var-200609-0998
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.
References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I otH/juFiPayhwdxQwX1pZwdm =e4BA -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200609-0998", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": null, "trust": 1.6, "vendor": "debian gnu linux", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "f5", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "freebsd", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "openpkg", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "openssl", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "oracle", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "red hat", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "suse linux", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "slackware linux", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "ubuntu", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "rpath", "version": null }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "0.9.3" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "0.9.1c" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "0.9.6" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "0.9.5" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "0.9.3a" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "0.9.5a" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "0.9.2b" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "0.9.4" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6l" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6m" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6k" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7j" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6j" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7k" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6b" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "trustix secure linux", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "appgate network security", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "apple computer", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "attachmatewrq", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "avaya", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "blue coat", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "gentoo linux", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "gnutls", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "hewlett packard", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "iaik java group", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "ibm", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "internet consortium", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "intoto", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "juniper", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "mandriva", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "mozilla", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "openwall gnu linux", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "opera", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "rsa security", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "ssh security corp", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "sun microsystems", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "sybase", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "vmware", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "vandyke", "version": null }, { "model": "application \u0026 content networking software", "scope": null, "trust": 0.6, "vendor": "cisco", "version": null }, { "model": "css11500 content services switch s", "scope": "eq", "trust": 0.6, "vendor": "cisco", "version": "7.30" }, { "model": "css11500 content services switch s", "scope": "eq", "trust": 0.6, "vendor": "cisco", "version": "7.20" }, { "model": "wide area file services", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "linux desktop", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "1.0" }, { "model": "fast360", "scope": "ne", "trust": 0.3, "vendor": "arkoon", "version": "3.0/32" }, { "model": "hardware management console for pseries", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.3.7" }, { "model": "wireless control system software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3" }, { "model": "call manager sr2c", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.4" }, { "model": "siparator", "scope": "ne", "trust": 0.3, "vendor": "ingate", "version": "4.5.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "fast360", "scope": "eq", "trust": 0.3, "vendor": "arkoon", "version": "4.0" }, { "model": "enterprise linux es ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.5" }, { "model": "server b", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.16" }, { "model": "project openssl g", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "computing snapgear sg565", "scope": "eq", "trust": 0.3, "vendor": "secure", "version": "0" }, { "model": "openbsd", "scope": "eq", "trust": 0.3, "vendor": "openbsd", "version": "3.9" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.2" }, { "model": "ciscoworks common services", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2.2" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.6(0)" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.8.3" }, { "model": "appliance server hosting edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "secure access control server", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.2" }, { "model": "s8500 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "hardware management console for pseries", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.3.2" }, { "model": "fuji", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "hardware management console for pseries r1.0", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "bind a5", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.4" }, { "model": "hardware management console for iseries r4.0", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "call manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5.1" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154543.1.0" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "76650" }, { "model": "fast360", "scope": "eq", "trust": 0.3, "vendor": "arkoon", "version": "4.0/3" }, { "model": "css11500 content services switch", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.4" }, { "model": "fast360", "scope": "eq", "trust": 0.3, "vendor": "arkoon", "version": "4.0/2" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "project openssl b-36.8", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.2.0" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.8" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.1(1)" }, { "model": "hat red hat network satellite server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5.0" }, { "model": "ftp server", "scope": "eq", "trust": 0.3, "vendor": "serv u", "version": "6.00" }, { "model": "works common services", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3.0" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.6(1)" }, { "model": "workcentre pro", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "232" }, { "model": "s8700 cm", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "s8300 cm", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.3.