cve-2014-5139

Vulnerability from cvelistv5

Published

2014-08-13 23:00

Modified

2024-08-06 11:34

Severity

Summary

References

Source	URL	Tags
cret@cert.org	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc
cret@cert.org	http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc
cret@cert.org	http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html
cret@cert.org	http://marc.info/?l=bugtraq&m=142350350616251&w=2
cret@cert.org	http://marc.info/?l=bugtraq&m=142495837901899&w=2
cret@cert.org	http://marc.info/?l=bugtraq&m=142624590206005&w=2
cret@cert.org	http://marc.info/?l=bugtraq&m=142624619906067
cret@cert.org	http://marc.info/?l=bugtraq&m=142624619906067&w=2
cret@cert.org	http://marc.info/?l=bugtraq&m=142624679706236&w=2
cret@cert.org	http://marc.info/?l=bugtraq&m=142624719706349&w=2
cret@cert.org	http://marc.info/?l=bugtraq&m=142660345230545&w=2
cret@cert.org	http://marc.info/?l=bugtraq&m=142791032306609&w=2
cret@cert.org	http://marc.info/?l=bugtraq&m=143290437727362&w=2
cret@cert.org	http://marc.info/?l=bugtraq&m=143290522027658&w=2
cret@cert.org	http://secunia.com/advisories/59700
cret@cert.org	http://secunia.com/advisories/59710
cret@cert.org	http://secunia.com/advisories/59756
cret@cert.org	http://secunia.com/advisories/60022
cret@cert.org	http://secunia.com/advisories/60221
cret@cert.org	http://secunia.com/advisories/60493
cret@cert.org	http://secunia.com/advisories/60803
cret@cert.org	http://secunia.com/advisories/60810
cret@cert.org	http://secunia.com/advisories/60917
cret@cert.org	http://secunia.com/advisories/60921
cret@cert.org	http://secunia.com/advisories/61017
cret@cert.org	http://secunia.com/advisories/61100
cret@cert.org	http://secunia.com/advisories/61171
cret@cert.org	http://secunia.com/advisories/61184
cret@cert.org	http://secunia.com/advisories/61392
cret@cert.org	http://secunia.com/advisories/61775
cret@cert.org	http://secunia.com/advisories/61959
cret@cert.org	http://security.gentoo.org/glsa/glsa-201412-39.xml
cret@cert.org	http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html
cret@cert.org	http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240
cret@cert.org	http://www-01.ibm.com/support/docview.wss?uid=swg21682293
cret@cert.org	http://www-01.ibm.com/support/docview.wss?uid=swg21683389
cret@cert.org	http://www-01.ibm.com/support/docview.wss?uid=swg21686997
cret@cert.org	http://www.debian.org/security/2014/dsa-2998
cret@cert.org	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm
cret@cert.org	http://www.securityfocus.com/bid/69077
cret@cert.org	http://www.securitytracker.com/id/1030693
cret@cert.org	http://www.tenable.com/security/tns-2014-06
cret@cert.org	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=80bd7b41b30af6ee96f519e629463583318de3b0
cret@cert.org	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=83764a989dcc87fbea337da5f8f86806fe767b7e
cret@cert.org	https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html
cret@cert.org	https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc
cret@cert.org	https://www.openssl.org/news/secadv_20140806.txt	Vendor Advisory

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:34:37.376Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2014:1052",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html"
          },
          {
            "name": "60221",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60221"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
          },
          {
            "name": "61184",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61184"
          },
          {
            "name": "SSRT101846",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
          },
          {
            "name": "60022",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60022"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv_20140806.txt"
          },
          {
            "name": "61017",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61017"
          },
          {
            "name": "SSRT101818",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
          },
          {
            "name": "HPSBMU03304",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
          },
          {
            "name": "HPSBMU03259",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
          },
          {
            "name": "GLSA-201412-39",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
          },
          {
            "name": "HPSBHF03293",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
          },
          {
            "name": "69077",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/69077"
          },
          {
            "name": "HPSBMU03260",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
          },
          {
            "name": "60803",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60803"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=80bd7b41b30af6ee96f519e629463583318de3b0"
          },
          {
            "name": "59700",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59700"
          },
          {
            "name": "1030693",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030693"
          },
          {
            "name": "60917",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60917"
          },
          {
            "name": "HPSBMU03216",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.tenable.com/security/tns-2014-06"
          },
          {
            "name": "NetBSD-SA2014-008",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc"
          },
          {
            "name": "60493",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60493"
          },
          {
            "name": "59710",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59710"
          },
          {
            "name": "60921",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60921"
          },
          {
            "name": "60810",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60810"
          },
          {
            "name": "HPSBMU03283",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240"
          },
          {
            "name": "61100",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61100"
          },
          {
            "name": "FreeBSD-SA-14:18",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc"
          },
          {
            "name": "61775",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61775"
          },
          {
            "name": "SSRT101894",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
          },
          {
            "name": "DSA-2998",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2998"
          },
          {
            "name": "HPSBMU03263",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
          },
          {
            "name": "SSRT101921",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
          },
          {
            "name": "61959",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61959"
          },
          {
            "name": "59756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59756"
          },
          {
            "name": "HPSBMU03262",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
          },
          {
            "name": "HPSBMU03267",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
          },
          {
            "name": "HPSBMU03261",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
          },
          {
            "name": "61392",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61392"
          },
          {
            "name": "SSRT101916",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
          },
          {
            "name": "[syslog-ng-announce] 20140910 syslog-ng Premium Edition 5 LTS (5.0.6a) has been released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html"
          },
          {
            "name": "61171",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61171"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=83764a989dcc87fbea337da5f8f86806fe767b7e"
          },
          {
            "name": "SSRT101922",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-08-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-04T20:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "openSUSE-SU-2014:1052",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html"
        },
        {
          "name": "60221",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60221"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
        },
        {
          "name": "61184",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61184"
        },
        {
          "name": "SSRT101846",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
        },
        {
          "name": "60022",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60022"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.openssl.org/news/secadv_20140806.txt"
        },
        {
          "name": "61017",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61017"
        },
        {
          "name": "SSRT101818",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
        },
        {
          "name": "HPSBMU03304",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
        },
        {
          "name": "HPSBMU03259",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
        },
        {
          "name": "GLSA-201412-39",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
        },
        {
          "name": "HPSBHF03293",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
        },
        {
          "name": "69077",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/69077"
        },
        {
          "name": "HPSBMU03260",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
        },
        {
          "name": "60803",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60803"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=80bd7b41b30af6ee96f519e629463583318de3b0"
        },
        {
          "name": "59700",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59700"
        },
        {
          "name": "1030693",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030693"
        },
        {
          "name": "60917",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60917"
        },
        {
          "name": "HPSBMU03216",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.tenable.com/security/tns-2014-06"
        },
        {
          "name": "NetBSD-SA2014-008",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc"
        },
        {
          "name": "60493",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60493"
        },
        {
          "name": "59710",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59710"
        },
        {
          "name": "60921",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60921"
        },
        {
          "name": "60810",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60810"
        },
        {
          "name": "HPSBMU03283",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240"
        },
        {
          "name": "61100",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61100"
        },
        {
          "name": "FreeBSD-SA-14:18",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc"
        },
        {
          "name": "61775",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61775"
        },
        {
          "name": "SSRT101894",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
        },
        {
          "name": "DSA-2998",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2998"
        },
        {
          "name": "HPSBMU03263",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
        },
        {
          "name": "SSRT101921",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
        },
        {
          "name": "61959",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61959"
        },
        {
          "name": "59756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59756"
        },
        {
          "name": "HPSBMU03262",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
        },
        {
          "name": "HPSBMU03267",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
        },
        {
          "name": "HPSBMU03261",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
        },
        {
          "name": "61392",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61392"
        },
        {
          "name": "SSRT101916",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
        },
        {
          "name": "[syslog-ng-announce] 20140910 syslog-ng Premium Edition 5 LTS (5.0.6a) has been released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html"
        },
        {
          "name": "61171",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61171"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=83764a989dcc87fbea337da5f8f86806fe767b7e"
        },
        {
          "name": "SSRT101922",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2014-5139",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2014:1052",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html",
              "refsource": "CONFIRM",
              "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html"
            },
            {
              "name": "60221",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60221"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
            },
            {
              "name": "61184",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61184"
            },
            {
              "name": "SSRT101846",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
            },
            {
              "name": "60022",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60022"
            },
            {
              "name": "https://www.openssl.org/news/secadv_20140806.txt",
              "refsource": "CONFIRM",
              "url": "https://www.openssl.org/news/secadv_20140806.txt"
            },
            {
              "name": "61017",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61017"
            },
            {
              "name": "SSRT101818",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
            },
            {
              "name": "HPSBMU03304",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
            },
            {
              "name": "HPSBMU03259",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
            },
            {
              "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
            },
            {
              "name": "GLSA-201412-39",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
            },
            {
              "name": "HPSBHF03293",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
            },
            {
              "name": "69077",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/69077"
            },
            {
              "name": "HPSBMU03260",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
            },
            {
              "name": "60803",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60803"
            },
            {
              "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=80bd7b41b30af6ee96f519e629463583318de3b0",
              "refsource": "CONFIRM",
              "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=80bd7b41b30af6ee96f519e629463583318de3b0"
            },
            {
              "name": "59700",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59700"
            },
            {
              "name": "1030693",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030693"
            },
            {
              "name": "60917",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60917"
            },
            {
              "name": "HPSBMU03216",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
            },
            {
              "name": "http://www.tenable.com/security/tns-2014-06",
              "refsource": "CONFIRM",
              "url": "http://www.tenable.com/security/tns-2014-06"
            },
            {
              "name": "NetBSD-SA2014-008",
              "refsource": "NETBSD",
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc"
            },
            {
              "name": "60493",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60493"
            },
            {
              "name": "59710",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59710"
            },
            {
              "name": "60921",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60921"
            },
            {
              "name": "60810",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60810"
            },
            {
              "name": "HPSBMU03283",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240"
            },
            {
              "name": "61100",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61100"
            },
            {
              "name": "FreeBSD-SA-14:18",
              "refsource": "FREEBSD",
              "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc"
            },
            {
              "name": "61775",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61775"
            },
            {
              "name": "SSRT101894",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
            },
            {
              "name": "DSA-2998",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2998"
            },
            {
              "name": "HPSBMU03263",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
            },
            {
              "name": "SSRT101921",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
            },
            {
              "name": "61959",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61959"
            },
            {
              "name": "59756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59756"
            },
            {
              "name": "HPSBMU03262",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
            },
            {
              "name": "HPSBMU03267",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
            },
            {
              "name": "HPSBMU03261",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
            },
            {
              "name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc",
              "refsource": "CONFIRM",
              "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
            },
            {
              "name": "61392",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61392"
            },
            {
              "name": "SSRT101916",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
            },
            {
              "name": "[syslog-ng-announce] 20140910 syslog-ng Premium Edition 5 LTS (5.0.6a) has been released",
              "refsource": "MLIST",
              "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html"
            },
            {
              "name": "61171",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61171"
            },
            {
              "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=83764a989dcc87fbea337da5f8f86806fe767b7e",
              "refsource": "CONFIRM",
              "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=83764a989dcc87fbea337da5f8f86806fe767b7e"
            },
            {
              "name": "SSRT101922",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2014-5139",
    "datePublished": "2014-08-13T23:00:00",
    "dateReserved": "2014-07-30T00:00:00",
    "dateUpdated": "2024-08-06T11:34:37.376Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-5139\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2014-08-13T23:55:07.717\",\"lastModified\":\"2023-11-07T02:20:43.020\",\"vulnStatus\":\"Modified\",\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/476.html\\\" target=\\\"_blank\\\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n ssl_set_client_disabled en t1_lib.c en OpenSSL 1.0.1 anterior a 1.0.1i permite a servidores SSL remotos causar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda de la aplicaci\u00f3n del cliente) a trav\u00e9s de un mensaje ServerHello que incluye un suite de cifrado SRP sin la negociaci\u00f3n necesaria de este suite de cifrada con el cliente.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":4.3},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D1C00C0-C77E-4255-9ECA-20F2673C7366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"21F16D65-8A46-4AC7-8970-73AB700035FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F393FF-7E6F-4671-BFBF-060162E12659\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1B85A09-CF8D-409D-966E-168F9959F6F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C684FB18-FDDC-4BED-A28C-C23EE6CD0094\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74A79A7-4FAF-4C81-8622-050008B96AE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEDACCB9-8D61-49EE-9957-9E58BC7BB031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4993DD56-F9E3-4AC8-AC3E-BF204B950DEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E884B241-F9C3-44F8-A420-DE65F5F3D660\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A383620-B4F7-44A7-85DA-A4FF2E115D80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F0C6812-F455-49CF-B29B-9AC00306DA43\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc\",\"source\":\"cret@cert.org\"},{\"url\":\"http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc\",\"source\":\"cret@cert.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142624619906067\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/59700\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/59710\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/59756\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/60022\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/60221\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/60493\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/60803\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/60810\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/60917\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/60921\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/61017\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/61100\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/61171\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/61184\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/61392\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/61775\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/61959\",\"source\":\"cret@cert.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201412-39.xml\",\"source\":\"cret@cert.org\"},{\"url\":\"http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21682293\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21683389\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21686997\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.debian.org/security/2014/dsa-2998\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/bid/69077\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securitytracker.com/id/1030693\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.tenable.com/security/tns-2014-06\",\"source\":\"cret@cert.org\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=80bd7b41b30af6ee96f519e629463583318de3b0\",\"source\":\"cret@cert.org\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=83764a989dcc87fbea337da5f8f86806fe767b7e\",\"source\":\"cret@cert.org\"},{\"url\":\"https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc\",\"source\":\"cret@cert.org\"},{\"url\":\"https://www.openssl.org/news/secadv_20140806.txt\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client. OpenSSL is prone to a local denial-of-service vulnerability. An attacker may exploit this issue to crash the application, resulting in denial-of-service conditions. OpenSSL 1.0.1 prior to 1.0.1i are vulnerable.

References:

CVE-2014-3566 CVE-2014-5139 SSRT101916

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

Contact vcemsdksupportteam@hp.com to request the HP Virtual Connect Enterprise Manager SDK v7.4.1 or later. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04624296

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04624296 Version: 1

HPSBMU03304 rev.1 - HP Insight Control server deployment on Linux and Windows, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2015-04-01 Last Updated: 2015-04-01

Potential Security Impact: Remote disclosure of information

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) which are components of HP Insight Control server deployment. These vulnerabilities are related to the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE". The components of HP Insight Control server deployment could be exploited remotely to allow disclosure of information.

HP Insight Control server deployment includes HP System Management Homepage (SMH), HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following jobs. This bulletin provides the information needed to update the vulnerable components in HP Insight Control server deployment.

Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware

References:

CVE-2014-3508 CVE-2014-3509 CVE-2014-3511 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 SSRT102004

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1

BACKGROUND

CVSS 2.0 Base Metrics

Reference Base Vector Base Score CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3509 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3511 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3568 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-5139 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

RESOLUTION

HP has provided the following instructions to resolve this vulnerability.

Note: For HP Insight deployment Control server v7.1.2, v7.2.0, v7.2.1 and v7.2.2, you must upgrade to v7.3.1 and follow the steps from 1 to 11 mentioned below to resolve the vulnerability.

Delete the files smh.exe from Component Copy Location listed in the following table, rows 1 and 2. Delete the files vca.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7..rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location

1 http://www.hp.com/swpublishing/MTX-bd2042a1c7574aad90c4839efe smhamd64-cp023964.exe \express\hpfeatures\hpagents-ws\components\Win2008

2 http://www.hp.com/swpublishing/MTX-062078f1ae354b7e99c86c151c smhx86-cp023963.exe \express\hpfeatures\hpagents-ws\components\Win2008

3 http://www.hp.com/swpublishing/MTX-7b23e47d5d9b420b94bd1323eb vcax86 cp025295.exe \express\hpfeatures\hpagents-ws\components\Win2008

4 http://www.hp.com/swpublishing/MTX-2557aa7dc1654cf6b547c1a9e4 vcaamd64-cp025296.exe \express\hpfeatures\hpagents-ws\components\Win2008

5 http://www.hp.com/swpublishing/MTX-5827037475e44abab586463723 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components

\express\hpfeatures\hpagents-sles10-x64\components

\express\hpfeatures\hpagents-rhel5-x64\components

\express\hpfeatures\hpagents-rhel6-x64\components

6 http://www.hp.com/swpublishing/MTX-57ab6bb78b6e47a18718f44133 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components

\express\hpfeatures\hpagents-sles10-x64\components

\express\hpfeatures\hpagents-rhel5-x64\components

\express\hpfeatures\hpagents-rhel6-x64\components

7 http://www.hp.com/swpublishing/MTX-34bcab41ac7e4db299e3f5f2f1 smhx86-cp025274.exe \express\hpfeatures\hpagents-ws\components\Win2003

8 http://www.hp.com/swpublishing/MTX-00eb9ac82e86449e8c3ba101bd smhamd64-cp025275.exe \express\hpfeatures\hpagents-ws\components\Win2003

Download and extract the HP SUM component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p991570621/v99346

Copy all content from extracted folder and paste at \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on the target running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on the target running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on the target running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on the target running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 job on the target running Windows.

HISTORY Version:1 (rev.1) - 1 April 2015 Initial release

Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com

Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/

Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX

Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)

iEYEARECAAYFAlUb+3EACgkQ4B86/C0qfVnD1wCg+LtrJpQcATsjJ308tHP49nog 0sgAoJ5L9/aT7iAxhlnZdRatqjBoIFxb =pzE4 -----END PGP SIGNATURE----- .

Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz: Upgraded. This update fixes several security issues: Double Free when processing DTLS packets (CVE-2014-3505) DTLS memory exhaustion (CVE-2014-3506) DTLS memory leak from zero-length fragments (CVE-2014-3507) Information leak in pretty printing functions (CVE-2014-3508) Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) OpenSSL TLS protocol downgrade attack (CVE-2014-3511) SRP buffer overrun (CVE-2014-3512) Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) For more information, see: https://www.openssl.org/news/secadv_20140806.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139 ( Security fix ) patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz: Upgraded. ( Security fix ) +--------------------------+

Where to find the new packages: +-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zb-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.0.txz

Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz

Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zb-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.1.txz

Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz

Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zb-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.37.txz

Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz

Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1i-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.0.txz

Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1i-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz

Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz

Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1i-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz

Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1i-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1i-i486-1.txz

Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1i-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1i-x86_64-1.txz

MD5 signatures: +-------------+

Slackware 13.0 packages: 30bdc015b10d8891b90d3f6ea34f5fdd openssl-0.9.8zb-i486-1_slack13.0.txz 3dc4140c22c04c94e5e74386a5a1c200 openssl-solibs-0.9.8zb-i486-1_slack13.0.txz

Slackware x86_64 13.0 packages: 3da32f51273762d67bf9dbcc91af9413 openssl-0.9.8zb-x86_64-1_slack13.0.txz 075e5d12e5b909ecac923cb210f83544 openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz

Slackware 13.1 packages: 3b7e2bb2b317bf72b8f9b2b7a14bddfb openssl-0.9.8zb-i486-1_slack13.1.txz 92af0784eade0674332a56bfab73b97d openssl-solibs-0.9.8zb-i486-1_slack13.1.txz

Slackware x86_64 13.1 packages: df5f961109d7b50971660ca6a7d4c48c openssl-0.9.8zb-x86_64-1_slack13.1.txz 582aaeae3d56730a2e1538a67d4e44da openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz

Slackware 13.37 packages: 546445d56d3b367fa0dd4e80859c4620 openssl-0.9.8zb-i486-1_slack13.37.txz b80e9df8cdd0649939ec2fab20d24691 openssl-solibs-0.9.8zb-i486-1_slack13.37.txz

Slackware x86_64 13.37 packages: 9c9ce97dc21340924a3e27c1a8047023 openssl-0.9.8zb-x86_64-1_slack13.37.txz 0fe1931f2fc82fb8d5fbe72680caf843 openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz

Slackware 14.0 packages: d1580f4b22b99cee42b22276653c8180 openssl-1.0.1i-i486-1_slack14.0.txz ec93cec2bcab8ae7391a504573cbc231 openssl-solibs-1.0.1i-i486-1_slack14.0.txz

Slackware x86_64 14.0 packages: 329475de3759225b1d02aa7317b2eb58 openssl-1.0.1i-x86_64-1_slack14.0.txz 25f2a198022d974534986a3913ca705c openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz

Slackware 14.1 packages: 8336457bc31d44ebf502ffc4443f12f7 openssl-1.0.1i-i486-1_slack14.1.txz 4b99ac357fbd3065c53367eea246b8c7 openssl-solibs-1.0.1i-i486-1_slack14.1.txz

Slackware x86_64 14.1 packages: f2b8f81d9d7dc02e5d1011f663ccc95d openssl-1.0.1i-x86_64-1_slack14.1.txz 4360abffbb57cb18ba0720f782d78250 openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz

Slackware -current packages: 49ecd332a899cf742d3467a6efe44269 a/openssl-solibs-1.0.1i-i486-1.txz 27da017c49045981b1793f105aff365f n/openssl-1.0.1i-i486-1.txz

Slackware x86_64 -current packages: 8d74f3d770802182137c84d925f58cbc a/openssl-solibs-1.0.1i-x86_64-1.txz fd9d94d3210f0aedf74959cb0887e2b8 n/openssl-1.0.1i-x86_64-1.txz

Installation instructions: +------------------------+

Upgrade the packages as root:

upgradepkg openssl-1.0.1i-i486-1_slack14.1.txz openssl-solibs-1.0.1i-i486-1_slack14.1.txz

+-----+

Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. OpenSSL Security Advisory [6 Aug 2014] ========================================

Information leak in pretty printing functions (CVE-2014-3508)

A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. OpenSSL SSL/TLS clients and servers themselves are not affected.

Thanks to Ivan Fratric (Google) for discovering this issue. This issue was reported to OpenSSL on 19th June 2014.

The fix was developed by Emilia Käsper and Stephen Henson of the OpenSSL development team. This can be exploited through a Denial of Service attack.

OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i.

Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for discovering and researching this issue. This issue was reported to OpenSSL on 2nd July 2014.

The fix was developed by Stephen Henson of the OpenSSL core team.

Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)

If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory.

OpenSSL 1.0.0 SSL/TLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i.

Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this issue. This issue was reported to OpenSSL on 8th July 2014.

The fix was developed by Gabor Tyukasz.

Double Free when processing DTLS packets (CVE-2014-3505)

An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack.

Thanks to Adam Langley and Wan-Teh Chang (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.

The fix was developed by Adam Langley.

DTLS memory exhaustion (CVE-2014-3506)

An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. This can be exploited through a Denial of Service attack.

Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.

The fix was developed by Adam Langley.

DTLS memory leak from zero-length fragments (CVE-2014-3507)

By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack.

Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.

The fix was developed by Adam Langley.

OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)

OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack.

OpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb OpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i.

Thanks to Felix Gröbert (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 18th July 2014.

The fix was developed by Emilia Käsper of the OpenSSL development team.

OpenSSL TLS protocol downgrade attack (CVE-2014-3511)

A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate TLS 1.0 instead of higher protocol versions when the ClientHello message is badly fragmented. This allows a man-in-the-middle attacker to force a downgrade to TLS 1.0 even if both the server and the client support a higher protocol version, by modifying the client's TLS records.

OpenSSL 1.0.1 SSL/TLS server users should upgrade to 1.0.1i.

Thanks to David Benjamin and Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 21st July 2014.

The fix was developed by David Benjamin.

SRP buffer overrun (CVE-2014-3512)

A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected.

Thanks to Sean Devlin and Watson Ladd (Cryptography Services, NCC Group) for discovering this issue. This issue was reported to OpenSSL on 31st July 2014.

The fix was developed by Stephen Henson of the OpenSSL core team.

References

URL for this Security Advisory: https://www.openssl.org/news/secadv_20140806.txt

Note: the online version of the advisory may be updated with additional details over time

