cve-2013-0166
Vulnerability from cvelistv5
Published
2013-02-08 19:00
Modified
2024-08-06 14:18
Severity ?
Summary
OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.
References
secalert@redhat.comhttp://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7
secalert@redhat.comhttp://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=66e8211c0b1347970096e04b18aa52567c325200
secalert@redhat.comhttp://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=ebc71865f0506a293242bd4aec97cdc7a8ef24b0
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136396549913849&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136396549913849&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136432043316835&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136432043316835&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=137545771702053&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=137545771702053&w=2
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-0587.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-0782.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-0783.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-0833.html
secalert@redhat.comhttp://secunia.com/advisories/53623
secalert@redhat.comhttp://secunia.com/advisories/55108
secalert@redhat.comhttp://secunia.com/advisories/55139
secalert@redhat.comhttp://support.apple.com/kb/HT5880
secalert@redhat.comhttp://www.debian.org/security/2013/dsa-2621
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/737740US Government Resource
secalert@redhat.comhttp://www.openssl.org/news/secadv_20130204.txtVendor Advisory
secalert@redhat.comhttp://www.splunk.com/view/SP-CAAAHXG
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=908052
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18754
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19081
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19360
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19487
secalert@redhat.comhttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c03883001
af854a3a-2127-422b-91ae-364da2661108http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7
af854a3a-2127-422b-91ae-364da2661108http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=66e8211c0b1347970096e04b18aa52567c325200
af854a3a-2127-422b-91ae-364da2661108http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=ebc71865f0506a293242bd4aec97cdc7a8ef24b0
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136396549913849&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136396549913849&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136432043316835&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136432043316835&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=137545771702053&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=137545771702053&w=2
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0587.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0782.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0783.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0833.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/53623
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/55108
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/55139
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT5880
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2621
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/737740US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.openssl.org/news/secadv_20130204.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.splunk.com/view/SP-CAAAHXG
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=908052
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18754
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19081
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19360
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19487
af854a3a-2127-422b-91ae-364da2661108https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c03883001
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:18:09.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=66e8211c0b1347970096e04b18aa52567c325200"
          },
          {
            "name": "RHSA-2013:0587",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html"
          },
          {
            "name": "oval:org.mitre.oval:def:19360",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19360"
          },
          {
            "name": "55139",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55139"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openssl.org/news/secadv_20130204.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908052"
          },
          {
            "name": "HPSBUX02856",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
          },
          {
            "name": "SSRT101289",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2016:0640",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
          },
          {
            "name": "SSRT101108",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
          },
          {
            "name": "RHSA-2013:0833",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7"
          },
          {
            "name": "53623",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/53623"
          },
          {
            "name": "VU#737740",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/737740"
          },
          {
            "name": "HPSBUX02909",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
          },
          {
            "name": "DSA-2621",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2621"
          },
          {
            "name": "RHSA-2013:0783",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0783.html"
          },
          {
            "name": "APPLE-SA-2013-09-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
          },
          {
            "name": "55108",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55108"
          },
          {
            "name": "RHSA-2013:0782",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0782.html"
          },
          {
            "name": "HPSBOV02852",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
          },
          {
            "name": "SSRT101104",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
          },
          {
            "name": "SUSE-SU-2015:0578",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.splunk.com/view/SP-CAAAHXG"
          },
          {
            "name": "oval:org.mitre.oval:def:19487",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19487"
          },
          {
            "name": "oval:org.mitre.oval:def:18754",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18754"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5880"
          },
          {
            "name": "oval:org.mitre.oval:def:19081",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19081"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=ebc71865f0506a293242bd4aec97cdc7a8ef24b0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-08T09:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=66e8211c0b1347970096e04b18aa52567c325200"
        },
        {
          "name": "RHSA-2013:0587",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html"
        },
        {
          "name": "oval:org.mitre.oval:def:19360",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19360"
        },
        {
          "name": "55139",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55139"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openssl.org/news/secadv_20130204.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908052"
        },
        {
          "name": "HPSBUX02856",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
        },
        {
          "name": "SSRT101289",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2016:0640",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
        },
        {
          "name": "SSRT101108",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
        },
        {
          "name": "RHSA-2013:0833",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7"
        },
        {
          "name": "53623",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/53623"
        },
        {
          "name": "VU#737740",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/737740"
        },
        {
          "name": "HPSBUX02909",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