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "linux professional oss", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.0" }, { "model": "bind -p1", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.6" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8" }, { "model": "system management homepage", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "2.1.9" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.2.3" }, { "model": "linux professional x86 64", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.3" }, { "model": "secure linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "3.0" }, { "model": "suse linux retail solution", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "8.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "linux enterprise desktop", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "9.1" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "appliance server workgroup edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.2.1" }, { "model": "ipcop", "scope": "eq", "trust": 0.3, "vendor": "ipcop", "version": "1.4.11" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "1.4.2" }, { "model": "hardware management console for iseries r5.0", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "player build", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "1.0.680404" }, { "model": "wide area application services", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "s8710 cm", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "server c", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.8" }, { "model": "hardware management console", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.3.7" }, { "model": "karagulle cwrsync", "scope": "eq", "trust": 0.3, "vendor": "tevfik", "version": "2.0.9" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2007.0" }, { "model": "grid engine update5", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.0" }, { "model": "suse linux standard server", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "8.0" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0" }, { "model": "hardware management console for pseries r5.0", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "workstation build", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "6.0.380004" }, { "model": "linux professional", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.1" }, { "model": "hardware management console for iseries", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.3.7" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2006.0" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.5.1" }, { "model": "workstation build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "5.5.334685" }, { "model": "grid engine update7", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.0" }, { "model": "hardware management console", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2.1" }, { "model": "linux professional", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.3" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154543.2.0" }, { "model": "bind rc3", "scope": "ne", "trust": 0.3, "vendor": "isc", "version": "9.2.7" }, { "model": "bind b1", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.7" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "openpkg", "scope": "eq", "trust": 0.3, "vendor": "openpkg", "version": "2.5" }, { "model": "server 0.9.1b", "scope": null, "trust": 0.3, "vendor": "filezilla", "version": null }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.4" }, { "model": "download accelarator", "scope": "eq", "trust": 0.3, "vendor": "prozilla", "version": "1.4.0" }, { "model": "ciscoworks common management foundation", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2.0" }, { "model": "call manager es32", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "call manager 4.1 sr4", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "karagulle cwrsync", "scope": "ne", "trust": 0.3, "vendor": "tevfik", "version": "2.0.10" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.6" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1-1" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.14" }, { "model": "project openssl g", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "open-enterprise-server", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "0" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0.2" }, { "model": "project openssl h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.8.8" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "3.2.1" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.9" }, { "model": "server a", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.8" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.2" }, { "model": "propack sp6", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "bind a4", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.4" }, { "model": "computing snapgear sg560", "scope": "eq", "trust": 0.3, "vendor": "secure", "version": "0" }, { "model": "suse linux school server for i386", "scope": null, "trust": 0.3, "vendor": "s u s e", "version": null }, { "model": "project openssl i", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "grid engine sun linux", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "5.3" }, { "model": "hardware management console for pseries r2.0", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "hardware management console for iseries", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.3.2" }, { "model": "current", "scope": null, "trust": 0.3, "vendor": "openpkg", "version": null }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.7" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3.4" }, { "model": "linux mipsel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "grid engine", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "5.3x86" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0.2.0" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "1.6.0" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3" }, { "model": "server 0.8.6a", "scope": null, "trust": 0.3, "vendor": "filezilla", "version": null }, { "model": "-release-p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.1" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "hardware management console for pseries r3.2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "ipcop", "scope": "eq", "trust": 0.3, "vendor": "ipcop", "version": "1.4.10" }, { "model": "esx server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "3.0.1" }, { "model": "linux professional x86 64", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.2" }, { "model": "bind rc2", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.7" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "fast360", "scope": "eq", "trust": 0.3, "vendor": "arkoon", "version": "3.0/31" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "firewalll", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.4" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.1(3)" }, { "model": "hardware management console for iseries r3.1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "multi network firewall", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.0" }, { "model": "workstation build", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "5.5.680404" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "bind a1", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.4" }, { "model": "system management homepage", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "2.1.7" }, { "model": "bind rc1", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.7" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "rpath", "version": "1" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "bind rc3", "scope": "ne", "trust": 