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201408-0212",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1e"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1a"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1b"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1g"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1d"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1h"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1c"
      },
      {
        "model": "openssl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openssl",
        "version": "1.0.1f"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.1.1"
      },
      {
        "model": "upward integration modules for vmware vsphere",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.5"
      },
      {
        "model": "8.4-release-p12",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "flex system fc3171 8gb san pass-thru",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1.3"
      },
      {
        "model": "10.0-beta",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "upward integration modules scvmm add-in",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.3"
      },
      {
        "model": "-release-p2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.1"
      },
      {
        "model": "virtual connect 8gb 24-port fc module",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "3.0"
      },
      {
        "model": "system management homepage",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4.1"
      },
      {
        "model": "alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.0"
      },
      {
        "model": "tivoli netcool system service monitor fp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "4.0.0"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.11"
      },
      {
        "model": "9.1-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "cloudsystem matrix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4"
      },
      {
        "model": "8.4-release-p15",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2.8"
      },
      {
        "model": "project openssl 1.0.1e",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.2"
      },
      {
        "model": "i v5r4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.3"
      },
      {
        "model": "project openssl beta3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "1.0.1"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.8.780"
      },
      {
        "model": "insight control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3"
      },
      {
        "model": "project openssl 1.0.1a",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.1"
      },
      {
        "model": "8.1-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "oncommand unified manager core package",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.5"
      },
      {
        "model": "9.2-release-p11",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "i v5r3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1"
      },
      {
        "model": "proventia network security controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.470"
      },
      {
        "model": "virtual connect 8gb 24-port fc module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "clustered data ontap antivirus connector",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.3"
      },
      {
        "model": "tivoli netcool/reporter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.5.1"
      },
      {
        "model": "vios fp-25 sp-02",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.1.4"
      },
      {
        "model": "9.1-release-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "8.3-release-p16",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.2"
      },
      {
        "model": "sametime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.1"
      },
      {
        "model": "7.3-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "8.4-release-p9",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.1.0.842"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.2"
      },
      {
        "model": "upward integration modules for vmware vsphere",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.0.1"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.3.0.870"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.6.2"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "7.1-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.34"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.0.0.840"
      },
      {
        "model": "data ontap smi-s agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2"
      },
      {
        "model": "matrix operating environment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.8"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.4"
      },
      {
        "model": "-release-p5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.0"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.0"
      },
      {
        "model": "flex system fc3171 8gb san switch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.5.1"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.1"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.1"
      },
      {
        "model": "release-p4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.1"
      },
      {
        "model": "tivoli composite application manager for transactions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.0"
      },
      {
        "model": "tivoli endpoint manager for remote control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.2.1"
      },
      {
        "model": "project openssl 1.0.1g",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "tivoli composite application manager for transactions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.4"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "10.0-release-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "clustered data ontap antivirus connector",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.2"
      },
      {
        "model": "-prerelease",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.0"
      },
      {
        "model": "9.1-rc2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "rational application developer for websphere",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.9"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.1"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.5"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.2.4"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.7"
      },
      {
        "model": "-release/alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.1"
      },
      {
        "model": "8.2-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.2.0"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2.1"
      },
      {
        "model": "9.2-release-p8",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "junos os 14.2r1",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "linerate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.4"
      },
      {
        "model": "oncommand unified manager core package",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5"
      },
      {
        "model": "2-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.2"
      },
      {
        "model": "9.1--releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.2"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.1"
      },
      {
        "model": "proventia network security controller 1.0.3352m",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "6.3-release-p10",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "tivoli composite application manager for transactions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.2.0"
      },
      {
        "model": "9.3-beta3-p2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-release-p20",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.6"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.1"
      },
      {
        "model": "image construction and composition tool",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.1.1"
      },
      {
        "model": "-release-p8",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.3"
      },
      {
        "model": "9.0-release-p6",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-release-p14",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.0"
      },
      {
        "model": "-stablepre2001-07-20",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.5.1"
      },
      {
        "model": "upward integration modules for microsoft system center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5.2"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.5"
      },
      {
        "model": "8.3-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.10"
      },
      {
        "model": "6.3-release-p11",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.14"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.0.5"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.2"
      },
      {
        "model": "virtual connect enterprise manager sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.0"
      },
      {
        "model": "9.2-rc2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3"
      },
      {
        "model": "snapdrive for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.0"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.6"
      },
      {
        "model": "cloudsystem matrix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.3"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.2.0.820"
      },
      {
        "model": "7.2-rc2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "sametime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.2.1"
      },
      {
        "model": "virtual connect 8gb 24-port fc module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "1.0"
      },
      {
        "model": "linerate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.2.2"
      },
      {
        "model": "7.0-release-p12",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "9.0-rc3",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "upward integration modules for microsoft system center",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5.3"
      },
      {
        "model": "open systems snapvault",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.0"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.3"
      },
      {
        "model": "junos os 13.3r4",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.0.11"
      },
      {
        "model": "upward integration modules hardware management pack",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5.2"
      },
      {
        "model": "endpoint manager for remote control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1.0"
      },
      {
        "model": "-release-p3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.11"
      },
      {
        "model": "upward integration modules for microsoft system center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.0.2"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "8.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.4"
      },
      {
        "model": "9.1-release-p12",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "oncommand unified manager core package",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2"
      },
      {
        "model": "upward integration modules integrated installer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5.2"
      },
      {
        "model": "7.1-release-p4",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.3"
      },
      {
        "model": "matrix operating environment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.2"
      },
      {
        "model": "insight control server deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.0"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.0"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.3"
      },
      {
        "model": "linerate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.2.4"
      },
      {
        "model": "7.0-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "sdk for node.js",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.0.3"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.1"
      },
      {
        "model": "rc2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.2"
      },
      {
        "model": "9.0-rc1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.2.1.830"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.2"
      },
      {
        "model": "linerate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.2"
      },
      {
        "model": "upward integration modules for microsoft system center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5.1"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.3"
      },
      {
        "model": "7.2-release-p4",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-stablepre122300",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.2"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.2x"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.0.13"
      },
      {
        "model": "7.1-release-p5",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "7.0-release-p8",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "8.4-release-p8",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "prerelease",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.2"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.1"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.2.1"
      },
      {
        "model": "insight control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2"
      },
      {
        "model": "snapdrive for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.0.2"
      },
      {
        "model": "8.1-release-p5",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.3.2"
      },
      {
        "model": "servicecenter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.2"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.5"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.0.x"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.11"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.7.770"
      },
      {
        "model": "9.3-rc",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "snapdrive for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1"
      },
      {
        "model": "9.3-beta1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "cloudsystem matrix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.1"
      },
      {
        "model": "data ontap smi-s agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.1"
      },
      {
        "model": "8.4-release-p13",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "7.1-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "snapdrive for windows",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.2"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.2"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.2"
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.31"
      },
      {
        "model": "10.0-rc3-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.1.7"
      },
      {
        "model": "-pre-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.2"
      },
      {
        "model": "rational application developer for websphere",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1.0.1"
      },
      {
        "model": "8.0-release",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "flex system fc3171 8gb san switch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1.3"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.10.800"
      },
      {
        "model": "9.3-stable",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "9.2-rc2-p2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.5"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.1"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.11"
      },
      {
        "model": "9.2-release-p7",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "8.3-release-p15",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "project openssl 1.0.1c",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "9.1-release-p11",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.0"
      },
      {
        "model": "9.1-release-p16",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "8.3"
      },
      {
        "model": "-release-p3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.4"
      },
      {
        "model": "7.3-release-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.1.5"
      },
      {
        "model": "7.2-prerelease",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "data ontap smi-s agent",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.3x"
      },
      {
        "model": "9.3-rc2-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "8.3-release-p8",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-stablepre2002-03-07",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.5"
      },
      {
        "model": "project openssl 1.0.1f",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "oncommand workflow automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2"
      },
      {
        "model": "upward integration modules for vmware vsphere",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.0.2"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.4.1"
      },
      {
        "model": "gpfs for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.5.0.11"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.8.780"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "1.2"
      },
      {
        "model": "8.3-release-p11",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.1.6.1"
      },
      {
        "model": "linerate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.2.3"
      },
      {
        "model": "linerate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.3"
      },
      {
        "model": "upward integration modules for microsoft system center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.0.1"
      },
      {
        "model": "upward integration modules scvmm add-in",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.2"
      },
      {
        "model": "7.2-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.3"
      },
      {
        "model": "sametime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0.0.0"
      },
      {
        "model": "8.3-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "9.2-release-p3",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "7.3-release",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "sdk for node.js",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.0.7"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.5"
      },
      {
        "model": "6.4-release-p11",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "oncommand workflow automation",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.0"
      },
      {
        "model": "oncommand unified manager core package 5.2.1p1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.0"
      },
      {
        "model": "8.4-release-p11",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-release-p9",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.3"
      },
      {
        "model": "7.4-release-p12",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.0"
      },
      {
        "model": "matrix operating environment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.2"
      },
      {
        "model": "8.3-release-p14",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "insight control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4"
      },
      {
        "model": "-release-p3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.4"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.7"
      },
      {
        "model": "10.0-release-p5",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "9.1-release-p7",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.2.0.860"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "cloudsystem matrix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.1.1"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "9.1-release-p17",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "upward integration modules for vmware vsphere",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.5.3"
      },
      {
        "model": "flex system fc3171 8gb san pass-thru",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1.2"
      },
      {
        "model": "open systems snapvault 3.0.1p6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.3.0.870"
      },
      {
        "model": "snapdrive for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.2"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "-release-p1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.1"
      },
      {
        "model": "9.3-beta1-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "watson explorer security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.3"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.0.0.840"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "14.1"
      },
      {
        "model": "8-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2"
      },
      {
        "model": "storage provisioning manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.4"
      },
      {
        "model": "-release-p6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.3"
      },
      {
        "model": "8.4-rc1-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-release-p5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.1"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.5"
      },
      {
        "model": "flex system fc3171 8gb san pass-thru",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1.1"
      },
      {
        "model": "8.1-release-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "8.0-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.1"
      },
      {
        "model": "7.1-release-p6",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.1.0"
      },
      {
        "model": "cloudsystem matrix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.2"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.0"
      },
      {
        "model": "-stablepre050201",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.2"
      },
      {
        "model": "8.4-release-p14",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-release-p9",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.0"
      },
      {
        "model": "insight control server deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.2-"
      },
      {
        "model": "9.1-release-p18",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.2"
      },
      {
        "model": "junos os 14.1r2-s2",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "flex system fc3171 8gb san pass-thru",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.3.740"
      },
      {
        "model": "7.3-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "matrix operating environment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4"
      },
      {
        "model": "10.0-release-p4",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "project openssl 1.0.1i",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "i v5r4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.4x"
      },
      {
        "model": "image construction and composition tool",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.1.3"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.0.x"
      },
      {
        "model": "junos os 13.3r3-s2",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.4"
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.33"
      },
      {
        "model": "7.4-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.0"
      },
      {
        "model": "10.0-release-p6",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "tivoli netcool system service monitor fp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "4.0.1"
      },
      {
        "model": "storage provisioning manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.2.2"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.2"
      },
      {
        "model": "i v5r3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "10"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.0"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2.7"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.3"
      },
      {
        "model": "6.4-release-p2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "10.0-release-p2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "i v5r4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.2"
      },
      {
        "model": "9.1-release-p15",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.10"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.3"
      },
      {
        "model": "7.0-release-p3",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "1.1.5.1"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.4"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.5.1"
      },
      {
        "model": "8.2-release-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.1"
      },
      {
        "model": "snapdrive for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.0.3"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.0"
      },
      {
        "model": "9.3-prerelease",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "i v5r3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.2"
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.20"
      },
      {
        "model": "8.3-release-p6",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "storage provisioning manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.2"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3"
      },
      {
        "model": "6.4-release-p4",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.2.0.820"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.4"
      },
      {
        "model": "9.2-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.5"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.5x"
      },
      {
        "model": "8.4-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3"
      },
      {
        "model": "-release-p7",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.8"
      },
      {
        "model": "-release-p32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.5"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.0.10"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.2.2.835"
      },
      {
        "model": "insight control server deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.1.2"
      },
      {
        "model": "7.0-release",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.2"
      },
      {
        "model": "storage provisioning manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.3.2"
      },
      {
        "model": "upward integration modules hardware management pack",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5.3"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2.6"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.4"
      },
      {
        "model": "upward integration modules integrated installer",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5.3"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.2"
      },
      {
        "model": "insight control server deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.1"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.3.3"
      },
      {
        "model": "-release-p20",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.11"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.3"
      },
      {
        "model": "10.0-release-p8",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.1"
      },
      {
        "model": "puredata system for operational analytics",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.2.1.830"
      },
      {
        "model": "8.1-release",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "sdk for node.js",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.0.6"
      },
      {
        "model": "8.4-rc2-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "9.3-rc2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.5.760"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.1x"
      },
      {
        "model": "watson explorer security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0"
      },
      {
        "model": "9.3-rc3-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "9.0--releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "data ontap smi-s agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1.2"
      },
      {
        "model": "9.2-rc1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "8.0"
      },
      {
        "model": "7.4-release-p2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.0"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.0.x"
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.21"
      },
      {
        "model": "9.0-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.6"
      },
      {
        "model": "cloudsystem matrix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.3"
      },
      {
        "model": "rc1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.2"
      },
      {
        "model": "8.4-stable",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "release -p3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "8.2-"
      },
      {
        "model": "8.1-prerelease",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "linux lts",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "14.04"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4"
      },
      {
        "model": "9.3-rc1-p2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "tivoli netcool system service monitor fp14",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "4.0.0"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2x"
      },
      {
        "model": "tivoli management framework",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "4.1.1"
      },
      {
        "model": "cloudsystem matrix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3"
      },
      {
        "model": "7.4-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "1.0"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.9.790"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.1"
      },
      {
        "model": "9.2-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "sdk for node.js",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1"
      },
      {
        "model": "snapdrive for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.1.730"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.0.12"
      },
      {
        "model": "matrix operating environment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.1.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.10"
      },
      {
        "model": "linerate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.2.1"
      },
      {
        "model": "8-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.10.801"
      },
      {
        "model": "-prerelease",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.4"
      },
      {
        "model": "proventia network security controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.1209"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.6"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.3"
      },
      {
        "model": "7.3-release-p3",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.0"
      },
      {
        "model": "8.2-release",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.2"
      },
      {
        "model": "9.2-release-p9",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-release-p38",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.3"
      },
      {
        "model": "sdk for node.js",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.0.5"
      },
      {
        "model": "project openssl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "1.0.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.4"
      },
      {
        "model": "clustered data ontap antivirus connector",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2.2"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "8.4-beta1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.3"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.1"
      },
      {
        "model": "snapdrive for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.0.1"
      },
      {
        "model": "gpfs for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.5"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.3"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2"
      },
      {
        "model": "6.0-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "1.1.5"
      },
      {
        "model": "9.2-release-p5",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2.4"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.0"
      },
      {
        "model": "upward integration modules for microsoft system center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5"
      },
      {
        "model": "10.0-rc2-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "project openssl 1.0.1d",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.1.6"
      },
      {
        "model": "8.4-prerelease",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.1.9"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.2"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.2.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.1x"
      },
      {
        "model": "9.3-release-p1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "flex system fc3171 8gb san switch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1.2"
      },
      {
        "model": "open systems snapvault",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.6"
      },
      {
        "model": "8.4-release-p4",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "project openssl beta1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "1.0.1"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.2"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.2.0.860"
      },
      {
        "model": "8.1-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.5"
      },
      {
        "model": "-release-p14",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.1"
      },
      {
        "model": "matrix operating environment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.1"
      },
      {
        "model": "8.1-release-p4",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.11"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2.5"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "snapdrive for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.1"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.0"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.1.8"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.1.7.1"
      },
      {
        "model": "flex system fc3171 8gb san switch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.1.1"
      },
      {
        "model": "proventia network security controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.913"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.2"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.5"
      },
      {
        "model": "9.1-rc1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "beta4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.0"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.0.1"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.4"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.0"
      },
      {
        "model": "9.0-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "1.1"
      },
      {
        "model": "-release-p5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "8.0"
      },
      {
        "model": "9.2-rc3-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.3.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "14.0"
      },
      {
        "model": "open systems snapvault",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.6.1"
      },
      {
        "model": "7.2-release-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "1.5"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.1841"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.4"
      },
      {
        "model": "-stablepre050201",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.5"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.7"
      },
      {
        "model": "9.2-release-p4",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control agent",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.4"
      },
      {
        "model": "7.3-release-p6",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "release p7",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.3--"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.4"