        },
        {
          "name": "DSA-2621",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2621"
        },
        {
          "name": "RHSA-2013:0783",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0783.html"
        },
        {
          "name": "APPLE-SA-2013-09-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
        },
        {
          "name": "55108",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55108"
        },
        {
          "name": "RHSA-2013:0782",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0782.html"
        },
        {
          "name": "HPSBOV02852",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
        },
        {
          "name": "SSRT101104",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
        },
        {
          "name": "SUSE-SU-2015:0578",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.splunk.com/view/SP-CAAAHXG"
        },
        {
          "name": "oval:org.mitre.oval:def:19487",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19487"
        },
        {
          "name": "oval:org.mitre.oval:def:18754",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18754"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5880"
        },
        {
          "name": "oval:org.mitre.oval:def:19081",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19081"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=ebc71865f0506a293242bd4aec97cdc7a8ef24b0"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-0166",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=66e8211c0b1347970096e04b18aa52567c325200",
              "refsource": "CONFIRM",
              "url": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=66e8211c0b1347970096e04b18aa52567c325200"
            },
            {
              "name": "RHSA-2013:0587",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html"
            },
            {
              "name": "oval:org.mitre.oval:def:19360",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19360"
            },
            {
              "name": "55139",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55139"
            },
            {
              "name": "http://www.openssl.org/news/secadv_20130204.txt",
              "refsource": "CONFIRM",
              "url": "http://www.openssl.org/news/secadv_20130204.txt"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=908052",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908052"
            },
            {
              "name": "HPSBUX02856",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
            },
            {
              "name": "SSRT101289",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2016:0640",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
            },
            {
              "name": "SSRT101108",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
            },
            {
              "name": "RHSA-2013:0833",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001"
            },
            {
              "name": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7",
              "refsource": "CONFIRM",
              "url": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7"
            },
            {
              "name": "53623",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/53623"
            },
            {
              "name": "VU#737740",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/737740"
            },
            {
              "name": "HPSBUX02909",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
            },
            {
              "name": "DSA-2621",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2621"
            },
            {
              "name": "RHSA-2013:0783",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0783.html"
            },
            {
              "name": "APPLE-SA-2013-09-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
            },
            {
              "name": "55108",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55108"
            },
            {
              "name": "RHSA-2013:0782",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0782.html"
            },
            {
              "name": "HPSBOV02852",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
            },
            {
              "name": "SSRT101104",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
            },
            {
              "name": "SUSE-SU-2015:0578",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
            },
            {
              "name": "http://www.splunk.com/view/SP-CAAAHXG",
              "refsource": "CONFIRM",
              "url": "http://www.splunk.com/view/SP-CAAAHXG"
            },
            {
              "name": "oval:org.mitre.oval:def:19487",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19487"
            },
            {
              "name": "oval:org.mitre.oval:def:18754",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18754"
            },
            {
              "name": "http://support.apple.com/kb/HT5880",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5880"
            },
            {
              "name": "oval:org.mitre.oval:def:19081",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19081"
            },
            {
              "name": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ebc71865f0506a293242bd4aec97cdc7a8ef24b0",
              "refsource": "CONFIRM",
              "url": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ebc71865f0506a293242bd4aec97cdc7a8ef24b0"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-0166",
    "datePublished": "2013-02-08T19:00:00",
    "dateReserved": "2012-12-06T00:00:00",
    "dateUpdated": "2024-08-06T14:18:09.381Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-0166\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-02-08T19:55:00.967\",\"lastModified\":\"2024-11-21T01:46:58.750\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.\"},{\"lang\":\"es\",\"value\":\"OpenSSL antes de v0.9.8y, v1.0.0 antes de v1.0.0k y v1.0.1 antes de v1.0.1d no realizar correctamente la verificaci\u00f3n de firmas para las respuestas OCSP, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia puntero NULL y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una tecla no v\u00e1lida.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14D983EC-61B0-4FD9-89B5-9878E4CE4405\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5D7BE3C-8CA2-4FB2-B4AE-B201D88C2A9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC4C5F05-BC0B-478D-9A6F-7C804777BA41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27F417A1-5D97-4BC4-8B97-5AC40236DA21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8847BD34-BDE6-4AE9-96D9-75B9CF93A6A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EDB5A09-BE86-4352-9799-A875649EDB7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6231CAA-00A8-41CE-8436-B84518014CF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A70AD93B-E876-4EAB-9970-752D42E15E99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F03FA9C0-24C7-46AC-92EC-7834BC34C79B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"716ADA01-38B8-4C15-A3BB-D9688DA30599\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B73326F7-7DCE-4EDE-95D7-AE7AED263A14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E4742C-A983-4F00-B24F-AB280C0E876D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA2D251C-9C45-4EFE-8262-E88AB7CE713A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D81E175-E698-40EF-9601-425893FFB1FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA0F25B7-A172-4300-8718-112E817A6165\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A0628DF-3A4C-4078-B615-22260671EABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"52B1BE89-BAE0-4656-943B-B9B81D9B54B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D097222B-ED20-459C-9167-55751FA2C87A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"86DDC8F2-7920-4A73-927E-562C89806972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"962FCB86-15AD-4399-8B7D-EC1DEA919C59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"180D07AE-C571-4DD6-837C-43E2A946007A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90789533-C741-4B1C-A24B-2C77B9E4DE5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1520065B-46D7-48A4-B9D0-5B49F690C5B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