0.3, "vendor": "isc", "version": "9.3.3" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.10" }, { "model": "call manager sr2", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.5" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.3" }, { "model": "ftp server", "scope": "eq", "trust": 0.3, "vendor": "serv u", "version": "6.2.0.1" }, { "model": "call manager sr2b", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0" }, { "model": "security agent", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "5.0.0.201" }, { "model": "hardware management console for iseries r3.6", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "call manager es07", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "mds", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "95000" }, { "model": "hardware management console for pseries r2.1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154543.4" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "275" }, { "model": "ace", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "1.0.5" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "7.0" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2006.0" }, { "model": "workstation", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "6.0.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.8" }, { "model": "openbsd", "scope": "eq", "trust": 0.3, "vendor": "openbsd", "version": "3.8" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.1(0)" }, { "model": "ons ios-based blades", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "15454" }, { "model": "operating system enterprise server", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.8.7" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "232" }, { "model": "messaging storage server", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "76550" }, { "model": "wireless control system software", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "3.2" }, { "model": "hardware management console for iseries r2.0", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "openpkg", "scope": "eq", "trust": 0.3, "vendor": "openpkg", "version": "2.1" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3.3" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.2" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.2" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.2.3" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "1.5.0" }, { "model": "project openssl h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "igateway vpn/ssl-vpn", "scope": "eq", "trust": 0.3, "vendor": "intoto", "version": "0" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "245" }, { "model": "grid engine", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.0" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.5" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.5" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "project openssl i", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.17" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "1.4.3" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.5.1" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0" }, { "model": "ftp server", "scope": "eq", "trust": 0.3, "vendor": "serv u", "version": "6.1.0.5" }, { "model": "financials server", "scope": "eq", "trust": 0.3, "vendor": "navision", "version": "3.0" }, { "model": "bind rc2", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.3.3" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0.2" }, { "model": "hardware management console for pseries r3.3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.4" }, { "model": "workcentre pro", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "265" }, { "model": "intuity lx", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "linux personal oss", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.1.2" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.0(1)" }, { "model": "amc", "scope": "ne", "trust": 0.3, "vendor": "arkoon", "version": "1.0/6" }, { "model": "unified presence server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1.0(2)" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.0.1" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.1.3" }, { "model": "ftp server", "scope": "eq", "trust": 0.3, "vendor": "serv u", "version": "6.1.0.1" }, { "model": "access registrar", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.1" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.7.1" }, { "model": "hardware management console for iseries r3.2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "call manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.2(3)" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.9" }, { "model": "server 0.9.4d", "scope": null, "trust": 0.3, "vendor": "filezilla", "version": null }, { "model": "hardware management console for pseries", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.1.1" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.2" }, { "model": "project openssl f", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "ciscoworks common management foundation", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2.2" }, { "model": "grid engine update7 1", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.0" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.2" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.2" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.8" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3.4" }, { "model": "bind -p2", "scope": "ne", "trust": 0.3, "vendor": "isc", "version": "9.2.6" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.1" }, { "model": "esx server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.4" }, { "model": "bind a2", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.4" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "call manager es40", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0" }, { "model": "server", "scope": "ne", "trust": 0.3, "vendor": "filezilla", "version": "0.9.19" }, { "model": "call manager es50", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "novell linux desktop", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "amc", "scope": "eq", "trust": 0.3, "vendor": "arkoon", "version": "1.0/5" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.3" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "5.5.4" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.3.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "8.1.7" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "2.0.2" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.1" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.6" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "security agent", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.5.1.659" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "openpkg", "scope": "eq", "trust": 0.3, "vendor": "openpkg", "version": "2.4" }, { "model": "converged communications server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "reflection for secure it sp1", "scope": "ne", "trust": 0.3, "vendor": "attachmate", "version": "7.0" }, { "model": "filezilla", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "2.2.22" }, { "model": "bind a3", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.4" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "ace", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0" }, { "model": "hardware management console for iseries r3.3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "reflection for secure it", "scope": "eq", "trust": 0.3, "vendor": "attachmate", "version": "7.0" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.0.2" }, { "model": "grid engine update1", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.0" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.5" }, { "model": "css11500 content services switch", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.5" }, { "model": "s8500 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.8.4" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.2.2" }, { "model": "gss global site selector", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "44900" }, { "model": "s8700 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.1" }, { "model": "hp-ux b.11.