      },
      {
        "model": "5.4-stable",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "release-p5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.1"
      },
      {
        "model": "9.1-release-p14",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "9.1-release-p3",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "virtual connect enterprise manager sdk",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.8"
      },
      {
        "model": "-release-p10",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.1"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.3"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.2"
      },
      {
        "model": "sdk for node.js",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.1.0.2"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.0"
      },
      {
        "model": "9.3-beta1-p2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.1"
      },
      {
        "model": "project openssl 1.0.1b",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.1"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "2.2.3"
      },
      {
        "model": "matrix operating environment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.1"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.0"
      },
      {
        "model": "10.0-rc1-p1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "sametime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.2.0"
      },
      {
        "model": "watson explorer security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.2"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.7"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.9"
      },
      {
        "model": "10.0-stable",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "9.0-release",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "7.4"
      },
      {
        "model": "upward integration modules for vmware vsphere",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.5.2"
      },
      {
        "model": "linerate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.3.1"
      },
      {
        "model": "-release-p8",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.10"
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.32"
      },
      {
        "model": "snapdrive for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1.1"
      },
      {
        "model": "tivoli composite application manager for transactions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.3.0"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.2"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "9.2-release-p10",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "snapdrive for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "8.4-release-p7",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "snapdrive for unix",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3"
      },
      {
        "model": "-release-p17",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.7"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.2.2.835"
      },
      {
        "model": "7.0-release-p11",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "clustered data ontap antivirus connector",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.1"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.1.0.841"
      },
      {
        "model": "9.1-release-p10",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.2.5"
      },
      {
        "model": "rc1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.2"
      },
      {
        "model": "10.0-release-p7",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "open systems snapvault",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.0.1"
      },
      {
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.1"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.1"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "slackware",
        "version": "13.37"
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.10"
      },
      {
        "model": "-stablepre122300",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.5"
      },
      {
        "model": "project openssl beta2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "1.0.1"
      },
      {
        "model": "proventia network security controller 1.0.3350m",
        "scope": null,
        "trust": 0.3,
        "vendor": "ibm",
        "version": null
      },
      {
        "model": "-releng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "5.3"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.4"
      },
      {
        "model": "9.1-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.0"
      },
      {
        "model": "-prerelease",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.8"
      },
      {
        "model": "-stable",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.6"
      },
      {
        "model": "cloudsystem matrix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.2"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.1.1"
      },
      {
        "model": "system management homepage",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3"
      },
      {
        "model": "insight control server deployment",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.2.2"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.7.770"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "10.0"
      },
      {
        "model": "version control repository manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.4.1"
      },
      {
        "model": "linerate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.3.2"
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.3.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "3.1"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "6.3"
      },
      {
        "model": "9.2-rc1-p2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "8.0-rc1",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "vios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "2.2.1.3"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "8.2"
      },
      {
        "model": "8.2-release-p2",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "-prerelease",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.9"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.4.750"
      },
      {
        "model": "upward integration modules for vmware vsphere",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "3.5.1"
      },
      {
        "model": "proventia network security controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "1.0.1768"
      },
      {
        "model": "-release",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.3"
      },
      {
        "model": "-release-p42",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "4.4"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "8.4"
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.3.4"
      },
      {
        "model": "storage provisioning manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.3"
      },
      {
        "model": "version control agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.10.800"
      },
      {
        "model": "freebsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "freebsd",
        "version": "9.1"
      },
      {
        "model": "6.4-releng",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "project openssl 1.0.1h",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.30"
      },
      {
        "model": "6.4-release-p5",
        "scope": null,
        "trust": 0.3,
        "vendor": "freebsd",
        "version": null
      },
      {
        "model": "version control repository manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "2.1.9.790"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "69077"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-5139"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-5139"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "HP",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "130868"
      },
      {
        "db": "PACKETSTORM",
        "id": "131011"
      },
      {
        "db": "PACKETSTORM",
        "id": "131014"
      },
      {
        "db": "PACKETSTORM",
        "id": "130817"
      },
      {
        "db": "PACKETSTORM",
        "id": "132081"
      },
      {
        "db": "PACKETSTORM",
        "id": "132080"
      },
      {
        "db": "PACKETSTORM",
        "id": "131254"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2014-5139",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2014-5139",
            "trust": 1.0,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-5139"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client. OpenSSL is prone to a local denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the application, resulting  in denial-of-service conditions. \nOpenSSL 1.0.1 prior to 1.0.1i are vulnerable. \n\nReferences:\n\nCVE-2014-3566\nCVE-2014-5139\nSSRT101916\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\nContact vcemsdksupportteam@hp.com to request the HP Virtual Connect\nEnterprise Manager SDK v7.4.1 or later. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04624296\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04624296\nVersion: 1\n\nHPSBMU03304 rev.1 - HP Insight Control server deployment on Linux and\nWindows, Remote Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-04-01\nLast Updated: 2015-04-01\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH), HP Smart Update Manager (SUM), and HP Version\nControl Agent (VCA) which are components of HP Insight Control server\ndeployment. These vulnerabilities are related to the SSLv3 vulnerability\nknown as \"Padding Oracle on Downgraded Legacy Encryption\" or \"POODLE\". The\ncomponents of HP Insight Control server deployment could be exploited\nremotely to allow disclosure of information. \n\nHP Insight Control server deployment includes HP System Management Homepage\n(SMH), HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and\ndeploys them through the following jobs. This bulletin provides the\ninformation needed to update the vulnerable components in HP Insight Control\nserver deployment. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\nUpgrade Proliant Firmware\n\nReferences:\n\nCVE-2014-3508\nCVE-2014-3509\nCVE-2014-3511\nCVE-2014-3513\nCVE-2014-3566\nCVE-2014-3567\nCVE-2014-3568\nCVE-2014-5139\nSSRT102004\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2014-3508    (AV:N/AC:M/Au:N/C:P/I:N/A:N)       4.3\nCVE-2014-3509    (AV:N/AC:M/Au:N/C:P/I:P/A:P)       6.8\nCVE-2014-3511    (AV:N/AC:M/Au:N/C:N/I:P/A:N)       4.3\nCVE-2014-3513    (AV:N/AC:M/Au:N/C:N/I:N/A:C)       7.1\nCVE-2014-3566    (AV:N/AC:M/Au:N/C:P/I:N/A:N)       4.3\nCVE-2014-3567    (AV:N/AC:M/Au:N/C:N/I:N/A:C)       7.1\nCVE-2014-3568    (AV:N/AC:M/Au:N/C:N/I:P/A:N)       4.3\nCVE-2014-5139    (AV:N/AC:M/Au:N/C:N/I:N/A:P)       4.3\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following instructions to resolve this vulnerability. \n\nNote: For HP Insight deployment Control server v7.1.2, v7.2.0, v7.2.1 and\nv7.2.2, you must upgrade to v7.3.1 and follow the steps from 1 to 11\nmentioned below to resolve the vulnerability. \n\nDelete the files smh*.exe from Component Copy Location listed in the\nfollowing table, rows 1 and 2. \nDelete the files vca*.exe/vcaamd64-*.exe from Component Copy Location listed\nin the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-bd2042a1c7574aad90c4839efe\n smhamd64-cp023964.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-062078f1ae354b7e99c86c151c\n smhx86-cp023963.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-7b23e47d5d9b420b94bd1323eb\n vcax86 cp025295.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-2557aa7dc1654cf6b547c1a9e4\n vcaamd64-cp025296.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-5827037475e44abab586463723\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\n6\n http://www.hp.com/swpublishing/MTX-57ab6bb78b6e47a18718f44133\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\n7\n http://www.hp.com/swpublishing/MTX-34bcab41ac7e4db299e3f5f2f1\n smhx86-cp025274.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2003\n\n8\n http://www.hp.com/swpublishing/MTX-00eb9ac82e86449e8c3ba101bd\n smhamd64-cp025275.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2003\n\nDownload and extract the HP SUM component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p991570621/v99346\n\nCopy all content from extracted folder and paste at\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on the target running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on the target running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on the target running\nRHEL 6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on the target running\nRHEL 5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 job on the target\nrunning Windows. \n\nHISTORY\nVersion:1 (rev.1) - 1 April 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel.  For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlUb+3EACgkQ4B86/C0qfVnD1wCg+LtrJpQcATsjJ308tHP49nog\n0sgAoJ5L9/aT7iAxhlnZdRatqjBoIFxb\n=pzE4\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1i-i486-1_slack14.1.txz:  Upgraded. \n  This update fixes several security issues:\n  Double Free when processing DTLS packets (CVE-2014-3505)\n  DTLS memory exhaustion (CVE-2014-3506)\n  DTLS memory leak from zero-length fragments (CVE-2014-3507)\n  Information leak in pretty printing functions (CVE-2014-3508)\n  Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)\n  OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)\n  OpenSSL TLS protocol downgrade attack (CVE-2014-3511)\n  SRP buffer overrun (CVE-2014-3512)\n  Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)\n  For more information, see:\n    https://www.openssl.org/news/secadv_20140806.txt\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139\n  (* Security fix *)\npatches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz:  Upgraded. \n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zb-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zb-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zb-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1i-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1i-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1i-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1i-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1i-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1i-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1i-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n30bdc015b10d8891b90d3f6ea34f5fdd  openssl-0.9.8zb-i486-1_slack13.0.txz\n3dc4140c22c04c94e5e74386a5a1c200  openssl-solibs-0.9.8zb-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n3da32f51273762d67bf9dbcc91af9413  openssl-0.9.8zb-x86_64-1_slack13.0.txz\n075e5d12e5b909ecac923cb210f83544  openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n3b7e2bb2b317bf72b8f9b2b7a14bddfb  openssl-0.9.8zb-i486-1_slack13.1.txz\n92af0784eade0674332a56bfab73b97d  openssl-solibs-0.9.8zb-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\ndf5f961109d7b50971660ca6a7d4c48c  openssl-0.9.8zb-x86_64-1_slack13.1.txz\n582aaeae3d56730a2e1538a67d4e44da  openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n546445d56d3b367fa0dd4e80859c4620  openssl-0.9.8zb-i486-1_slack13.37.txz\nb80e9df8cdd0649939ec2fab20d24691  openssl-solibs-0.9.8zb-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n9c9ce97dc21340924a3e27c1a8047023  openssl-0.9.8zb-x86_64-1_slack13.37.txz\n0fe1931f2fc82fb8d5fbe72680caf843  openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\nd1580f4b22b99cee42b22276653c8180  openssl-1.0.1i-i486-1_slack14.0.txz\nec93cec2bcab8ae7391a504573cbc231  openssl-solibs-1.0.1i-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n329475de3759225b1d02aa7317b2eb58  openssl-1.0.1i-x86_64-1_slack14.0.txz\n25f2a198022d974534986a3913ca705c  openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n8336457bc31d44ebf502ffc4443f12f7  openssl-1.0.1i-i486-1_slack14.1.txz\n4b99ac357fbd3065c53367eea246b8c7  openssl-solibs-1.0.1i-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nf2b8f81d9d7dc02e5d1011f663ccc95d  openssl-1.0.1i-x86_64-1_slack14.1.txz\n4360abffbb57cb18ba0720f782d78250  openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n49ecd332a899cf742d3467a6efe44269  a/openssl-solibs-1.0.1i-i486-1.txz\n27da017c49045981b1793f105aff365f  n/openssl-1.0.1i-i486-1.txz\n\nSlackware x86_64 -current packages:\n8d74f3d770802182137c84d925f58cbc  a/openssl-solibs-1.0.1i-x86_64-1.txz\nfd9d94d3210f0aedf74959cb0887e2b8  n/openssl-1.0.1i-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1i-i486-1_slack14.1.txz openssl-solibs-1.0.1i-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. OpenSSL Security Advisory [6 Aug 2014]\n========================================\n\nInformation leak in pretty printing functions (CVE-2014-3508)\n=============================================================\n\nA flaw in OBJ_obj2txt may cause pretty printing functions such as\nX509_name_oneline, X509_name_print_ex et al. to leak some information from the\nstack. Applications may be affected if they echo pretty printing output to the\nattacker. OpenSSL SSL/TLS clients and servers themselves are not affected. \n\nThanks to Ivan Fratric (Google) for discovering this issue. This issue\nwas reported to OpenSSL on 19th June 2014. \n\nThe fix was developed by Emilia K\u00e4sper and Stephen Henson of the OpenSSL\ndevelopment team. This can\nbe exploited through a Denial of Service attack. \n\nOpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. \n\nThanks to Joonas Kuorilehto and Riku Hietam\u00e4ki (Codenomicon) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 2nd July 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nRace condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)\n==============================================================\n\nIf a multithreaded client connects to a malicious server using a resumed session\nand the server sends an ec point format extension it could write up to 255 bytes\nto freed memory. \n\nOpenSSL 1.0.0 SSL/TLS client users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. \n\nThanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this\nissue. This issue was reported to OpenSSL on 8th July 2014. \n\nThe fix was developed by Gabor Tyukasz. \n\n\nDouble Free when processing DTLS packets (CVE-2014-3505)\n========================================================\n\nAn attacker can force an error condition which causes openssl to crash whilst\nprocessing DTLS packets due to memory being freed twice. This can be exploited\nthrough a Denial of Service attack. \n\nThanks to Adam Langley and Wan-Teh Chang (Google) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 6th June\n2014. \n\nThe fix was developed by Adam Langley. \n\n\nDTLS memory exhaustion (CVE-2014-3506)\n======================================\n\nAn attacker can force openssl to consume large amounts of memory whilst\nprocessing DTLS handshake messages. This can be exploited through a Denial of\nService attack. \n\nThanks to Adam Langley (Google) for discovering and researching this\nissue. This issue was reported to OpenSSL on 6th June 2014. \n\nThe fix was developed by Adam Langley. \n\n\nDTLS memory leak from zero-length fragments (CVE-2014-3507)\n===========================================================\n\nBy sending carefully crafted DTLS packets an attacker could cause openssl to\nleak memory. This can be exploited through a Denial of Service attack. \n\nThanks to Adam Langley (Google) for discovering and researching this\nissue. This issue was reported to OpenSSL on 6th June 2014. \n\nThe fix was developed by Adam Langley. \n\nOpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)\n===============================================================\n\nOpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a\ndenial of service attack. \n\nOpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb\nOpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i. \n\nThanks to Felix Gr\u00f6bert (Google) for discovering and researching this issue. \nThis issue was reported to OpenSSL on 18th July 2014. \n\nThe fix was developed by Emilia K\u00e4sper of the OpenSSL development team. \n\n\nOpenSSL TLS protocol downgrade attack (CVE-2014-3511)\n=====================================================\n\nA flaw in the OpenSSL SSL/TLS server code causes the server to negotiate\nTLS 1.0 instead of higher protocol versions when the ClientHello message is\nbadly fragmented. This allows a man-in-the-middle attacker to force a\ndowngrade to TLS 1.0 even if both the server and the client support a higher\nprotocol version, by modifying the client\u0027s TLS records. \n\nOpenSSL 1.0.1 SSL/TLS server users should upgrade to 1.0.1i. \n\nThanks to David Benjamin and Adam Langley (Google) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 21st July 2014. \n\nThe fix was developed by David Benjamin. \n\n\nSRP buffer overrun (CVE-2014-3512)\n==================================\n\nA malicious client or server can send invalid SRP parameters and overrun\nan internal buffer. Only applications which are explicitly set up for SRP\nuse are affected. \n\nThanks to Sean Devlin and Watson Ladd (Cryptography Services, NCC\nGroup) for discovering this issue. This issue was reported to OpenSSL\non 31st July 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20140806.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-5139"
      },
      {
        "db": "BID",
        "id": "69077"
      },
      {
        "db": "PACKETSTORM",
        "id": "130868"
      },
      {
        "db": "PACKETSTORM",
        "id": "131011"
      },
      {
        "db": "PACKETSTORM",
        "id": "131014"
      },
      {
        "db": "PACKETSTORM",
        "id": "130817"
      },
      {
        "db": "PACKETSTORM",
        "id": "132081"
      },
      {
        "db": "PACKETSTORM",
        "id": "132080"
      },
      {
        "db": "PACKETSTORM",
        "id": "131254"
      },
      {
        "db": "PACKETSTORM",
        "id": "127811"
      },
      {
        "db": "PACKETSTORM",
        "id": "169648"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-5139",
        "trust": 2.2
      },
      {
        "db": "BID",
        "id": "69077",
        "trust": 1.3
      },
      {
        "db": "SECUNIA",
        "id": "60022",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "60810",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "59700",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "61100",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "61392",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "61959",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "59710",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "61017",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "61171",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "60917",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "60493",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "60921",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "60803",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "60221",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "61775",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "59756",
        "trust": 1.0
      },
      {
        "db": "SECUNIA",
        "id": "61184",
        "trust": 1.0
      },
      {
        "db": "SECTRACK",
        "id": "1030693",
        "trust": 1.0
      },
      {
        "db": "TENABLE",
        "id": "TNS-2014-06",
        "trust": 1.0
      },
      {
        "db": "JUNIPER",
        "id": "JSA10649",
        "trust": 0.3
      },
      {
        "db": "PACKETSTORM",
        "id": "130868",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "131011",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "131014",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "130817",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "132081",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "132080",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "131254",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "127811",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "169648",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "69077"
      },
      {
        "db": "PACKETSTORM",
        "id": "130868"
      },
      {
        "db": "PACKETSTORM",
        "id": "131011"
      },
      {
        "db": "PACKETSTORM",
        "id": "131014"
      },
      {
        "db": "PACKETSTORM",
        "id": "130817"
      },
      {
        "db": "PACKETSTORM",
        "id": "132081"
      },
      {
        "db": "PACKETSTORM",
        "id": "132080"
      },
      {
        "db": "PACKETSTORM",
        "id": "131254"
      },
      {
        "db": "PACKETSTORM",
        "id": "127811"
      },
      {
        "db": "PACKETSTORM",
        "id": "169648"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-5139"
      }
    ]
  },
  "id": "VAR-201408-0212",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.42424244
  },
  "last_update_date": "2024-07-04T21:41:39.624000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-5139"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.5,
        "url": "https://www.openssl.org/news/secadv_20140806.txt"
      },
      {
        "trust": 1.3,
        "url": "https://www.freebsd.org/security/advisories/freebsd-sa-14:18.openssl.asc"
      },
      {
        "trust": 1.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
      },
      {
        "trust": 1.0,
        "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-008.txt.asc"
      },
      {
        "trust": 1.0,
        "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
      },
      {
        "trust": 1.0,
        "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/59700"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/59710"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/59756"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/60022"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/60221"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/60493"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/60803"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/60810"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/60917"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/60921"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/61017"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/61100"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/61171"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/61184"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/61392"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/61775"
      },
      {
        "trust": 1.0,
        "url": "http://secunia.com/advisories/61959"
      },
      {
        "trust": 1.0,
        "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
      },
      {
        "trust": 1.0,
        "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html"
      },
      {
        "trust": 1.0,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020240"
      },
      {
        "trust": 1.0,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
      },
      {
        "trust": 1.0,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
      },
      {
        "trust": 1.0,
        "url": "http://www.debian.org/security/2014/dsa-2998"
      },
      {
        "trust": 1.0,
        "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/69077"
      },
      {
        "trust": 1.0,
        "url": "http://www.securitytracker.com/id/1030693"
      },
      {
        "trust": 1.0,
        "url": "http://www.tenable.com/security/tns-2014-06"
      },
      {
        "trust": 1.0,
        "url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=80bd7b41b30af6ee96f519e629463583318de3b0"
      },
      {
        "trust": 1.0,
        "url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=83764a989dcc87fbea337da5f8f86806fe767b7e"
      },
      {
        "trust": 1.0,
        "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-september/000196.html"
      },
      {
        "trust": 0.9,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-5139"
      },
      {
        "trust": 0.7,
        "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
      },
      {
        "trust": 0.7,
        "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508"
      },
      {
        "trust": 0.7,
        "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
      },
      {
        "trust": 0.3,
        "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=80bd7b41b30af6ee96f519e629463583318de3b0"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021317"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2014-5139"
      },
      {
        "trust": 0.3,
        "url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
      },
      {
        "trust": 0.3,
        "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04571956"
      },
      {
        "trust": 0.3,
        "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04574073"
      },
      {
        "trust": 0.3,
        "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04587108"
      },
      {
        "trust": 0.3,
        "url": "http://seclists.org/bugtraq/2015/mar/84"
      },
      {
        "trust": 0.3,
        "url": "http://seclists.org/bugtraq/2015/feb/151"
      },
      {
        "trust": 0.3,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10649\u0026cat=sirt_1\u0026actp=list"
      },
      {
        "trust": 0.3,
        "url": "aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
      },
      {
        "trust": 0.3,
        "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04512909"
      },
      {
        "trust": 0.3,
        "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04570627"
      },
      {
        "trust": 0.3,
        "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04624296"
      },
      {
        "trust": 0.3,
        "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21684570"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685467"
      },
      {
        "trust": 0.3,
        "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21682293"
      },
      {
        "trust": 0.3,
        "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097658"
      },
      {
        "trust": 0.3,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127491"
      },
      {
        "trust": 0.3,
        "url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020240"
      },
      {
        "trust": 0.3,
        "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691005"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783"
      },
      {
        "trust": 0.3,
        "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21683389"
      },
      {
        "trust": 0.3,
        "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098264"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682034"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686182"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682016"
      },
      {
        "trust": 0.3,
        "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html?ref=rss"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966557"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683744"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3505"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3512"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3510"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3507"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3506"
      },
      {
        "trust": 0.2,
        "url": "http://www.hp.com/swpublishing/mtx-57ab6bb78b6e47a18718f44133"
      },
      {
        "trust": 0.2,
        "url": "http://www.hp.com/swpublishing/mtx-2557aa7dc1654cf6b547c1a9e4"
      },
      {
        "trust": 0.2,
        "url": "http://www.hp.com/swpublishing/mtx-7b23e47d5d9b420b94bd1323eb"
      },
      {
        "trust": 0.2,
        "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
      },
      {
        "trust": 0.2,
        "url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
      },
      {
        "trust": 0.1,
        "url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.hp.com/swpublishing/mtx-bd2042a1c7574aad90c4839efe"
      },
      {
        "trust": 0.1,
        "url": "http://www.hp.com/swpublishing/mtx-00eb9ac82e86449e8c3ba101bd"
      },
      {
        "trust": 0.1,
        "url": "http://www.hp.com/swpublishing/mtx-34bcab41ac7e4db299e3f5f2f1"
      },
      {
        "trust": 0.1,
        "url": "http://www.hp.com/swpublishing/mtx-062078f1ae354b7e99c86c151c"
      },
      {
        "trust": 0.1,
        "url": "http://www.hp.com/swpublishing/mtx-5827037475e44abab586463723"
      },
      {
        "trust": 0.1,
        "url": "http://slackware.com"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3510"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3509"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3511"
      },
      {
        "trust": 0.1,
        "url": "http://slackware.com/gpg-key"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3506"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3512"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3505"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3508"
      },
      {
        "trust": 0.1,
        "url": "http://osuosl.org)"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5139"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3507"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "69077"
      },
      {
        "db": "PACKETSTORM",
        "id": "130868"
      },
      {
        "db": "PACKETSTORM",
        "id": "131011"
      },
      {
        "db": "PACKETSTORM",
        "id": "131014"
      },
      {
        "db": "PACKETSTORM",
        "id": "130817"
      },
      {
        "db": "PACKETSTORM",
        "id": "132081"
      },
      {
        "db": "PACKETSTORM",
        "id": "132080"
      },
      {
        "db": "PACKETSTORM",
        "id": "131254"
      },
      {
        "db": "PACKETSTORM",
        "id": "127811"
      },
      {
        "db": "PACKETSTORM",
        "id": "169648"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-5139"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "69077"
      },
      {
        "db": "PACKETSTORM",
        "id": "130868"
      },
      {
        "db": "PACKETSTORM",
        "id": "131011"
      },
      {
        "db": "PACKETSTORM",
        "id": "131014"
      },
      {
        "db": "PACKETSTORM",
        "id": "130817"
      },
      {
        "db": "PACKETSTORM",
        "id": "132081"
      },
      {
        "db": "PACKETSTORM",
        "id": "132080"
      },
      {
        "db": "PACKETSTORM",
        "id": "131254"
      },
      {
        "db": "PACKETSTORM",
        "id": "127811"
      },
      {
        "db": "PACKETSTORM",
        "id": "169648"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-5139"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-08-06T00:00:00",
        "db": "BID",
        "id": "69077"
      },
      {
        "date": "2015-03-18T00:44:34",
        "db": "PACKETSTORM",
        "id": "130868"
      },
      {
        "date": "2015-03-25T00:41:42",
        "db": "PACKETSTORM",
        "id": "131011"
      },
      {
        "date": "2015-03-25T00:42:25",
        "db": "PACKETSTORM",
        "id": "131014"
      },
      {
        "date": "2015-03-13T17:11:14",
        "db": "PACKETSTORM",
        "id": "130817"
      },
      {
        "date": "2015-05-29T23:37:11",
        "db": "PACKETSTORM",
        "id": "132081"
      },
      {
        "date": "2015-05-29T23:37:04",
        "db": "PACKETSTORM",
        "id": "132080"
      },
      {
        "date": "2015-04-02T00:37:56",
        "db": "PACKETSTORM",
        "id": "131254"
      },
      {
        "date": "2014-08-11T11:11:00",
        "db": "PACKETSTORM",
        "id": "127811"
      },
      {
        "date": "2014-08-06T12:12:12",
        "db": "PACKETSTORM",
        "id": "169648"
      },
      {
        "date": "2014-08-13T23:55:07.717000",
        "db": "NVD",
        "id": "CVE-2014-5139"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-26T23:01:00",
        "db": "BID",
        "id": "69077"
      },
      {
        "date": "2023-11-07T02:20:43.020000",
        "db": "NVD",
        "id": "CVE-2014-5139"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "69077"
      }
    ],
    "trust": 0.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability",
    "sources": [
      {
        "db": "BID",
        "id": "69077"
      }
    ],
    "trust": 0.3
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "69077"
      }
    ],
    "trust": 0.3
  }
}

