var-200712-0594
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. This issue affects the following: - The 'mod_imagemap' module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0 - The 'mod_imap' module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
A flaw found in the mod_status module could lead to a cross-site scripting attack on sites where mod_status was enabled and the status pages were publically available (CVE-2007-6388).
A flaw found in the mod_proxy_balancer module could lead to a cross-site scripting attack against an authorized user on sites where mod_proxy_balancer was enabled (CVE-2007-6421).
Another flaw in the mod_proxy_balancer module was found where, on sites with the module enabled, an authorized user could send a carefully crafted request that would cause the apache child process handling the request to crash, which could lead to a denial of service if using a threaded MPM (CVE-2007-6422).
A flaw found in the mod_proxy_ftp module could lead to a cross-site scripting attack against web browsers which do not correctly derive the response character set following the rules in RFC 2616, on sites where the mod_proxy_ftp module was enabled (CVE-2008-0005).
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
Updated Packages:
Mandriva Linux 2007.0: 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.1: cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2008.0: cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Corporate 4.0: 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFHjmhKmqjQ0CJFipgRAkyLAJ4jEFMu2rAIE8XH60UDFYapm8fGgwCfaHL0 O/KXRt/gdgAAug5/9/aFGGA= =YkQ1 -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.1 or earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01607570 Version: 1
HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-19 Last Updated: 2008-11-19
Potential Security Impact: Remote cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).
References: CVE-2007-6388, CVE-2007-5000
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve the vulnerabilities.
The patches are available from http://itrc.hp.com
OV NNM v7.53
Operating_System - HP-UX (IA) Resolved in Patch - PHSS_38148 or subsequent
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38147 or subsequent
Operating_System - Linux RedHatAS2.1 Resolved in Patch - LXOV_00085 or subsequent
Operating_System - Linux RedHat4AS-x86_64 Resolved in Patch - LXOV_00086 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03514 or subsequent
OV NNM v7.51
Upgrade to NNM v7.53 and install the patches listed above.
OV NNM v7.01
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38761 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03516 or subsequent
MANUAL ACTIONS: Yes - NonUpdate Apply the appropriate file as described in the Resolution.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS (for HP-UX)
For HP-UX OV NNM 7.53 HP-UX B.11.31 HP-UX B.11.23 (IA) ============= OVNNMgr.OVNNM-RUN action: install PHSS_38148 or subsequent URL: http://itrc.hp.com
HP-UX B.11.23 (PA) HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38147 or subsequent URL: http://itrc.hp.com
For HP-UX OV NNM 7.51 HP-UX B.11.31 HP-UX B.11.23 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches
For HP-UX OV NNM 7.01 HP-UX B.11.00 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38761 or subsequent URL: http://itrc.hp.com
END AFFECTED VERSIONS (for HP-UX)
HISTORY Version:1 (rev.1) - 19 November 2008 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs A2UIaH3YB7z+o42Tm7Eg7ahn =lskD -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200712-0594", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "http server", "scope": "eq", "trust": 2.1, "vendor": "oracle", "version": "10.1.3.5.0" }, { "model": "http server", "scope": "lte", "trust": 1.8, "vendor": "apache", "version": "1.3.39" }, { "model": "http server", "scope": "lte", "trust": 1.8, "vendor": "apache", "version": "2.0.61" }, { "model": "http server", "scope": "lte", "trust": 1.8, "vendor": "apache", "version": "2.2.6" }, { "model": "linux enterprise server", "scope": "eq", "trust": 1.3, "vendor": "suse", "version": "9" }, { "model": "server", "scope": "eq", "trust": 1.1, "vendor": "turbolinux", "version": "11" }, { "model": "personal", "scope": null, "trust": 1.1, "vendor": "turbolinux", "version": null }, { "model": "fuji", "scope": null, "trust": 1.1, "vendor": "turbolinux", "version": null }, { "model": "appliance server", "scope": "eq", "trust": 1.1, "vendor": "turbolinux", "version": "2.0" }, { "model": "http server", "scope": "eq", "trust": 1.1, "vendor": "ibm", "version": "2.0.47.1" }, { "model": "http server", "scope": "eq", "trust": 1.1, "vendor": "ibm", "version": "6.0.2.27" }, { "model": "http server", "scope": "eq", "trust": 1.1, "vendor": "ibm", "version": "1.3.28.1" }, { "model": "multimedia", "scope": null, "trust": 1.1, "vendor": "turbolinux", "version": null }, { "model": "opensuse", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "10.3" }, { "model": "http server", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "1.3.0" }, { "model": "linux enterprise server", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "10" }, { "model": "opensuse", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "10.2" }, { "model": "http server", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.2.0" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "6.06" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "6.10" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "7.04" }, { "model": "linux enterprise desktop", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "9" }, { "model": "http server", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.0.35" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "8" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "7.10" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "7" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.4.11" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.5.2" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.4.11" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.5.2" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 (x86)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 (x86-64)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0 (x86-64)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0 (x86-64)" }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage apworks", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage job workload server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage studio", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage web server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "systemwalker resource coordinator", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard l p", "version": "11.11" }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard l p", "version": "11.23" }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard l p", "version": "11.31" }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "enterprise version 6" }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard version 6" }, { "model": "cosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "version 5" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "light version 6" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "professional version 6" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard version 6" }, { "model": "cosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "version 5" }, { "model": "cosminexus server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "enterprise edition" }, { "model": "cosminexus server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard edition" }, { "model": "cosminexus server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard edition version 4" }, { "model": "cosminexus server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "web edition" }, { "model": "cosminexus server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "web edition version 4" }, { "model": "web server", "scope": null, "trust": 