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "project openssl beta2", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "workcentre pro", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "255" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.8.2" }, { "model": "call manager es56", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.0" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "2.0.3" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.10" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0x86" }, { "model": "predictive dialing system", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "11.11" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.9" }, { "model": "bind -p1", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.3.2" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "9.0" }, { "model": "ipcop", "scope": "eq", "trust": 0.3, "vendor": "ipcop", "version": "1.4.12" }, { "model": "hardware management console for iseries r1.0", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.5" }, { "model": "esx server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "3.0" }, { "model": "personal", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "unitedlinux", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "1.0" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3.3" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "1.4.1" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.3" }, { "model": "project openssl e", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "predictive dialer", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "0" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "ftp server", "scope": "ne", "trust": 0.3, "vendor": "serv u", "version": "6.3.3.1" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.1(2)" }, { "model": "project openssl f", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.0" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "openpkg", "scope": "eq", "trust": 0.3, "vendor": "openpkg", "version": "2.2" }, { "model": "ftp server", "scope": "eq", "trust": 0.3, "vendor": "serv u", "version": "6.1.0.0" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "works common services", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2.2" }, { "model": "-release-p20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "bind b3", "scope": "ne", "trust": 0.3, "vendor": "isc", "version": "9.4" }, { "model": "linux personal x86 64", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.3" }, { "model": "grid engine update2", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.0" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0.3" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.2.8" }, { "model": "appliance server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "2.0" }, { "model": "esx server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.3" }, { "model": "bind b1", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.3.3" }, { "model": "red hat network satellite (for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4)5.1" }, { "model": "filezilla", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "2.2.15" }, { "model": "hardware management console for iseries", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "secure linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.2" }, { "model": "security mars", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.2.2" }, { "model": "gss global site selector", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4480" }, { "model": "call manager sr1", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "linux professional", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.0" }, { "model": "unified presence server", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "1.0" }, { "model": "predictive dialing system", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "11.0" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.4" }, { "model": "project openssl l", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "ons", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154548.0" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.1" }, { "model": "hardware management console for pseries r4.0", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.5" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0.2.2" }, { "model": "linux lts sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "ipcop", "scope": "ne", "trust": 0.3, "vendor": "ipcop", "version": "1.4.13" }, { "model": "insight management agents for tru64 unix", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "3.5.2" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.1" }, { "model": "call manager es33", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.2" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "5.5.5" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0.1" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "ace", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.2.3" }, { "model": "s8300 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "openpkg", "scope": "eq", "trust": 0.3, "vendor": "openpkg", "version": "2.0" }, { "model": "call manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.3.1" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.4.1" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.5" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.8" }, { "model": "f...", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.3" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154543.0" }, { "model": "beta11", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0" }, { "model": "ssl360", "scope": "eq", "trust": 0.3, "vendor": "arkoon", "version": "2.0/2" }, { "model": "grid engine 32-bit sparc", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "5.3" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.6" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "3.3.1" }, { "model": "enterprise linux ws ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0.2.1" }, { "model": "hardware management console for pseries r3.6", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "s8710 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3.2" }, { "model": "openpkg", "scope": "eq", "trust": 0.3, "vendor": "openpkg", "version": "2.3" }, { "model": "hp-ux b.11.