gsd-2014-5139

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2014-5139

Aliases

CVE-2014-5139

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-5139",
    "description": "The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.",
    "id": "GSD-2014-5139",
    "references": [
      "https://www.suse.com/security/cve/CVE-2014-5139.html",
      "https://www.debian.org/security/2014/dsa-2998",
      "https://ubuntu.com/security/CVE-2014-5139",
      "https://advisories.mageia.org/CVE-2014-5139.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2014-5139.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-5139"
      ],
      "details": "The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.",
      "id": "GSD-2014-5139",
      "modified": "2023-12-13T01:22:52.376233Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2014-5139",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "openSUSE-SU-2014:1052",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
          },
          {
            "name": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html",
            "refsource": "CONFIRM",
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html"
          },
          {
            "name": "60221",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/60221"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
          },
          {
            "name": "61184",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/61184"
          },
          {
            "name": "SSRT101846",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
          },
          {
            "name": "60022",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/60022"
          },
          {
            "name": "https://www.openssl.org/news/secadv_20140806.txt",
            "refsource": "CONFIRM",
            "url": "https://www.openssl.org/news/secadv_20140806.txt"
          },
          {
            "name": "61017",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/61017"
          },
          {
            "name": "SSRT101818",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
          },
          {
            "name": "HPSBMU03304",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
          },
          {
            "name": "HPSBMU03259",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
          },
          {
            "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
          },
          {
            "name": "GLSA-201412-39",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
          },
          {
            "name": "HPSBHF03293",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
          },
          {
            "name": "69077",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/69077"
          },
          {
            "name": "HPSBMU03260",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
          },
          {
            "name": "60803",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/60803"
          },
          {
            "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=80bd7b41b30af6ee96f519e629463583318de3b0",
            "refsource": "CONFIRM",
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=80bd7b41b30af6ee96f519e629463583318de3b0"
          },
          {
            "name": "59700",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/59700"
          },
          {
            "name": "1030693",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1030693"
          },
          {
            "name": "60917",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/60917"
          },
          {
            "name": "HPSBMU03216",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
          },
          {
            "name": "http://www.tenable.com/security/tns-2014-06",
            "refsource": "CONFIRM",
            "url": "http://www.tenable.com/security/tns-2014-06"
          },
          {
            "name": "NetBSD-SA2014-008",
            "refsource": "NETBSD",
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc"
          },
          {
            "name": "60493",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/60493"
          },
          {
            "name": "59710",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/59710"
          },
          {
            "name": "60921",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/60921"
          },
          {
            "name": "60810",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/60810"
          },
          {
            "name": "HPSBMU03283",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240"
          },
          {
            "name": "61100",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/61100"
          },
          {
            "name": "FreeBSD-SA-14:18",
            "refsource": "FREEBSD",
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc"
          },
          {
            "name": "61775",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/61775"
          },
          {
            "name": "SSRT101894",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
          },
          {
            "name": "DSA-2998",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2014/dsa-2998"
          },
          {
            "name": "HPSBMU03263",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
          },
          {
            "name": "SSRT101921",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
          },
          {
            "name": "61959",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/61959"
          },
          {
            "name": "59756",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/59756"
          },
          {
            "name": "HPSBMU03262",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
          },
          {
            "name": "HPSBMU03267",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
          },
          {
            "name": "HPSBMU03261",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
          },
          {
            "name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc",
            "refsource": "CONFIRM",
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
          },
          {
            "name": "61392",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/61392"
          },
          {
            "name": "SSRT101916",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
          },
          {
            "name": "[syslog-ng-announce] 20140910 syslog-ng Premium Edition 5 LTS (5.0.6a) has been released",
            "refsource": "MLIST",
            "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html"
          },
          {
            "name": "61171",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/61171"
          },
          {
            "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=83764a989dcc87fbea337da5f8f86806fe767b7e",
            "refsource": "CONFIRM",
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=83764a989dcc87fbea337da5f8f86806fe767b7e"
          },
          {
            "name": "SSRT101922",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2014-5139"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=80bd7b41b30af6ee96f519e629463583318de3b0",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=80bd7b41b30af6ee96f519e629463583318de3b0"
            },
            {
              "name": "https://www.openssl.org/news/secadv_20140806.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.openssl.org/news/secadv_20140806.txt"
            },
            {
              "name": "69077",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/69077"
            },
            {
              "name": "http://www.tenable.com/security/tns-2014-06",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.tenable.com/security/tns-2014-06"
            },
            {
              "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=83764a989dcc87fbea337da5f8f86806fe767b7e",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=83764a989dcc87fbea337da5f8f86806fe767b7e"
            },
            {
              "name": "60810",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/60810"
            },
            {
              "name": "60917",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/60917"
            },
            {
              "name": "NetBSD-SA2014-008",
              "refsource": "NETBSD",
              "tags": [],
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc"
            },
            {
              "name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
            },
            {
              "name": "60921",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/60921"
            },
            {
              "name": "DSA-2998",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2014/dsa-2998"
            },
            {
              "name": "openSUSE-SU-2014:1052",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
            },
            {
              "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
            },
            {
              "name": "61775",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/61775"
            },
            {
              "name": "61959",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/61959"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
            },
            {
              "name": "59756",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/59756"
            },
            {
              "name": "GLSA-201412-39",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
            },
            {
              "name": "HPSBMU03260",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
            },
            {
              "name": "HPSBMU03259",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
            },
            {
              "name": "HPSBMU03283",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
            },
            {
              "name": "SSRT101818",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
            },
            {
              "name": "SSRT101921",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
            },
            {
              "name": "HPSBMU03267",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
            },
            {
              "name": "SSRT101922",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
            },
            {
              "name": "SSRT101846",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
            },
            {
              "name": "HPSBMU03304",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
            },
            {
              "name": "HPSBMU03263",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
            },
            {
              "name": "HPSBMU03261",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
            },
            {
              "name": "FreeBSD-SA-14:18",
              "refsource": "FREEBSD",
              "tags": [],
              "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc"
            },
            {
              "name": "[syslog-ng-announce] 20140910 syslog-ng Premium Edition 5 LTS (5.0.6a) has been released",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240"
            },
            {
              "name": "1030693",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1030693"
            },
            {
              "name": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html"
            },
            {
              "name": "61392",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/61392"
            },
            {
              "name": "61184",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/61184"
            },
            {
              "name": "61171",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/61171"
            },
            {
              "name": "61100",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/61100"
            },
            {
              "name": "61017",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/61017"
            },
            {
              "name": "60803",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/60803"
            },
            {
              "name": "60493",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/60493"
            },
            {
              "name": "60221",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/60221"
            },
            {
              "name": "60022",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/60022"
            },
            {
              "name": "59710",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/59710"
            },
            {
              "name": "59700",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/59700"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-01-07T03:00Z",
      "publishedDate": "2014-08-13T23:55Z"
    }
  }
}

wid-sec-w-2023-0498

Vulnerability from csaf_certbund

Published

2014-08-06 22:00

Modified

2023-02-27 23:00

Summary

OpenSSL: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen, Informationen offenzulegen und eine Protokoll Downgrade Attacke durchzuführen.