0.8, "vendor": "hitachi", "version": null }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "enterprise" }, { "model": "ucosminexus application server", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "light" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "professional" }, { "model": "ucosminexus developer", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "standard" }, { "model": "ucosminexus service", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "architect" }, { "model": "ucosminexus service", "scope": "eq", "trust": 0.8, "vendor": "hitachi", "version": "platform" }, { "model": "http server", "scope": "eq", "trust": 0.8, "vendor": "ibm", "version": "6.1.0.15" }, { "model": "wanbooster", "scope": null, "trust": 0.8, "vendor": "nec", "version": null }, { "model": "application stack", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "v1 for enterprise linux as (v.4)" }, { "model": "application stack", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "v1 for enterprise linux es (v.4)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (server)" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3.0" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.0" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5.0 (client)" }, { "model": "linux advanced workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1" }, { "model": "rhel desktop workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (client)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (x86)" }, { "model": "appliance server", "scope": "eq", "trust": 0.8, "vendor": "turbolinux", "version": "1.0 (hosting)" }, { "model": "appliance server", "scope": "eq", "trust": 0.8, "vendor": "turbolinux", "version": "1.0 (workgroup)" }, { "model": "server", "scope": "eq", "trust": 0.8, "vendor": "turbolinux", "version": "10" }, { "model": "server", "scope": "eq", "trust": 0.8, "vendor": "turbolinux", "version": "10 (x64)" }, { "model": "server", "scope": "eq", "trust": 0.8, "vendor": "turbolinux", "version": "11 (x64)" }, { "model": "server", "scope": "eq", "trust": 0.8, "vendor": "turbolinux", "version": "8" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.2.4" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.0.60" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.2.3" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.2.2" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.0.59" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.2.6" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.2" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.2.5" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.0.61" }, { "model": "http server", "scope": "eq", "trust": 0.6, "vendor": "apache", "version": "2.2.1" }, { "model": "interstage job workload server", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.1" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2007.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0" }, { "model": "interstage application server standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.49" }, { "model": "interstage studio enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.1" }, { "model": "certificate server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "openvms secure web server", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "2.2" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.3" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.35" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "multi network firewall", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.0" }, { "model": "hp-ux b.11.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage apworks modelers-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "11x64" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "12.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.50" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.5.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.10" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "2.2.7-dev", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": null }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server plus developer", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.0" }, { "model": "-dev", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.56" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.2.13" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.6" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "rpath", "version": "1" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "9.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.5" }, { "model": "linux lts powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "interstage application server standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.34" }, { "model": "interstage studio standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.28" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10.1x86" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.39" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.10" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.5.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.5" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.32" }, { "model": "ccs", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1.2" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "linux enterprise sdk 10.sp1", "scope": null, "trust": 0.3, "vendor": "suse", "version": null }, { "model": "appliance server hosting edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.51" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "7.04" }, { "model": "ccs", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1.1" }, { "model": "interstage studio enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2007.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.1" }, { "model": "advanced workstation for the itanium processor", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.4" }, { "model": "ccs", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.2" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.6" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.35" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.22" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "novell linux desktop sdk", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.9" }, { "model": "enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "7.04" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "red hat network satellite server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.11" }, { "model": "1.3.40-dev", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": null }, { "model": "enterprise linux ws ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "11.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.8" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.53" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.9" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.3" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "interstage application server plus developer", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "messaging storage server mm3.