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "filezilla", "scope": "ne", "trust": 0.3, "vendor": "filezilla", "version": "2.2.28" }, { "model": "fast360", "scope": "eq", "trust": 0.3, "vendor": "arkoon", "version": "4.0/4" }, { "model": "bind rc1", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.3.3" }, { "model": "bind b", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.3.3" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "novell linux desktop", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "1.0" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.0.1" }, { "model": "linux personal x86 64", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.2" }, { "model": "project openssl e", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "ciscoworks common management foundation", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.8.9" }, { "model": "hardware management console for pseries r3.1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.4" }, { "model": "computing snapgear sg710", "scope": "eq", "trust": 0.3, "vendor": "secure", "version": "0" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.3" }, { "model": "call manager es62", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "solaris 9 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "workstation build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "5.5.444386" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.8.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.3.132" }, { "model": "fast360", "scope": "ne", "trust": 0.3, "vendor": "arkoon", "version": "4.0/5" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.2.2" }, { "model": "css11500 content services switch s", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "7.10" }, { "model": "download accelarator", "scope": "eq", "trust": 0.3, "vendor": "prozilla", "version": "1.2.1" }, { "model": "groupware server", "scope": "eq", "trust": 0.3, "vendor": "kolab", "version": "2.0.1" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3.1" }, { "model": "bind b1", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.4" }, { "model": "fast360", "scope": "eq", "trust": 0.3, "vendor": "arkoon", "version": "4.0/1" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "3.2" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "255" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "secure acs build", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "4.1(1)23" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.2" }, { "model": "sip proxy server", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "workcentre pro", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "238" }, { "model": "openvms secure web server", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "2.2" }, { "model": "project openssl k", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "enterprise linux as ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2" }, { "model": "server b", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.8" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "esx server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.1.3" }, { "model": "ace", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "2.0.3" }, { "model": "workcentre pro", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "275" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.10" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2.3" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "bind b2", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.4" }, { "model": "linux lts powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "grid engine update3", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.0" }, { "model": "s8500", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "0" }, { "model": "project openssl beta3", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.10" }, { "model": "netbsd", "scope": "eq", "trust": 0.3, "vendor": "netbsd", "version": "3.0.2" }, { "model": "esx server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0.2" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.5.1.639" }, { "model": "workcentre pro", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "245" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.5" }, { "model": "openvpn", "scope": "ne", "trust": 0.3, "vendor": "openvpn", "version": "2.0.9" }, { "model": "firewall", "scope": "ne", "trust": 0.3, "vendor": "ingate", "version": "4.5.2" }, { "model": "linux m68k", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4.0" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "ftp server", "scope": "eq", "trust": 0.3, "vendor": "serv u", "version": "6.1.0.4" }, { "model": "linux hppa", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "netbsd", "scope": "eq", "trust": 0.3, "vendor": "netbsd", "version": "3.0.1" }, { "model": "workstation build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "5.5.342958" }, { "model": "messaging storage server mm3.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "grid engine 64-bit sparc", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "5.3" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "s8500 cm", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "s8710 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "hat red hat network satellite server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "4.2" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "5.1.79" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.0" }, { "model": "netbsd", "scope": "eq", "trust": 0.3, "vendor": "netbsd", "version": "3.1" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "openvpn", "scope": "eq", "trust": 0.3, "vendor": "openvpn", "version": "2.0.7" }, { "model": "grid engine update4", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "ons mspp", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154540" }, { "model": "5.4-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "ftp server", "scope": "eq", "trust": 0.3, "vendor": "serv u", "version": "6.3.30" }, { "model": "project openssl j", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl d", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.0.3.728" }, { "model": "call manager", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.3(1)" }, { "model": "linux -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "bind -p2", "scope": "ne", "trust": 0.3, "vendor": "isc", "version": "9.3.2" }, { "model": "grid engine update6", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "6.0" }, { "model": "ciscoworks common management foundation", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "2.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "home", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.4" }, { "model": "bind a6", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.4" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154543.3" }, { "model": "hardware management console for iseries r2.1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.3" }, { "model": "tru64 b-4", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.1" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.4.1" }, { "model": "message networking", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "call manager es55", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.0" }, { "model": "css11500 content services switch", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.1" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.5" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "8.0" }, { "model": "server 0.9.4e", "scope": null, "trust": 0.3, "vendor": "filezilla", "version": null }, { "model": "player build", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "2.0.380004" }, { "model": "tru64 b-3", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.1" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "security agent", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.5.1.657" }, { "model": "secure enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "3.3.1" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "project openssl k", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "advanced workstation for the itanium processor", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "265" }, { "model": "call manager