Betroffene Betriebssysteme

- UNIX - Linux - Windows - Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Informationen offenzulegen und eine Protokoll Downgrade Attacke durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-0498 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2014/wid-sec-w-2023-0498.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-0498 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0498"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 690129 vom 2023-02-28",
        "url": "https://www.ibm.com/support/pages/node/690129"
      },
      {
        "category": "external",
        "summary": "OpenSSL Security Advisory vom 2014-08-06",
        "url": "https://www.openssl.org/news/secadv_20140806.txt"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-2308-1 vom 2014-08-07",
        "url": "http://www.ubuntu.com/usn/usn-2308-1/"
      },
      {
        "category": "external",
        "summary": "OpenVPN 2.3.4 Release Notes",
        "url": "http://openvpn.net/index.php/open-source/downloads.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2014:1053-1 vom 2014-08-13",
        "url": "http://rhn.redhat.com/errata/RHSA-2014-1053.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2014:1052-1 vom 2014-08-13",
        "url": "http://rhn.redhat.com/errata/RHSA-2014-1052.html"
      },
      {
        "category": "external",
        "summary": "CentOS Errata and Security Advisory CESA-2014:1053 vom 2014-08-13",
        "url": "http://centos.distrosfaqs.org/centos-announce/cesa-20141053-moderate-centos-5-openssl-update/"
      },
      {
        "category": "external",
        "summary": "CentOS Errata and Security Advisory CESA-2014:1052 vom 2014-08-13",
        "url": "http://centos.distrosfaqs.org/centos-announce/cesa-20141052-moderate-centos-6-openssl-update/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2014:1054-1 vom 2014-08-14",
        "url": "http://rhn.redhat.com/errata/RHSA-2014-1054.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBUX03095 SSRT101674 rev.1 vom 2014-08-15",
        "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c04404655"
      },
      {
        "category": "external",
        "summary": "SUSE Security update for openssl1 (9599)",
        "url": "http://download.novell.com/patch/finder/?keywords=f511564183b6f13c2dc78cf5451408d0"
      },
      {
        "category": "external",
        "summary": "SUSE Security update for OpenSSL (9598)",
        "url": "http://download.novell.com/patch/finder/?keywords=30032dcfaed48d7e5c0c3457c07419da"
      },
      {
        "category": "external",
        "summary": "NetBSD Security Advisory 2014-008 vom 2014-08-27",
        "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc"
      },
      {
        "category": "external",
        "summary": "WinSCP Versionshistorie f\u00fcr 5.5.5 vom 2014-08-21",
        "url": "http://winscp.net/eng/docs/history#5.5.5"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory SOL15573 vom 2014-09-05",
        "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15573.html?ref=rss"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory SOL15568 vom 2014-09-05",
        "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15568.html?ref=rss"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory SOL15564 vom 2014-09-05",
        "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15564.html?ref=rss"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory SOL15571 vom 2014-09-05",
        "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15571.html?ref=rss"
      },
      {
        "category": "external",
        "summary": "FreeBSD Security Advisory FreeBSD-SA-14:18.openssl vom 2014-09-09",
        "url": "http://security.freebsd.org/advisories/FreeBSD-SA-14:18.openssl.asc"
      },
      {
        "category": "external",
        "summary": "HP SECURITY BULLETIN Document ID: c04426586",
        "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04426586"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory RHSA-2014:1256-1",
        "url": "https://rhn.redhat.com/errata/RHSA-2014-1256.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Advisory vom 2014-09-09",
        "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
      },
      {
        "category": "external",
        "summary": "SUSE Security update for OpenSSL (9662) vom 2014-09-09",
        "url": "https://download.suse.com/patch/finder/?keywords=d131eebfce5c601b41e006539b73bcb9"
      },
      {
        "category": "external",
        "summary": "SUSE Security update for OpenSSL (8933) vom 2014-09-09",
        "url": "https://download.suse.com/patch/finder/?keywords=a13af464a610cda0eae18606907ad3af"
      },
      {
        "category": "external",
        "summary": "SUSE Security update for OpenSSL (8935) vom 2014-09-09",
        "url": "https://download.suse.com/patch/finder/?keywords=9b67b5e9df54ba01bdf516a4768dfc90"
      },
      {
        "category": "external",
        "summary": "SUSE Security update for OpenSSL (9663) vom 2014-09-09",
        "url": "https://download.suse.com/patch/finder/?keywords=99670be4c48bf7d4b638d26f459ded32"
      },
      {
        "category": "external",
        "summary": "Oracle Third Party Vulnerability Resolution Blog",
        "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_3505_denial_of"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA 201412-39 vom 2014-12-25",
        "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
      },
      {
        "category": "external",
        "summary": "sa85 vom 2015-01-14",
        "url": "https://kb.bluecoat.com/security-advisory/sa85"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2015:0126-1 vom 2015-02-04",
        "url": "http://rhn.redhat.com/errata/RHSA-2015-0126.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin Document ID: c04512909",
        "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04512909"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBMU03260 rev.1",
        "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04571379"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin Document ID: c04570627",
        "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04570627"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2015:0578-1 vom 2015-03-23",
        "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150578-1.html"
      },
      {
        "category": "external",
        "summary": "HP Security Bulletin HPSBMU03263",
        "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04574073"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2014:1104-1 vom 2016-01-22",
        "url": "https://www.suse.com/support/update/announcement/2014/suse-su-20141104-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-4581 vom 2019-03-13",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4581.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-4747 vom 2019-08-16",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4747.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2021-9150 vom 2021-04-01",
        "url": "https://linux.oracle.com/errata/ELSA-2021-9150.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9272 vom 2022-04-08",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9272.html"
      }
    ],
    "source_lang": "en-US",
    "title": "OpenSSL: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-02-27T23:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T17:16:26.595+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-0498",
      "initial_release_date": "2014-08-06T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2014-08-06T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2014-08-06T22:00:00.000+00:00",
          "number": "2",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-07T22:00:00.000+00:00",
          "number": "3",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-07T22:00:00.000+00:00",
          "number": "4",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-07T22:00:00.000+00:00",
          "number": "5",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-12T22:00:00.000+00:00",
          "number": "6",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-12T22:00:00.000+00:00",
          "number": "7",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-13T22:00:00.000+00:00",
          "number": "8",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-13T22:00:00.000+00:00",
          "number": "9",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-13T22:00:00.000+00:00",
          "number": "10",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-13T22:00:00.000+00:00",
          "number": "11",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-13T22:00:00.000+00:00",
          "number": "12",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-14T22:00:00.000+00:00",
          "number": "13",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-14T22:00:00.000+00:00",
          "number": "14",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-18T22:00:00.000+00:00",
          "number": "15",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-18T22:00:00.000+00:00",
          "number": "16",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-18T22:00:00.000+00:00",
          "number": "17",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-18T22:00:00.000+00:00",
          "number": "18",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-20T22:00:00.000+00:00",
          "number": "19",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-20T22:00:00.000+00:00",
          "number": "20",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-24T22:00:00.000+00:00",
          "number": "21",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-24T22:00:00.000+00:00",
          "number": "22",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-08-27T22:00:00.000+00:00",
          "number": "23",
          "summary": "New remediations available"
        },
        {
          "date": "2014-08-27T22:00:00.000+00:00",
          "number": "24",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-09-07T22:00:00.000+00:00",
          "number": "25",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-07T22:00:00.000+00:00",
          "number": "26",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-09-07T22:00:00.000+00:00",
          "number": "27",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-07T22:00:00.000+00:00",
          "number": "28",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-09-07T22:00:00.000+00:00",
          "number": "29",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-07T22:00:00.000+00:00",
          "number": "30",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-07T22:00:00.000+00:00",
          "number": "31",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-09-09T22:00:00.000+00:00",
          "number": "32",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-09T22:00:00.000+00:00",
          "number": "33",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-09-09T22:00:00.000+00:00",
          "number": "34",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-09T22:00:00.000+00:00",
          "number": "35",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-09-09T22:00:00.000+00:00",
          "number": "36",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-09T22:00:00.000+00:00",
          "number": "37",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-09T22:00:00.000+00:00",
          "number": "38",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-09T22:00:00.000+00:00",
          "number": "39",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-09T22:00:00.000+00:00",
          "number": "40",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-09-14T22:00:00.000+00:00",
          "number": "41",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-14T22:00:00.000+00:00",
          "number": "42",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-09-17T22:00:00.000+00:00",
          "number": "43",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-17T22:00:00.000+00:00",
          "number": "44",
          "summary": "New remediations available"
        },
        {
          "date": "2014-09-17T22:00:00.000+00:00",
          "number": "45",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2014-12-28T23:00:00.000+00:00",
          "number": "46",
          "summary": "New remediations available"
        },
        {
          "date": "2015-01-14T23:00:00.000+00:00",
          "number": "47",
          "summary": "New remediations available"
        },
        {
          "date": "2015-02-04T23:00:00.000+00:00",
          "number": "48",
          "summary": "New remediations available"
        },
        {
          "date": "2015-02-04T23:00:00.000+00:00",
          "number": "49",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2015-02-04T23:00:00.000+00:00",
          "number": "50",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2015-02-09T23:00:00.000+00:00",
          "number": "51",
          "summary": "New remediations available"
        },
        {
          "date": "2015-02-09T23:00:00.000+00:00",
          "number": "52",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2015-02-26T23:00:00.000+00:00",
          "number": "53",
          "summary": "New remediations available"
        },
        {
          "date": "2015-02-26T23:00:00.000+00:00",
          "number": "54",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2015-02-26T23:00:00.000+00:00",
          "number": "55",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2015-03-15T23:00:00.000+00:00",
          "number": "56",
          "summary": "New remediations available"
        },
        {
          "date": "2015-03-23T23:00:00.000+00:00",
          "number": "57",
          "summary": "New remediations available"
        },
        {
          "date": "2015-03-24T23:00:00.000+00:00",
          "number": "58",
          "summary": "New remediations available"
        },
        {
          "date": "2015-03-24T23:00:00.000+00:00",
          "number": "59",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2016-01-24T23:00:00.000+00:00",
          "number": "60",
          "summary": "New remediations available"
        },
        {
          "date": "2019-03-13T23:00:00.000+00:00",
          "number": "61",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2019-08-18T22:00:00.000+00:00",
          "number": "62",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2021-03-31T22:00:00.000+00:00",
          "number": "63",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2022-04-10T22:00:00.000+00:00",
          "number": "64",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-02-27T23:00:00.000+00:00",
          "number": "65",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "65"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "FreeBSD Project FreeBSD OS 9.1",
                "product": {
                  "name": "FreeBSD Project FreeBSD OS 9.1",
                  "product_id": "194535",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:freebsd:freebsd:9.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FreeBSD Project FreeBSD OS 8.4",
                "product": {
                  "name": "FreeBSD Project FreeBSD OS 8.4",
                  "product_id": "202078",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:freebsd:freebsd:8.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FreeBSD Project FreeBSD OS 9.2",
                "product": {
                  "name": "FreeBSD Project FreeBSD OS 9.2",
                  "product_id": "T003389",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:freebsd:freebsd:9.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FreeBSD Project FreeBSD OS 9.3",
                "product": {
                  "name": "FreeBSD Project FreeBSD OS 9.3",
                  "product_id": "T003390",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:freebsd:freebsd:9.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "FreeBSD Project FreeBSD OS 10.0",
                "product": {
                  "name": "FreeBSD Project FreeBSD OS 10.0",
                  "product_id": "T003391",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:freebsd:freebsd:10.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FreeBSD OS"
          }
        ],
        "category": "vendor",
        "name": "FreeBSD Project"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HPE HP-UX B.11.11",
                "product": {
                  "name": "HPE HP-UX B.11.11",
                  "product_id": "T003645",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hp:hp-ux:11.11:b"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE HP-UX B.11.23",
                "product": {
                  "name": "HPE HP-UX B.11.23",
                  "product_id": "T003646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hp:hp-ux:11.23:b"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HPE HP-UX B.11.31",
                "product": {
                  "name": "HPE HP-UX B.11.31",
                  "product_id": "T003647",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hp:hp-ux:11.31:b"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "HP-UX"
          },
          {
            "category": "product_name",
            "name": "HPE Insight Control",
            "product": {
              "name": "HPE Insight Control",
              "product_id": "253293",
              "product_identification_helper": {
                "cpe": "cpe:/a:hp:insight_control_server_deployment:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "HP System Management Homepage",
            "product": {
              "name": "HP System Management Homepage",
              "product_id": "4995",
              "product_identification_helper": {
                "cpe": "cpe:/a:hp:system_management_homepage:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM AIX 7.1",
                "product": {
                  "name": "IBM AIX 7.1",
                  "product_id": "153340",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:aix:7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM AIX 5.3",
                "product": {
                  "name": "IBM AIX 5.3",
                  "product_id": "30418",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:aix:5.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM AIX 6.1",
                "product": {
                  "name": "IBM AIX 6.1",
                  "product_id": "73182",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:aix:6.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "AIX"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM FlashSystem 710",
                "product": {
                  "name": "IBM FlashSystem 710",
                  "product_id": "T026541",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:flashsystem:710"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM FlashSystem 810",
                "product": {
                  "name": "IBM FlashSystem 810",
                  "product_id": "T026542",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:flashsystem:810"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM FlashSystem 720",
                "product": {
                  "name": "IBM FlashSystem 720",
                  "product_id": "T026543",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:flashsystem:720"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM FlashSystem 820",
                "product": {
                  "name": "IBM FlashSystem 820",
                  "product_id": "T026544",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:flashsystem:820"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FlashSystem"
          },
          {
            "category": "product_name",
            "name": "IBM VIOS 2.2.x",
            "product": {
              "name": "IBM VIOS 2.2.x",
              "product_id": "T002859",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:vios:2.2"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "NetBSD Foundation NetBSD OS",
            "product": {
              "name": "NetBSD Foundation NetBSD OS",
              "product_id": "7660",
              "product_identification_helper": {
                "cpe": "cpe:/o:netbsd:netbsd:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "NetBSD Foundation"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Open Source CentOS 6",
                "product": {
                  "name": "Open Source CentOS 6",
                  "product_id": "160056",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:centos:centos:6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Open Source CentOS 7",
                "product": {
                  "name": "Open Source CentOS 7",
                  "product_id": "T003633",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:centos:centos:7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "CentOS"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Open Source OpenSSL 1.0.0",
                "product": {
                  "name": "Open Source OpenSSL 1.0.0",
                  "product_id": "126467",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:openssl:openssl:1.0.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Open Source OpenSSL 1.0.1",
                "product": {
                  "name": "Open Source OpenSSL 1.0.1",
                  "product_id": "T002966",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:openssl:openssl:1.0.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Open Source OpenSSL 0.9.8",
                "product": {
                  "name": "Open Source OpenSSL 0.9.8",
                  "product_id": "T003564",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:openssl:openssl:0.9.8"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenSSL"
          },
          {
            "category": "product_name",
            "name": "Open Source OpenVPN \u003c 2.3.4",
            "product": {
              "name": "Open Source OpenVPN \u003c 2.3.4",
              "product_id": "T003615",
              "product_identification_helper": {
                "cpe": "cpe:/a:openvpn:openvpn:2.3.4"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Open Source WinSCP \u003c 5.5.5",
            "product": {
              "name": "Open Source WinSCP \u003c 5.5.5",
              "product_id": "T003680",
              "product_identification_helper": {
                "cpe": "cpe:/a:winscp:winscp:5.5.5"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Oracle Solaris 10",
                "product": {
                  "name": "Oracle Solaris 10",
                  "product_id": "T000300",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:solaris:10"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Oracle Solaris 11.2",
                "product": {
                  "name": "Oracle Solaris 11.2",
                  "product_id": "T002989",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:solaris:11.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Solaris"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server 5",
                "product": {
                  "name": "Red Hat Enterprise Linux Server 5",
                  "product_id": "74289",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server 6",
                "product": {
                  "name": "Red Hat Enterprise Linux Server 6",
                  "product_id": "T000343",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6:server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server EUS 6.5.z",
                "product": {
                  "name": "Red Hat Enterprise Linux Server EUS 6.5.z",
                  "product_id": "T002243",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6.5.z:server:eus"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server AUS 6.5",
                "product": {
                  "name": "Red Hat Enterprise Linux Server AUS 6.5",
                  "product_id": "T002517",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6.5:server:aus"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server 7",
                "product": {
                  "name": "Red Hat Enterprise Linux Server 7",
                  "product_id": "T003550",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "category": "product_name",
            "name": "Red Hat Storage 2.1",
            "product": {
              "name": "Red Hat Storage 2.1",
              "product_id": "T002362",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:storage:2.1"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "F5 ARX 6.0.0 - 6.4.0",
            "product": {
              "name": "F5 ARX 6.0.0 - 6.4.0",
              "product_id": "T002411",
              "product_identification_helper": {
                "cpe": "cpe:/a:f5:arx:6.4.0"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "F5 BIG-IP Access Policy Manager 10.1.0 - 10.2.4",
                "product": {
                  "name": "F5 BIG-IP Access Policy Manager 10.1.0 - 10.2.4",
                  "product_id": "T000515",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_access_policy_manager:10.2.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "F5 BIG-IP Access Policy Manager 11.0.0 - 11.3.0",
                "product": {
                  "name": "F5 BIG-IP Access Policy Manager 11.0.0 - 11.3.0",
                  "product_id": "T000516",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_access_policy_manager:11.3.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "F5 BIG-IP Access Policy Manager 11.5.0 - 11.6.0",
                "product": {
                  "name": "F5 BIG-IP Access Policy Manager 11.5.0 - 11.6.0",
                  "product_id": "T003682",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_access_policy_manager:11.6.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "big-ip_access_policy_manager"
          },
          {
            "category": "product_name",
            "name": "F5 BIG-IP Analytics 11.0.0 - 11.3.0",
            "product": {
              "name": "F5 BIG-IP Analytics 11.0.0 - 11.3.0",
              "product_id": "T000542",
              "product_identification_helper": {
                "cpe": "cpe:/a:f5:big-ip_analytics:11.3.0"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "F5 BIG-IP Application Security Manager 10.0.0 - 10.2.4",
                "product": {
                  "name": "F5 BIG-IP Application Security Manager 10.0.0 - 10.2.4",
                  "product_id": "T000548",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_application_security_manager:10.2.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "F5 BIG-IP Application Security Manager 11.0.0 - 11.3.0",
                "product": {
                  "name": "F5 BIG-IP Application Security Manager 11.0.0 - 11.3.0",
                  "product_id": "T000549",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_application_security_manager:11.3.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "F5 BIG-IP Application Security Manager 11.5.0 - 11.6.0",
                "product": {
                  "name": "F5 BIG-IP Application Security Manager 11.5.0 - 11.6.0",
                  "product_id": "T003684",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_application_security_manager:11.6.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "big-ip_application_security_manager"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "F5 BIG-IP Edge Gateway 11.0.0 - 11.3.0",
                "product": {
                  "name": "F5 BIG-IP Edge Gateway 11.0.0 - 11.3.0",
                  "product_id": "T000521",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_edge_gateway:11.3.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "F5 BIG-IP Edge Gateway 10.1.0 - 10.2.4",
                "product": {
                  "name": "F5 BIG-IP Edge Gateway 10.1.0 - 10.2.4",
                  "product_id": "T000552",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_edge_gateway:10.2.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "big-ip_edge_gateway"