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.43" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2008.0" }, { "model": "interstage apworks modelers-j edition 6.0a", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.47" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.10" }, { "model": "openview network node manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.51" }, { "model": "interstage application server standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.2" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.55" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.10" }, { "model": "solaris 8 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.20" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.26" }, { "model": "interstage business application server enterprise", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.0" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.2" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.37" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2007.1" }, { "model": "openview network node manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.53" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.14" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.2.19" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.10" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10.1" }, { "model": "hardware management console for pseries r1.3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "linux -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.7" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.33" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.11" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.4" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "interstage apworks standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.1" }, { "model": "linux enterprise server sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "8.1" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.2" }, { "model": "fuji", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2007.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "12.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.3" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.15" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.36" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "7.10" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "9.1" }, { "model": "hardware management console for iseries r1.3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "interstage apworks modelers-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "application stack for enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "v14" }, { "model": "linux lts sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "openview network node manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.01" }, { "model": "appliance server workgroup edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.1" }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "meeting exchange", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "8.0" }, { "model": "solaris 8 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.10" }, { "model": "solaris 10 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.48" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.45" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.12" }, { "model": "communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "7.10" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.38" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "appliance platform linux service", "scope": "eq", "trust": 0.3, "vendor": "rpath", "version": "1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.0.47" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "2.0.61-dev", "scope": null, "trust": 0.3, "vendor": "apache", "version": null }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.46" }, { "model": "2.0.62-dev", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": null }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.5" }, { "model": "interstage application server plus developer", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "ace", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.2" }, { "model": "communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.44" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.24" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "beta", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.28" }, { "model": "apache", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": "2.0.63" }, { "model": "enterprise linux as ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.40" }, { "model": "communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.4" }, { "model": "application stack for enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "v14" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.6" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "network proxy (for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4)5.0" }, { "model": "novell linux pos", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9" }, { "model": "business availability center", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "8.01" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.1-1" }, { "model": "message networking mn", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.39" }, { "model": "open-enterprise-server", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "0" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "fedora", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.8" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2.4" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.19" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1.3" }, { "model": "ace", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.1" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.2" }, { "model": "ccs", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "a9", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.27" }, { "model": "novell linux desktop", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "7.10" }, { "model": "interstage application server enterprise edition a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "10.2" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.9" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.2" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "solaris 10 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.58" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.54" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "7.10" }, { "model": "enterprise linux desktop workstation client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.42" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.28" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.1-1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.3" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.37" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2008.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.52" }, { "model": "intuity audix lx", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "solaris 9 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server standard-j edition a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "9.0" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "solaris 9 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.36" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10.1x86-64" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.32" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "7.04" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.2.12" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.41" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1.4" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.29" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.6" }, { "model": "2.0.60-dev", "scope": null, "trust": 0.3, "vendor": "apache", "version": null }, { "model": "interstage apworks enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.7" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0.0x64" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.17" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.3" }, { "model": "enterprise linux es ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "interstage application server standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.13" }, { "model": "interstage studio standard-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "8.0.1" }, { "model": "apache", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": "1.3.41" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "http server", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.2.23" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.11" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.31" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.59" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "7.04" } ], "sources": [ { "db": "BID", "id": "26838" }, { "db": "JVNDB", "id": "JVNDB-2007-000819" }, { "db": "CNNVD", "id": "CNNVD-200712-135" }, { "db": "NVD", "id": "CVE-2007-5000" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.3.39", "versionStartIncluding": "1.3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.2.6", "versionStartIncluding": "2.