es24", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "4.1" }, { "model": "hardware management console for pseries", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.2.1" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.3.2" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.3" }, { "model": "gss global site selector", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "44910" }, { "model": "s8300 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "computing snapgear u2", "scope": "ne", "trust": 0.3, "vendor": "secure", "version": "3.1.4" }, { "model": "novell linux pos", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9" }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154542.3(5)" }, { "model": "ssl360", "scope": "eq", "trust": 0.3, "vendor": "arkoon", "version": "1.0" }, { "model": "ftp server", "scope": "eq", "trust": 0.3, "vendor": "serv u", "version": "6.01" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "4.5.1" }, { "model": "intrusion detection system 4.1", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "project openssl beta1", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.9.6" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "filezilla", "version": "0.8.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0.2" }, { "model": "download accelarator", "scope": "eq", "trust": 0.3, "vendor": "prozilla", "version": "1.3.2" }, { "model": "solaris 10 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.3" }, { "model": "siparator", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "3.2" }, { "model": "s8700 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "computing snapgear sg580", "scope": "eq", "trust": 0.3, "vendor": "secure", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.4" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.1.3" }, { "model": "system management homepage", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "2.1.8" }, { "model": "ons 15454e optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.1-1" }, { "model": "application control engine module", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1.1" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.1" }, { "model": "firewall", "scope": "eq", "trust": 0.3, "vendor": "ingate", "version": "3.2.1" }, { "model": "solaris 9 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "project openssl m", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "gss global site selector", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "44920" }, { "model": "project openssl l", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "linux professional", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.2" }, { "model": "suse linux openexchange server", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "4.0" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "238" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.5" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.2" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2007.0" }, { "model": "server build", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "1.0.580187" }, { "model": "ons mstp", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154540" }, { "model": "project openssl j", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "ssl360", "scope": "ne", "trust": 0.3, "vendor": "arkoon", "version": "2.0/3" }, { "model": "multimedia", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "ons optical transport platform", "scope": "eq", "trust": 0.3, "vendor": "cisco", "version": "154544.0(2)" } ], "sources": [ { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "BID", "id": "20247" }, { "db": "CNNVD", "id": "CNNVD-200609-533" }, { "db": "NVD", "id": "CVE-2006-2940" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2006-2940" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield", "sources": [ { "db": "CNNVD", "id": "CNNVD-200609-533" } ], "trust": 0.6 }, "cve": "CVE-2006-2940", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 6.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2006-2940", "trust": 1.0, "value": "HIGH" }, { "author": "CARNEGIE MELLON", "id": "VU#386964", "trust": 0.8, "value": "0.32" }, { "author": "CARNEGIE MELLON", "id": "VU#845620", "trust": 0.8, "value": "7.56" }, { "author": "CNNVD", "id": "CNNVD-200609-533", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "CNNVD", "id": "CNNVD-200609-533" }, { "db": "NVD", "id": "CVE-2006-2940" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I\notH/juFiPayhwdxQwX1pZwdm\n=e4BA\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2006-2940" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "BID", "id": "20247" }, { "db": "PACKETSTORM", "id": "50535" }, { "db": "PACKETSTORM", "id": "53990" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "BID", "id": "22083", "trust": 2.6 }, { "db": "NVD", "id": "CVE-2006-2940", "trust": 2.1 }, { "db": "SECUNIA", "id": "23280", "trust": 1.8 }, { "db": "SECUNIA", "id": "23309", "trust": 1.8 }, { "db": "BID", "id": "20247", "trust": 1.3 }, { "db": "SECUNIA", "id": "22260", "trust": 1.0 }, { "db": "SECUNIA", "id": "22799", "trust": 1.0 }, { "db": "SECUNIA", "id": "23340", "trust": 1.0 }, { "db": "SECUNIA", "id": "22671", "trust": 1.0 }, { "db": "SECUNIA", "id": "25889", "trust": 1.0 }, { "db": "SECUNIA", "id": "23794", "trust": 1.0 }, { "db": "SECUNIA", "id": "22330", "trust": 1.0 }, { "db": "SECUNIA", "id": "22172", "trust": 1.0 }, { "db": "SECUNIA", "id": "22500", "trust": 1.0 }, { "db": "SECUNIA", "id": "26329", "trust": 1.0 }, { "db": "SECUNIA", "id": "22216", "trust": 1.0 }, { "db": "SECUNIA", "id": "22193", "trust": 1.0 }, { "db": "SECUNIA", "id": "22772", "trust": 1.0 }, { "db": "SECUNIA", "id": "22166", "trust": 1.0 }, { "db": "SECUNIA", "id": "22385", "trust": 1.0 }, { "db": "SECUNIA", "id": "22626", "trust": 1.0 }, { "db": "SECUNIA", "id": "31531", "trust": 1.0 }, { "db": "SECUNIA", "id": "22460", "trust": 1.0 }, { "db": "SECUNIA", "id": "23680", "trust": 1.0 }, { "db": "SECUNIA", "id": "22544", "trust": 1.0 }, { "db": "SECUNIA", "id": "22212", "trust": 1.0 }, { "db": "SECUNIA", "id": "22165", "trust": 1.0 }, { "db": "SECUNIA", "id": "23915", "trust": 1.0 }, { "db": "SECUNIA", "id": "23351", "trust": 1.0 }, { "db": "SECUNIA", "id": "22207", "trust": 1.0 }, { "db": "SECUNIA", "id": "26893", "trust": 1.0 }, { "db": "SECUNIA", "id": "22130", "trust": 1.0 }, { "db": "SECUNIA", "id": "30124", "trust": 1.0 }, { "db": "SECUNIA", "id": "22220", "trust": 1.0 }, { "db": "SECUNIA", "id": "22298", "trust": 1.0 }, { "db": "SECUNIA", "id": "22487", "trust": 1.0 }, { "db": "SECUNIA", "id": "22758", "trust": 1.0 }, { "db": "SECUNIA", "id": "22094", "trust": 1.0 }, { "db": "SECUNIA", "id": "23038", "trust": 1.0 }, { "db": "SECUNIA", "id": "24950", "trust": 1.0 }, { "db": "SECUNIA", "id": "22116", "trust": 1.0 }, { "db": "SECUNIA", "id": "22284", "trust": 1.0 }, { "db": "SECUNIA", "id": "23155", "trust": 1.0 }, { "db": "SECUNIA", "id": "22186", "trust": 1.0 }, { "db": "SECUNIA", "id": "22259", "trust": 1.0 }, { "db": "SECUNIA", "id": "22240", "trust": 1.0 }, { "db": "SECUNIA", "id": "31492", "trust": 1.0 }, { "db": "SECUNIA", "id": "24930", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-3936", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-4019", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2007-1401", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-4264", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-3860", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-4750", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-4036", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-4417", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-4980", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-4329", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2007-2315", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2007-0343", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2008-2396", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-3820", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-3869", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-4401", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2008-0905", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-3902", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2006-4327", "trust": 1.0 }, { "db": "VUPEN", "id": "ADV-2007-2783", "trust": 1.0 }, { "db": "OSVDB", "id": "29261", "trust": 1.0 }, { "db": "SECTRACK", "id": "1016943", "trust": 1.0 }, { "db": "SECTRACK", "id": "1017522", "trust": 1.0 }, { "db": "USCERT", "id": "TA06-333A", "trust": 1.0 }, { "db": "BID", "id": "28276", "trust": 1.0 }, { "db": "BID", "id": "20246", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#386964", "trust": 0.8 }, { "db": "SECUNIA", "id": "21709", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#845620", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2022.0696", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-200609-533", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "50535", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "53990", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "BID", "id": "20247" }, { "db": "PACKETSTORM", "id": "50535" }, { "db": "PACKETSTORM", "id": "53990" }, { "db": "CNNVD", "id": "CNNVD-200609-533" }, { "db": "NVD", "id": "CVE-2006-2940" } ] }, "id": "VAR-200609-0998", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.30152614 }, "last_update_date": "2024-05-25T20:18:12.504000Z", "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-399", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2006-2940" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "http://www.securityfocus.com/bid/22083" }, { "trust": 1.8, "url": "http://www.openssl.org/news/secadv_20060928.txt" }, { "trust": 1.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm" }, { "trust": 1.3, "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml" }, { "trust": 1.1, "url": "http://issues.rpath.com/browse/rpl-613" }, { "trust": 1.0, "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc" }, { "trust": 1.0, "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc" }, { "trust": 1.0, "url": "http://docs.info.apple.com/article.html?artnum=304829" }, { "trust": 1.0, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771" }, { "trust": 1.0, "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100" }, { "trust": 1.0, "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540" }, { "trust": 1.0, "url": "http://kolab.org/security/kolab-vendor-notice-11.txt" }, { "trust": 1.0, "url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html" }, { "trust": 1.0, "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html" }, { "trust": 1.0, "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html" }, { "trust": 1.0, "url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "trust": 1.0, "url": "http://openbsd.org/errata.html#openssl2" }, { "trust": 1.0, "url": "http://openvpn.net/changelog.html" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22094" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22116" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22130" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22165" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22166" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22172" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22186" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22193" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22207" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22212" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22216" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22220" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22240" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22259" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22260" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22284" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22298" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22330" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22385" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22460" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22487" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22500" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22544" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22626" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22671" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22758" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22772" }, { "trust": 1.0, "url": "http://secunia.com/advisories/22799" }, { "trust": 1.0, "url": "http://secunia.com/advisories/23038" }, { "trust": 1.0, "url": "http://secunia.com/advisories/23155" }, { "trust": 1.0, "url": "http://secunia.com/advisories/23280" }, { "trust": 1.0, "url": "http://secunia.com/advisories/23309" }, { "trust": 1.0, "url": "http://secunia.com/advisories/23340" }, { "trust": 1.0, "url": "http://secunia.com/advisories/23351" }, { "trust": 1.0, "url": "http://secunia.com/advisories/23680" }, { "trust": 1.0, "url": "http://secunia.com/advisories/23794" }, { "trust": 1.0, "url": "http://secunia.com/advisories/23915" }, { "trust": 1.0, "url": "http://secunia.com/advisories/24930" }, { "trust": 1.0, "url": "http://secunia.com/advisories/24950" }, { "trust": 1.0, "url": "http://secunia.com/advisories/25889" }, { "trust": 1.0, "url": "http://secunia.com/advisories/26329" }, { "trust": 1.0, "url": "http://secunia.com/advisories/26893" }, { "trust": 1.0, "url": "http://secunia.com/advisories/30124" }, { "trust": 1.0, "url": "http://secunia.com/advisories/31492" }, { "trust": 1.0, "url": "http://secunia.com/advisories/31531" }, { "trust": 1.0, "url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc" }, { "trust": 1.0, "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml" }, { "trust": 1.0, "url": "http://securitytracker.com/id?1016943" }, { "trust": 1.0, "url": "http://securitytracker.com/id?1017522" }, { "trust": 1.0, "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946" }, { "trust": 1.0, "url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227" }, { "trust": 1.0, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1" }, { "trust": 1.0, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1" }, { "trust": 1.0, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1" }, { "trust": 1.0, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1" }, { "trust": 1.0, "url": "http://support.attachmate.com/techdocs/2374.html" }, { "trust": 1.0, "url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm" }, { "trust": 1.0, "url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf" }, { "trust": 1.0, "url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf" }, { "trust": 1.0, "url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html" }, { "trust": 1.0, "url": "http://www.debian.org/security/2006/dsa-1185" }, { "trust": 1.0, "url": "http://www.debian.org/security/2006/dsa-1195" }, { "trust": 1.0, "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml" }, { "trust": 1.0, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172" }, { "trust": 1.0, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177" }, { "trust": 