          },
          {
            "category": "product_name",
            "name": "F5 BIG-IP Global Traffic Manager 11.5.0 - 11.6.0",
            "product": {
              "name": "F5 BIG-IP Global Traffic Manager 11.5.0 - 11.6.0",
              "product_id": "T003686",
              "product_identification_helper": {
                "cpe": "cpe:/a:f5:big-ip_global_traffic_manager:11.6.0"
              }
            }
          },
          {
            "category": "product_name",
            "name": "F5 BIG-IP Link Controller 11.5.0 - 11.6.0",
            "product": {
              "name": "F5 BIG-IP Link Controller 11.5.0 - 11.6.0",
              "product_id": "T003687",
              "product_identification_helper": {
                "cpe": "cpe:/a:f5:big-ip_link_controller:11.6.0"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "F5 BIG-IP Local Traffic Manager 10.0.0 - 10.2.4",
                "product": {
                  "name": "F5 BIG-IP Local Traffic Manager 10.0.0 - 10.2.4",
                  "product_id": "T000512",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_local_traffic_manager:10.2.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "F5 BIG-IP Local Traffic Manager 11.0.0 - 11.3.0",
                "product": {
                  "name": "F5 BIG-IP Local Traffic Manager 11.0.0 - 11.3.0",
                  "product_id": "T000513",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_local_traffic_manager:11.3.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "F5 BIG-IP Local Traffic Manager 11.5.0 - 11.6.0",
                "product": {
                  "name": "F5 BIG-IP Local Traffic Manager 11.5.0 - 11.6.0",
                  "product_id": "T003681",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip_local_traffic_manager:11.6.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "big-ip_local_traffic_manager"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "F5 WebAccelerator 10.0.0 - 10.2.4",
                "product": {
                  "name": "F5 WebAccelerator 10.0.0 - 10.2.4",
                  "product_id": "T001411",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:f5:big-ip_webaccelerator:10.2.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "F5 WebAccelerator 11.0.0 - 11.3.0",
                "product": {
                  "name": "F5 WebAccelerator 11.0.0 - 11.3.0",
                  "product_id": "T001412",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:f5:big-ip_webaccelerator:11.3.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "big-ip_webaccelerator"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "F5 BIG-IP Protocol Security Manager 11.0.0 - 11.3.0",
                "product": {
                  "name": "F5 BIG-IP Protocol Security Manager 11.0.0 - 11.3.0",
                  "product_id": "T001409",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:protocol_security_manager:11.3.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "F5 BIG-IP Protocol Security Manager 10.0.0 - 10.2.4",
                "product": {
                  "name": "F5 BIG-IP Protocol Security Manager 10.0.0 - 10.2.4",
                  "product_id": "T001410",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:protocol_security_manager:10.2.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "protocol_security_manager"
          }
        ],
        "category": "vendor",
        "name": "f5"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HPE OpenVMS",
            "product": {
              "name": "HPE OpenVMS",
              "product_id": "64187",
              "product_identification_helper": {
                "cpe": "cpe:/o:hp:openvms:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "HPE Service Manager",
            "product": {
              "name": "HPE Service Manager",
              "product_id": "T004483",
              "product_identification_helper": {
                "cpe": "cpe:/a:hp:service_manager:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "hp"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop 5",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop 5",
                  "product_id": "T000180",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux_desktop:5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop 6",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop 6",
                  "product_id": "T000223",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux_desktop:6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop 7",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop 7",
                  "product_id": "T003548",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux_desktop:7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "enterprise_linux_desktop"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node 6",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node 6",
                  "product_id": "T001927",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux_hpc_node:6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node 7",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node 7",
                  "product_id": "T003549",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux_hpc_node:7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "enterprise_linux_hpc_node"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation 6",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation 6",
                  "product_id": "T000396",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux_workstation:6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation 5",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation 5",
                  "product_id": "T000622",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux_workstation:5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation 7",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation 7",
                  "product_id": "T003565",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux_workstation:7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "enterprise_linux_workstation"
          },
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Virtualization",
            "product": {
              "name": "Red Hat Enterprise Virtualization",
              "product_id": "T003307",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:enterprise_virtualization:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "redhat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux Enterprise Desktop 11 SP3",
            "product": {
              "name": "SUSE Linux Enterprise Desktop 11 SP3",
              "product_id": "T002224",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:linux_enterprise_desktop:11:sp3"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP3",
                  "product_id": "T002223",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_server:11:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 10 SP3 LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 10 SP3 LTSS",
                  "product_id": "T002667",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_server:10:sp3:ltss"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 10 SP4 LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 10 SP4 LTSS",
                  "product_id": "T002668",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_server:10:sp4:ltss"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP2 LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP2 LTSS",
                  "product_id": "T002670",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_server:11:sp2:ltss"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP3 VMware",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP3 VMware",
                  "product_id": "T003321",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_server:11_sp3_for_vmware"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP1 LTSSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP1 LTSSS",
                  "product_id": "T003351",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:linux_enterprise_server:11_sp1_ltss"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "linux_enterprise_server"
          }
        ],
        "category": "vendor",
        "name": "suse"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-3505",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in OpenSSL. Ein Angreifer kann diese Schwachstellen die unter anderem auf Null Pointer Dereferenzierungen, Race Conditions, Double Free Zust\u00e4nden und Puffer\u00fcberl\u00e4ufen beruhen ausnutzen um Informationen offenzulegen und Denial of Service Zust\u00e4nde zu verursachen. Eine Schwachstelle macht es m\u00f6glich ein Protokoll Downgrade zu verursachen, so dass TLS 1.0 verwendet wird, obwohl sowohl Server als auch Client h\u00f6here Protokollversionen nutzen k\u00f6nnten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003389",
          "T003548",
          "T003307",
          "T003549",
          "T004914",
          "T002859",
          "73182",
          "T000516",
          "T000515",
          "194535",
          "T000513",
          "T000512",
          "T026544",
          "T000552",
          "T002411",
          "T026543",
          "T000396",
          "T026542",
          "T026541",
          "153340",
          "T000180",
          "74289",
          "253293",
          "T002966",
          "T000549",
          "T000548",
          "2951",
          "T000622",
          "T000223",
          "T000300",
          "T000542",
          "T000343",
          "30418",
          "T002243",
          "T002362",
          "7660",
          "T003681",
          "T002670",
          "T003682",
          "T003321",
          "T003684",
          "T003564",
          "T003565",
          "T003686",
          "T003687",
          "T003645",
          "T003646",
          "T003647",
          "T002517",
          "202078",
          "126467",
          "T003351",
          "T003550",
          "64187",
          "T003633",
          "T002667",
          "160056",
          "T002668",
          "T002989",
          "T001927",
          "T001409",
          "T000126",
          "T000521",
          "T001412",
          "T001411",
          "4995",
          "T001410",
          "T002224",
          "T002223",
          "T003390",
          "T003391",
          "T004483"
        ]
      },
      "release_date": "2014-08-06T22:00:00Z",
      "title": "CVE-2014-3505"
    },
    {
      "cve": "CVE-2014-3506",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in OpenSSL. Ein Angreifer kann diese Schwachstellen die unter anderem auf Null Pointer Dereferenzierungen, Race Conditions, Double Free Zust\u00e4nden und Puffer\u00fcberl\u00e4ufen beruhen ausnutzen um Informationen offenzulegen und Denial of Service Zust\u00e4nde zu verursachen. Eine Schwachstelle macht es m\u00f6glich ein Protokoll Downgrade zu verursachen, so dass TLS 1.0 verwendet wird, obwohl sowohl Server als auch Client h\u00f6here Protokollversionen nutzen k\u00f6nnten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003389",
          "T003548",
          "T003307",
          "T003549",
          "T004914",
          "T002859",
          "73182",
          "T000516",
          "T000515",
          "194535",
          "T000513",
          "T000512",
          "T026544",
          "T000552",
          "T002411",
          "T026543",
          "T000396",
          "T026542",
          "T026541",
          "153340",
          "T000180",
          "74289",
          "253293",
          "T002966",
          "T000549",
          "T000548",
          "2951",
          "T000622",
          "T000223",
          "T000300",
          "T000542",
          "T000343",
          "30418",
          "T002243",
          "T002362",
          "7660",
          "T003681",
          "T002670",
          "T003682",
          "T003321",
          "T003684",
          "T003564",
          "T003565",
          "T003686",
          "T003687",
          "T003645",
          "T003646",
          "T003647",
          "T002517",
          "202078",
          "126467",
          "T003351",
          "T003550",
          "64187",
          "T003633",
          "T002667",
          "160056",
          "T002668",
          "T002989",
          "T001927",
          "T001409",
          "T000126",
          "T000521",
          "T001412",
          "T001411",
          "4995",
          "T001410",
          "T002224",
          "T002223",
          "T003390",
          "T003391",
          "T004483"
        ]
      },
      "release_date": "2014-08-06T22:00:00Z",
      "title": "CVE-2014-3506"
    },
    {
      "cve": "CVE-2014-3507",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in OpenSSL. Ein Angreifer kann diese Schwachstellen die unter anderem auf Null Pointer Dereferenzierungen, Race Conditions, Double Free Zust\u00e4nden und Puffer\u00fcberl\u00e4ufen beruhen ausnutzen um Informationen offenzulegen und Denial of Service Zust\u00e4nde zu verursachen. Eine Schwachstelle macht es m\u00f6glich ein Protokoll Downgrade zu verursachen, so dass TLS 1.0 verwendet wird, obwohl sowohl Server als auch Client h\u00f6here Protokollversionen nutzen k\u00f6nnten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003389",
          "T003548",
          "T003307",
          "T003549",
          "T004914",
          "T002859",
          "73182",
          "T000516",
          "T000515",
          "194535",
          "T000513",
          "T000512",
          "T026544",
          "T000552",
          "T002411",
          "T026543",
          "T000396",
          "T026542",
          "T026541",
          "153340",
          "T000180",
          "74289",
          "253293",
          "T002966",
          "T000549",
          "T000548",
          "2951",
          "T000622",
          "T000223",
          "T000300",
          "T000542",
          "T000343",
          "30418",
          "T002243",
          "T002362",
          "7660",
          "T003681",
          "T002670",
          "T003682",
          "T003321",
          "T003684",
          "T003564",
          "T003565",
          "T003686",
          "T003687",
          "T003645",
          "T003646",
          "T003647",
          "T002517",
          "202078",
          "126467",
          "T003351",
          "T003550",
          "64187",
          "T003633",
          "T002667",
          "160056",
          "T002668",
          "T002989",
          "T001927",
          "T001409",
          "T000126",
          "T000521",
          "T001412",
          "T001411",
          "4995",
          "T001410",
          "T002224",
          "T002223",
          "T003390",
          "T003391",
          "T004483"
        ]
      },
      "release_date": "2014-08-06T22:00:00Z",
      "title": "CVE-2014-3507"
    },
    {
      "cve": "CVE-2014-3508",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in OpenSSL. Ein Angreifer kann diese Schwachstellen die unter anderem auf Null Pointer Dereferenzierungen, Race Conditions, Double Free Zust\u00e4nden und Puffer\u00fcberl\u00e4ufen beruhen ausnutzen um Informationen offenzulegen und Denial of Service Zust\u00e4nde zu verursachen. Eine Schwachstelle macht es m\u00f6glich ein Protokoll Downgrade zu verursachen, so dass TLS 1.0 verwendet wird, obwohl sowohl Server als auch Client h\u00f6here Protokollversionen nutzen k\u00f6nnten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003389",
          "T003548",
          "T003307",
          "T003549",
          "T004914",
          "T002859",
          "73182",
          "T000516",
          "T000515",
          "194535",
          "T000513",
          "T000512",
          "T026544",
          "T000552",
          "T002411",
          "T026543",
          "T000396",
          "T026542",
          "T026541",
          "153340",
          "T000180",
          "74289",
          "253293",
          "T002966",
          "T000549",
          "T000548",
          "2951",
          "T000622",
          "T000223",
          "T000300",
          "T000542",
          "T000343",
          "30418",
          "T002243",
          "T002362",
          "7660",
          "T003681",
          "T002670",
          "T003682",
          "T003321",
          "T003684",
          "T003564",
          "T003565",
          "T003686",
          "T003687",
          "T003645",
          "T003646",
          "T003647",
          "T002517",
          "202078",
          "126467",
          "T003351",
          "T003550",
          "64187",
          "T003633",
          "T002667",
          "160056",
          "T002668",
          "T002989",
          "T001927",
          "T001409",
          "T000126",
          "T000521",
          "T001412",
          "T001411",
          "4995",
          "T001410",
          "T002224",
          "T002223",
          "T003390",
          "T003391",
          "T004483"
        ]
      },
      "release_date": "2014-08-06T22:00:00Z",
      "title": "CVE-2014-3508"
    },
    {
      "cve": "CVE-2014-3509",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in OpenSSL. Ein Angreifer kann diese Schwachstellen die unter anderem auf Null Pointer Dereferenzierungen, Race Conditions, Double Free Zust\u00e4nden und Puffer\u00fcberl\u00e4ufen beruhen ausnutzen um Informationen offenzulegen und Denial of Service Zust\u00e4nde zu verursachen. Eine Schwachstelle macht es m\u00f6glich ein Protokoll Downgrade zu verursachen, so dass TLS 1.0 verwendet wird, obwohl sowohl Server als auch Client h\u00f6here Protokollversionen nutzen k\u00f6nnten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003389",
          "T003548",
          "T003307",
          "T003549",
          "T004914",
          "T002859",
          "73182",
          "T000516",
          "T000515",
          "194535",
          "T000513",
          "T000512",
          "T026544",
          "T000552",
          "T002411",
          "T026543",
          "T000396",
          "T026542",
          "T026541",
          "153340",
          "T000180",
          "74289",
          "253293",
          "T002966",
          "T000549",
          "T000548",
          "2951",
          "T000622",
          "T000223",
          "T000300",
          "T000542",
          "T000343",
          "30418",
          "T002243",
          "T002362",
          "7660",
          "T003681",
          "T002670",
          "T003682",
          "T003321",
          "T003684",
          "T003564",
          "T003565",
          "T003686",
          "T003687",
          "T003645",
          "T003646",
          "T003647",
          "T002517",
          "202078",
          "126467",
          "T003351",
          "T003550",
          "64187",
          "T003633",
          "T002667",
          "160056",
          "T002668",
          "T002989",
          "T001927",
          "T001409",
          "T000126",
          "T000521",
          "T001412",
          "T001411",
          "4995",
          "T001410",
          "T002224",
          "T002223",
          "T003390",
          "T003391",
          "T004483"
        ]
      },
      "release_date": "2014-08-06T22:00:00Z",
      "title": "CVE-2014-3509"
    },
    {
      "cve": "CVE-2014-3510",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in OpenSSL. Ein Angreifer kann diese Schwachstellen die unter anderem auf Null Pointer Dereferenzierungen, Race Conditions, Double Free Zust\u00e4nden und Puffer\u00fcberl\u00e4ufen beruhen ausnutzen um Informationen offenzulegen und Denial of Service Zust\u00e4nde zu verursachen. Eine Schwachstelle macht es m\u00f6glich ein Protokoll Downgrade zu verursachen, so dass TLS 1.0 verwendet wird, obwohl sowohl Server als auch Client h\u00f6here Protokollversionen nutzen k\u00f6nnten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003389",
          "T003548",
          "T003307",
          "T003549",
          "T004914",
          "T002859",
          "73182",
          "T000516",
          "T000515",
          "194535",
          "T000513",
          "T000512",
          "T026544",
          "T000552",
          "T002411",
          "T026543",
          "T000396",
          "T026542",
          "T026541",
          "153340",
          "T000180",
          "74289",
          "253293",
          "T002966",
          "T000549",
          "T000548",
          "2951",
          "T000622",
          "T000223",
          "T000300",
          "T000542",
          "T000343",
          "30418",
          "T002243",
          "T002362",
          "7660",
          "T003681",
          "T002670",
          "T003682",
          "T003321",
          "T003684",
          "T003564",
          "T003565",
          "T003686",
          "T003687",
          "T003645",
          "T003646",
          "T003647",
          "T002517",
          "202078",
          "126467",
          "T003351",
          "T003550",
          "64187",
          "T003633",
          "T002667",
          "160056",
          "T002668",
          "T002989",
          "T001927",
          "T001409",
          "T000126",
          "T000521",
          "T001412",
          "T001411",
          "4995",
          "T001410",
          "T002224",
          "T002223",
          "T003390",
          "T003391",
          "T004483"
        ]
      },
      "release_date": "2014-08-06T22:00:00Z",
      "title": "CVE-2014-3510"
    },
    {
      "cve": "CVE-2014-3511",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in OpenSSL. Ein Angreifer kann diese Schwachstellen die unter anderem auf Null Pointer Dereferenzierungen, Race Conditions, Double Free Zust\u00e4nden und Puffer\u00fcberl\u00e4ufen beruhen ausnutzen um Informationen offenzulegen und Denial of Service Zust\u00e4nde zu verursachen. Eine Schwachstelle macht es m\u00f6glich ein Protokoll Downgrade zu verursachen, so dass TLS 1.0 verwendet wird, obwohl sowohl Server als auch Client h\u00f6here Protokollversionen nutzen k\u00f6nnten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003389",
          "T003548",
          "T003307",
          "T003549",
          "T004914",
          "T002859",
          "73182",
          "T000516",
          "T000515",
          "194535",
          "T000513",
          "T000512",
          "T026544",
          "T000552",
          "T002411",
          "T026543",
          "T000396",
          "T026542",
          "T026541",
          "153340",
          "T000180",
          "74289",
          "253293",
          "T002966",
          "T000549",
          "T000548",
          "2951",
          "T000622",
          "T000223",
          "T000300",
          "T000542",
          "T000343",
          "30418",
          "T002243",
          "T002362",
          "7660",
          "T003681",
          "T002670",
          "T003682",
          "T003321",
          "T003684",
          "T003564",
          "T003565",
          "T003686",
          "T003687",
          "T003645",
          "T003646",
          "T003647",
          "T002517",
          "202078",
          "126467",
          "T003351",
          "T003550",
          "64187",
          "T003633",
          "T002667",
          "160056",
          "T002668",
          "T002989",
          "T001927",
          "T001409",
          "T000126",
          "T000521",
          "T001412",
          "T001411",
          "4995",
          "T001410",
          "T002224",
          "T002223",
          "T003390",
          "T003391",
          "T004483"
        ]
      },
      "release_date": "2014-08-06T22:00:00Z",
      "title": "CVE-2014-3511"
    },
    {
      "cve": "CVE-2014-3512",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in OpenSSL. Ein Angreifer kann diese Schwachstellen die unter anderem auf Null Pointer Dereferenzierungen, Race Conditions, Double Free Zust\u00e4nden und Puffer\u00fcberl\u00e4ufen beruhen ausnutzen um Informationen offenzulegen und Denial of Service Zust\u00e4nde zu verursachen. Eine Schwachstelle macht es m\u00f6glich ein Protokoll Downgrade zu verursachen, so dass TLS 1.0 verwendet wird, obwohl sowohl Server als auch Client h\u00f6here Protokollversionen nutzen k\u00f6nnten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003389",
          "T003548",
          "T003307",
          "T003549",
          "T004914",
          "T002859",
          "73182",
          "T000516",
          "T000515",
          "194535",
          "T000513",
          "T000512",
          "T026544",
          "T000552",
          "T002411",
          "T026543",
          "T000396",
          "T026542",
          "T026541",
          "153340",
          "T000180",
          "74289",
          "253293",
          "T002966",
          "T000549",
          "T000548",
          "2951",
          "T000622",
          "T000223",
          "T000300",
          "T000542",
          "T000343",
          "30418",
          "T002243",
          "T002362",
          "7660",
          "T003681",
          "T002670",
          "T003682",
          "T003321",
          "T003684",
          "T003564",
          "T003565",
          "T003686",
          "T003687",
          "T003645",
          "T003646",
          "T003647",
          "T002517",
          "202078",
          "126467",
          "T003351",
          "T003550",
          "64187",
          "T003633",
          "T002667",
          "160056",
          "T002668",
          "T002989",
          "T001927",
          "T001409",
          "T000126",
          "T000521",
          "T001412",
          "T001411",
          "4995",
          "T001410",
          "T002224",
          "T002223",
          "T003390",
          "T003391",
          "T004483"
        ]
      },
      "release_date": "2014-08-06T22:00:00Z",
      "title": "CVE-2014-3512"
    },
    {
      "cve": "CVE-2014-5139",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in OpenSSL. Ein Angreifer kann diese Schwachstellen die unter anderem auf Null Pointer Dereferenzierungen, Race Conditions, Double Free Zust\u00e4nden und Puffer\u00fcberl\u00e4ufen beruhen ausnutzen um Informationen offenzulegen und Denial of Service Zust\u00e4nde zu verursachen. Eine Schwachstelle macht es m\u00f6glich ein Protokoll Downgrade zu verursachen, so dass TLS 1.0 verwendet wird, obwohl sowohl Server als auch Client h\u00f6here Protokollversionen nutzen k\u00f6nnten."
        }
      ],
      "product_status": {
        "known_affected": [
          "T003389",
          "T003548",
          "T003307",
          "T003549",
          "T004914",
          "T002859",
          "73182",
          "T000516",
          "T000515",
          "194535",
          "T000513",
          "T000512",
          "T026544",
          "T000552",
          "T002411",
          "T026543",
          "T000396",
          "T026542",
          "T026541",
          "153340",
          "T000180",
          "74289",
          "253293",
          "T002966",
          "T000549",
          "T000548",
          "2951",
          "T000622",
          "T000223",
          "T000300",
          "T000542",
          "T000343",
          "30418",
          "T002243",
          "T002362",
          "7660",
          "T003681",
          "T002670",
          "T003682",
          "T003321",
          "T003684",
          "T003564",
          "T003565",
          "T003686",
          "T003687",
          "T003645",
          "T003646",
          "T003647",
          "T002517",
          "202078",
          "126467",
          "T003351",
          "T003550",
          "64187",
          "T003633",
          "T002667",
          "160056",
          "T002668",
          "T002989",
          "T001927",
          "T001409",
          "T000126",
          "T000521",
          "T001412",
          "T001411",
          "4995",
          "T001410",
          "T002224",
          "T002223",
          "T003390",
          "T003391",
          "T004483"
        ]
      },
      "release_date": "2014-08-06T22:00:00Z",
      "title": "CVE-2014-5139"
    }
  ]
}

