 0.9,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087450.htm"
},
{
"trust": 0.8,
"url": "http://www.uniras.gov.uk/vuls/2003/006489/tls.htm"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/pkcs/"
},
{
"trust": 0.8,
"url": "http://wp.netscape.com/eng/ssl3/draft302.txt"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-159.shtml"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/o-065.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0543"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20031104-00753.xml"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/advisories/default.aspx?id=br-20031104-00633.xml"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13316"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-26"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-26"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0543"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20031104-00748.pdf"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20031104-00753.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20031001_103420.html"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5292"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3900"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4254"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-tech.shtml"
},
{
"trust": 0.3,
"url": "http://support.f-secure.com/enu/corporate/supportissue/ssh/comments/comments-issue-2003120400.shtml"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57599"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/swupdates/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030930-ssl.shtml"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967586.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968007.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/esx/esx2-openssh.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967420.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967421.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/products/firewall.php"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967425.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967411.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967408.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967399.htm"
},
{
"trust": 0.3,
"url": "http://www.vmware.com/download/gsx_security.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967175.htm"
},
{
"trust": 0.3,
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=mdksa-2003:098"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2004.0422.1"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967210.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967209.htm"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967208.htm"
},
{
"trust": 0.3,
"url": "http://cirt.dk/advisories/cirt-32-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.cirt.dk/advisories/cirt-31-advisory.pdf"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3040.html"
},
{
"trust": 0.3,
"url": "http://metalink.oracle.com"
},
{
"trust": 0.3,
"url": "http://www.smoothwall.org/home/news/item/20031001.01.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-331.php"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2003-293.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/advisory_openssl_asn_vulnerability.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/security-alerts/"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm"
},
{
"trust": 0.3,
"url": "http://www.stonesoft.com/document/art/3041.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/476/"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/newsroom/article/477/"
},
{
"trust": 0.3,
"url": "http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57100"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57444"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57472"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57475"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57498"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://www.tarantella.com/security/bulletin-08.html"
},
{
"trust": 0.3,
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097379.htm"
},
{
"trust": 0.3,
"url": "http://www.borderware.com/"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 0.3,
"url": "/archive/1/343055"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0545"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0543"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2003-0544"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0543"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0544"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#104280"
},
{
"db": "CERT/CC",
"id": "VU#732952"
},
{
"db": "CERT/CC",
"id": "VU#686224"
},
{
"db": "CERT/CC",
"id": "VU#935264"
},
{
"db": "CERT/CC",
"id": "VU#380864"
},
{
"db": "CERT/CC",
"id": "VU#255484"
},
{
"db": "BID",
"id": "8732"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"db": "PACKETSTORM",
"id": "31738"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-09-30T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2003-09-30T00:00:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"date": "2003-09-30T16:10:22",
"db": "PACKETSTORM",
"id": "31738"
},
{
"date": "2003-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"date": "2003-11-17T05:00:00",
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#104280"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#732952"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#686224"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#935264"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#380864"
},
{
"date": "2003-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#255484"
},
{
"date": "2016-07-06T14:32:00",
"db": "BID",
"id": "8732"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000286"
},
{
"date": "2010-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200311-070"
},
{
"date": "2018-05-03T01:29:00",
"db": "NVD",
"id": "CVE-2003-0543"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in SSL/TLS implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#104280"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "8732"
},
{
"db": "CNNVD",
"id": "CNNVD-200311-070"
}
],
"trust": 0.9
}
}
CVE-2005-3624 (GCVE-0-2005-3624)
Vulnerability from cvelistv5 – Published: 2006-01-06 22:00 – Updated: 2024-08-07 23:17- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "xpdf-ccitt-faxstream-bo(24022)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "oval:org.mitre.oval:def:9437",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "xpdf-ccitt-faxstream-bo(24022)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "oval:org.mitre.oval:def:9437",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3624",
"datePublished": "2006-01-06T22:00:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:17:23.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3626 (GCVE-0-2005-3626)
Vulnerability from cvelistv5 – Published: 2006-01-06 22:00 – Updated: 2024-08-07 23:17- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "oval:org.mitre.oval:def:9992",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "xpdf-flatedecode-dos(24026)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "oval:org.mitre.oval:def:9992",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "xpdf-flatedecode-dos(24026)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3626",
"datePublished": "2006-01-06T22:00:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:17:23.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3625 (GCVE-0-2005-3625)
Vulnerability from cvelistv5 – Published: 2006-01-06 22:00 – Updated: 2024-08-07 23:17- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "oval:org.mitre.oval:def:9575",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "oval:org.mitre.oval:def:9575",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3625",
"datePublished": "2006-01-06T22:00:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:17:23.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3624 (GCVE-0-2005-3624)
Vulnerability from nvd – Published: 2006-01-06 22:00 – Updated: 2024-08-07 23:17- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "xpdf-ccitt-faxstream-bo(24022)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "oval:org.mitre.oval:def:9437",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "xpdf-ccitt-faxstream-bo(24022)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "oval:org.mitre.oval:def:9437",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3624",
"datePublished": "2006-01-06T22:00:00.000Z",
"dateReserved": "2005-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:17:23.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}