1.0, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178" }, { "trust": 1.0, "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html" }, { "trust": 1.0, "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html" }, { "trust": 1.0, "url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html" }, { "trust": 1.0, "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" }, { "trust": 1.0, "url": "http://www.osvdb.org/29261" }, { "trust": 1.0, "url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html" }, { "trust": 1.0, "url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded" }, { "trust": 1.0, "url": "http://www.securityfocus.com/bid/20247" }, { "trust": 1.0, "url": "http://www.securityfocus.com/bid/28276" }, { "trust": 1.0, "url": "http://www.serv-u.com/releasenotes/" }, { "trust": 1.0, "url": "http://www.trustix.org/errata/2006/0054" }, { "trust": 1.0, "url": "http://www.ubuntu.com/usn/usn-353-1" }, { "trust": 1.0, "url": "http://www.ubuntu.com/usn/usn-353-2" }, { "trust": 1.0, "url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en" }, { "trust": 1.0, "url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html" }, { "trust": 1.0, "url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" }, { "trust": 1.0, "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/3820" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/3860" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/3869" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/3902" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/3936" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/4019" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/4036" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/4264" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/4327" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/4329" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/4401" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/4417" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/4750" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/4980" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2007/0343" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2007/1401" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2007/2315" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2007/2783" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2008/0905/references" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2008/2396" }, { "trust": 1.0, "url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf" }, { "trust": 1.0, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230" }, { "trust": 1.0, "url": "https://issues.rpath.com/browse/rpl-1633" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311" }, { "trust": 1.0, "url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu%23386964/index.html" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23280/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23309/" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/20246" }, { "trust": 0.8, "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html" }, { "trust": 0.8, "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/" }, { "trust": 0.8, "url": "http://www.openssl.org/news/secadv_20060905.txt " }, { "trust": 0.8, "url": "http://secunia.com/advisories/21709/" }, { "trust": 0.8, "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125" }, { "trust": 0.8, "url": "http://www.ietf.org/rfc/rfc3447.txt" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0696" }, { "trust": 0.3, "url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php" }, { "trust": 0.3, "url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2" }, { "trust": 0.3, "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml" }, { "trust": 0.3, "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html" }, { "trust": 0.3, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144" }, { "trust": 0.3, "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100" }, { "trust": 0.3, "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html" }, { "trust": 0.3, "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0" }, { "trust": 0.3, "url": "http://www.ingate.com/relnote-452.php" }, { "trust": 0.3, "url": "http://www.cyberguard.info/snapgear/releases.html" }, { "trust": 0.3, "url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf" }, { "trust": 0.3, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause=" }, { "trust": 0.3, "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603" }, { "trust": 0.3, "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html" }, { "trust": 0.3, "url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1" }, { "trust": 0.3, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause=" }, { "trust": 0.3, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause=" }, { "trust": 0.3, "url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf" }, { "trust": 0.1, "url": "http://secunia.com/" }, { "trust": 0.1, "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940" }, { "trust": 0.1, "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738" }, { "trust": 0.1, "url": "http://lists.grok.org.uk/full-disclosure-charter.html" }, { "trust": 0.1, "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937" }, { "trust": 0.1, "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339" }, { "trust": 0.1, "url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940" }, { "trust": 0.1, "url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa" }, { "trust": 0.1, "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do" }, { "trust": 0.1, "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738" }, { "trust": 0.1, "url": "http://h30046.www3.hp.com/subsignin.php" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969" } ], "sources": [ { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "BID", "id": "20247" }, { "db": "PACKETSTORM", "id": "50535" }, { "db": "PACKETSTORM", "id": "53990" }, { "db": "CNNVD", "id": "CNNVD-200609-533" }, { "db": "NVD", "id": "CVE-2006-2940" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "BID", "id": "20247" }, { "db": "PACKETSTORM", "id": "50535" }, { "db": "PACKETSTORM", "id": "53990" }, { "db": "CNNVD", "id": "CNNVD-200609-533" }, { "db": "NVD", "id": "CVE-2006-2940" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2006-09-28T00:00:00", "db": "CERT/CC", "id": "VU#386964" }, { "date": "2006-09-11T00:00:00", "db": "CERT/CC", "id": "VU#845620" }, { "date": "2006-09-28T00:00:00", "db": "BID", "id": "20247" }, { "date": "2006-10-04T00:44:50", "db": "PACKETSTORM", "id": "50535" }, { "date": "2007-01-27T02:35:42", "db": "PACKETSTORM", "id": "53990" }, { "date": "2001-10-16T00:00:00", "db": "CNNVD", "id": "CNNVD-200609-533" }, { "date": "2006-09-28T18:07:00", "db": "NVD", "id": "CVE-2006-2940" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-07-22T00:00:00", "db": "CERT/CC", "id": "VU#386964" }, { "date": "2007-02-08T00:00:00", "db": "CERT/CC", "id": "VU#845620" }, { "date": "2011-05-09T19:53:00", "db": "BID", "id": "20247" }, { "date": "2022-02-18T00:00:00", "db": "CNNVD", "id": "CNNVD-200609-533" }, { "date": "2018-10-18T16:44:22.137000", "db": "NVD", "id": "CVE-2006-2940" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "50535" }, { "db": "CNNVD", "id": "CNNVD-200609-533" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL SSLv2 client code fails to properly check for NULL", "sources": [ { "db": "CERT/CC", "id": "VU#386964" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-200609-533" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.