ghsa-4wj2-rv2r-wj7f

Vulnerability from github

Published

2022-05-17 19:57

Modified

2022-05-17 19:57

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-5139"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-08-13T23:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.",
  "id": "GHSA-4wj2-rv2r-wj7f",
  "modified": "2022-05-17T19:57:43Z",
  "published": "2022-05-17T19:57:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5139"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=80bd7b41b30af6ee96f519e629463583318de3b0"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=83764a989dcc87fbea337da5f8f86806fe767b7e"
    },
    {
      "type": "WEB",
      "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html"
    },
    {
      "type": "WEB",
      "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.asc"
    },
    {
      "type": "WEB",
      "url": "https://www.openssl.org/news/secadv_20140806.txt"
    },
    {
      "type": "WEB",
      "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/59700"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/59710"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/59756"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/60022"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/60221"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/60493"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/60803"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/60810"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/60917"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/60921"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/61017"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/61100"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/61171"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/61184"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/61392"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/61775"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/61959"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml"
    },
    {
      "type": "WEB",
      "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15567.html"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2014/dsa-2998"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/69077"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1030693"
    },
    {
      "type": "WEB",
      "url": "http://www.tenable.com/security/tns-2014-06"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Action not permitted

cve-2014-5139

Vulnerability from cvelistv5

var-201408-0212

Vulnerability from variot

CVSS 2.0 Base Metrics

upgradepkg openssl-1.0.1i-i486-1_slack14.1.txz openssl-solibs-1.0.1i-i486-1_slack14.1.txz

Information leak in pretty printing functions (CVE-2014-3508)

Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)

Double Free when processing DTLS packets (CVE-2014-3505)

DTLS memory exhaustion (CVE-2014-3506)

DTLS memory leak from zero-length fragments (CVE-2014-3507)

OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)

OpenSSL TLS protocol downgrade attack (CVE-2014-3511)

SRP buffer overrun (CVE-2014-3512)

References

gsd-2014-5139

Vulnerability from gsd

wid-sec-w-2023-0498

Vulnerability from csaf_certbund

ghsa-4wj2-rv2r-wj7f

Vulnerability from github

Tags