AA526B9-726A-49D5-B3CA-EBE2DA303CA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"494E48E7-EF86-4860-9A53-94F6C313746E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2636B92E-47D5-42EA-9585-A2B84FBE71CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72FE2F46-2D0C-4C90-AFBE-D2E7B496D6E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45A518E8-21BE-4C5C-B425-410AB1208E9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E3AB748-E463-445C-ABAB-4FEDDFD1878B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"660E4B8D-AABA-4520-BC4D-CF8E76E07C05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"85BFEED5-4941-41BB-93D1-CD5C2A41290E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"9644CC68-1E91-45E7-8C53-1E3FC9976A4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B1B98C4-1FFD-4A7C-AA86-A34BC6F7AB31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"73934717-2DA3-4614-A076-D6EDA5EB0626\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78E79A05-64F3-4397-952C-A5BB950C967D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"549BB01D-F322-4FE3-BDA2-4FEA8ED8568A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DE6CBD6-D6DD-4BC5-93F6-FDEA70163336\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98693865-2E79-4BD6-9F89-1994BC9A3E73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6476506-EC37-4726-82DC-D0E8254A8CDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D6ECEF7-CB16-4604-894B-6EB19F1CEF55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C81EF3D-4DB7-4799-9670-8D79E28CA184\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8116A66-175C-4E6D-9A9B-D54C1D97D213\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"382C1679-DA1D-4FA4-9D5E-B86CC5052D49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CA28812-8A24-4FE1-BED9-D6D5BB023645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9894D83E-2A27-446E-8B47-9C03CF802A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55A9AC4D-E19B-431F-8679-B62F5F46BCF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A4E446D-B9D3-45F2-9722-B41FA14A6C31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF4EA988-FC80-4170-8933-7C6663731981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64F8F53B-24A1-4877-B16E-F1917C4E4E81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75D3ACD5-905F-42BB-BE1A-8382E9D823BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"766EA6F2-7FA4-4713-9859-9971CCD2FDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFBC30B7-627D-48DC-8EF0-AE8FA0C6EDBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BB38AEA-BAF0-4920-9A71-747C24444770\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F33EA2B-DE15-4695-A383-7A337AC38908\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"261EE631-AB43-44FE-B02A-DFAAB8D35927\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA0E0BBF-D0BE-41A7-B9BB-C28F01000BC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A1365ED-4651-4AB2-A64B-43782EA2F0E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC82690C-DCED-47BA-AA93-4D0C9E95B806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43B90ED1-DAB4-4239-8AD8-87E8D568D5D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C9BF2DD-85EF-49CF-8D83-0DB46449E333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AEBE689-3952-46F0-BACA-BB03041C6D36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86C46AB8-52E5-4385-9C5C-F63FF9DB82AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"564AA4E7-223E-48D8-B3E0-A461969CF530\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A82CFB41-BEA5-4B5F-BCAA-9BAED22EEAF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35C2AE06-B6E8-41C4-BB60-177AC4819CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB15C1F3-0DE8-4A50-B17C-618ECA58AABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45491BD3-7C62-4422-B7DA-CB2741890FBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"499E52F3-4B34-4C47-8ABF-292928EBAA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D530BE19-ADCF-4B5C-99E0-2B9A1DE7717F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7540155-3629-4C76-9C67-8A8E0C1067F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"419BBCCD-6F8A-418A-BA02-56267B11D948\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A3A2AF8-C7DD-43D0-B03F-37E7EB735C1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10FF0A06-DA61-4250-B083-67E55E362677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6BA453-C150-4159-B80B-5465EFF83F11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"638A2E69-8AB6-4FEA-852A-FEF16A500C1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C47D3A-B99D-401D-B6B8-1194B2DB4809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08355B10-E004-4BE6-A5AE-4D428810580B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738BCFDC-1C49-4774-95AE-E099F707DEF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4B242C0-D27D-4644-AD19-5ACB853C9DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DC683F2-4346-4E5E-A8D7-67B4F4D7827B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"764B7D38-BC1B-47DB-B1DF-D092BDA4BFCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6604E7BE-9F9B-444D-A63A-F65D1CFDF3BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D1C00C0-C77E-4255-9ECA-20F2673C7366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C684FB18-FDDC-4BED-A28C-C23EE6CD0094\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74A79A7-4FAF-4C81-8622-050008B96AE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openssl:0.9.6-15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B8C80A1-D1E7-42D4-8DBC-CB7637D7598E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openssl:0.9.6b-3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB3990A-3457-4CD6-9EEC-F2D4BC143932\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openssl:0.9.7a-2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06110A61-8857-46D5-BEE1-882197756DED\"}]}]}],\"references\":[{\"url\":\"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=66e8211c0b1347970096e04b18aa52567c325200\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=ebc71865f0506a293242bd4aec97cdc7a8ef24b0\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0587.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0782.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0783.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0833.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/53623\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/55108\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/55139\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.apple.com/kb/HT5880\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2621\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/737740\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.openssl.org/news/secadv_20130204.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.splunk.com/view/SP-CAAAHXG\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=908052\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18754\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19081\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19360\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19487\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=62e4506a7d4cec1c8e1ff687f6b220f6a62a57c7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=66e8211c0b1347970096e04b18aa52567c325200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=ebc71865f0506a293242bd4aec97cdc7a8ef24b0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0587.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0782.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0783.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0833.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/53623\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/55108\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/55139\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT5880\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2621\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/737740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.openssl.org/news/secadv_20130204.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.splunk.com/view/SP-CAAAHXG\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=908052\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18754\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19081\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19360\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.