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.0.61", "versionStartIncluding": "2.0.35", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2007-5000" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Software Foundation", "sources": [ { "db": "CNNVD", "id": "CNNVD-200712-135" } ], "trust": 0.6 }, "cve": "CVE-2007-5000", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "IPA", "availabilityImpact": "None", "baseScore": 4.3, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2007-000819", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2007-5000", "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2007-5000", "trust": 1.0, "value": "MEDIUM" }, { "author": "IPA", "id": "JVNDB-2007-000819", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-200712-135", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2007-5000", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2007-5000" }, { "db": "JVNDB", "id": "JVNDB-2007-000819" }, { "db": "CNNVD", "id": "CNNVD-200712-135" }, { "db": "NVD", "id": "CVE-2007-5000" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nThis issue affects the following:\n- The \u0027mod_imagemap\u0027 module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0\n- The \u0027mod_imap\u0027 module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n \n A flaw found in the mod_status module could lead to a cross-site\n scripting attack on sites where mod_status was enabled and the status\n pages were publically available (CVE-2007-6388). \n \n A flaw found in the mod_proxy_balancer module could lead to a\n cross-site scripting attack against an authorized user on sites where\n mod_proxy_balancer was enabled (CVE-2007-6421). \n \n Another flaw in the mod_proxy_balancer module was found where,\n on sites with the module enabled, an authorized user could send a\n carefully crafted request that would cause the apache child process\n handling the request to crash, which could lead to a denial of service\n if using a threaded MPM (CVE-2007-6422). \n \n A flaw found in the mod_proxy_ftp module could lead to a cross-site\n scripting attack against web browsers which do not correctly derive\n the response character set following the rules in RFC 2616, on sites\n where the mod_proxy_ftp module was enabled (CVE-2008-0005). \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm\n cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm\n f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm\n 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm\n 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm\n 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm\n fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm\n a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm\n cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm\n 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm\n 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm\n 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm\n dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm\n eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm\n ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm\n 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm\n ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm\n 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm\n a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm\n b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm\n df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm\n c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm\n a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm\n e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm\n 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm\n a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm\n e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm\n 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm\n 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm\n 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm\n 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm\n 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm\n f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm\n a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm\n bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm\n 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm\n 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm\n cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm\n 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm\n 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm\n ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm\n 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm\n 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm\n ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm\n a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm\n d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm\n 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm\n b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm\n 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm\n c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm\n 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm\n e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm\n ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm\n 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm\n f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm\n 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm\n 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm\n eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm\n 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm\n 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm\n ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm\n 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm\n 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm\n 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm\n 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm\n 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm\n 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm\n 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm\n ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm\n 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm\n c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm\n 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm\n 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm\n 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm\n 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm\n e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm\n 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm\n c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm\n 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm\n e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm\n 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm\n e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm\n 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm\n d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm\n e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Corporate 4.0:\n 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm\n 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm\n 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm\n 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm\n 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm\n eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm\n 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm\n b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm\n 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm\n afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm\n 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm\n eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm\n 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm\n 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm\n dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm\n ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm\n d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm\n bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.8 (GNU/Linux)\n\niD8DBQFHjmhKmqjQ0CJFipgRAkyLAJ4jEFMu2rAIE8XH60UDFYapm8fGgwCfaHL0\nO/KXRt/gdgAAug5/9/aFGGA=\n=YkQ1\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.1 or earlier. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01607570\nVersion: 1\n\nHPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-11-19\nLast Updated: 2008-11-19\n\nPotential Security Impact: Remote cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). \n\nReferences: CVE-2007-6388, CVE-2007-5000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has made patches available to resolve the vulnerabilities. \n\nThe patches are available from http://itrc.hp.com \n\nOV NNM v7.53 \n===========\nOperating_System - HP-UX (IA)\nResolved in Patch - PHSS_38148 or subsequent\n \nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38147 or subsequent\n \nOperating_System - Linux RedHatAS2.1 \nResolved in Patch - LXOV_00085 or subsequent\n \nOperating_System - Linux RedHat4AS-x86_64 \nResolved in Patch - LXOV_00086 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03514 or subsequent\n \nOV NNM v7.51 \n===========\nUpgrade to NNM v7.53 and install the patches listed above. \n\nOV NNM v7.01 \n===========\nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38761 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03516 or subsequent\n \n\nMANUAL ACTIONS: Yes - NonUpdate \nApply the appropriate file as described in the Resolution. \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS (for HP-UX)\n\nFor HP-UX OV NNM 7.53 \nHP-UX B.11.31 \nHP-UX B.11.23 (IA) \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38148 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.23 (PA) \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38147 or subsequent \nURL: http://itrc.hp.com \n\nFor HP-UX OV NNM 7.51 \nHP-UX B.11.31 \nHP-UX B.11.23 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches \n\nFor HP-UX OV NNM 7.01 \nHP-UX B.11.00 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38761 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS (for HP-UX)\n\nHISTORY \nVersion:1 (rev.1) - 19 November 2008 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs\nA2UIaH3YB7z+o42Tm7Eg7ahn\n=lskD\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2007-5000" }, { "db": "JVNDB", "id": "JVNDB-2007-000819" }, { "db": "BID", "id": "26838" }, { "db": "VULMON", "id": "CVE-2007-5000" }, { "db": "PACKETSTORM", "id": "89987" }, { "db": "PACKETSTORM", "id": "80533" }, { "db": "PACKETSTORM", "id": "62719" }, { "db": "PACKETSTORM", "id": "62721" }, { "db": "PACKETSTORM", "id": "101257" }, { "db": "PACKETSTORM", "id": "63217" }, { "db": "PACKETSTORM", "id": "72120" } ], "trust": 2.61 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2007-5000", "trust": 3.5 }, { "db": "SECUNIA", "id": "28046", "trust": 2.5 }, { "db": "SECUNIA", "id": "28073", "trust": 2.5 }, { "db": "BID", "id": "26838", "trust": 2.0 }, { "db": "USCERT", "id": "TA08-150A", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2007-4201", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2008-0178", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2008-0809", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2007-4202", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2008-1875", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2008-0084", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2007-4301", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2008-1623", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2008-1224", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2008-0398", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2008-0924", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2008-1697", "trust": 1.7 }, { "db": "SECUNIA", "id": "29988", "trust": 1.7 }, { "db": "SECUNIA", "id": "29420", "trust": 1.7 }, { "db": "SECUNIA", "id": "28081", "trust": 1.7 }, { "db": "SECUNIA", "id": "28471", "trust": 1.7 }, { "db": "SECUNIA", "id": "28375", "trust": 1.7 }, { "db": "SECUNIA", "id": "28749", "trust": 1.7 }, { "db": "SECUNIA", "id": "28467", "trust": 1.7 }, { "db": "SECUNIA", "id": "28526", "trust": 1.7 }, { "db": "SECUNIA", "id": "28922", "trust": 1.7 }, { "db": "SECUNIA", "id": "28750", "trust": 1.7 }, { "db": "SECUNIA", "id": "28607", "trust": 1.7 }, { "db": "SECUNIA", "id": "29640", "trust": 1.7 }, { "db": "SECUNIA", "id": "28525", "trust": 1.7 }, { "db": "SECUNIA", "id": "32800", "trust": 1.7 }, { "db": "SECUNIA", "id": "30732", "trust": 1.7 }, { "db": "SECUNIA", "id": "29806", "trust": 1.7 }, { "db": "SECUNIA", "id": "28977", "trust": 1.7 }, { "db": "SECUNIA", "id": "30430", "trust": 1.7 }, { "db": "SECUNIA", "id": "31142", "trust": 1.7 }, { "db": "SECUNIA", "id": "30356", "trust": 1.7 }, { "db": "SECUNIA", "id": "28196", "trust": 1.7 }, { "db": "SECTRACK", "id": "1019093", "trust": 1.7 }, { "db": "OSVDB", "id": "39134", "trust": 1.7 }, { "db": "JVN", "id": "JVN80057925", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2007-000819", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200712-135", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2007-5000", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "89987", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "80533", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "62719", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "62721", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "101257", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "63217", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "72120", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2007-5000" }, { "db": "BID", "id": "26838" }, { "db": "JVNDB", "id": "JVNDB-2007-000819" }, { "db": "PACKETSTORM", "id": "89987" }, { "db": "PACKETSTORM", "id": "80533" }, { "db": "PACKETSTORM", "id": "62719" }, { "db": "PACKETSTORM", "id": "62721" }, { "db": "PACKETSTORM", "id": "101257" }, { "db": "PACKETSTORM", "id": "63217" }, { "db": "PACKETSTORM", "id": "72120" }, { "db": "CNNVD", "id": "CNNVD-200712-135" }, { "db": "NVD", "id": "CVE-2007-5000" } ] }, "id": "VAR-200712-0594", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.15801565 }, "last_update_date": "2024-07-23T21:01:17.067000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Fixed in Apache httpd 1.3.41", "trust": 0.8, "url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.41" }, { "title": "Fixed in Apache httpd 2.0.63", "trust": 0.8, "url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.63" }, { "title": "Fixed in Apache httpd 2.2.8", "trust": 0.8, "url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.8" }, { "title": "Revision 603282", "trust": 0.8, "url": "http://svn.apache.org/viewvc?view=rev\u0026revision=603282" }, { "title": "Security Update 2008-002", "trust": 0.8, "url": "http://docs.info.apple.com/article.html?artnum=307562-en" }, { "title": "Security Update 2008-003", "trust": 0.8, "url": "http://support.apple.com/kb/ht1897" }, { "title": "httpd-2.2.3-11.3.1AX", "trust": 0.8, "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=94" }, { "title": "interstage_as_200801", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200801.html" }, { "title": "JVN#80057925", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-80057925.html" }, { "title": "HS07-042", "trust": 0.8, "url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-042_e/index-e.html" }, { "title": "HPSBUX02308", "trust": 0.8, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01345501" }, { "title": "4019245", "trust": 0.8, "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245" }, { "title": "PK58024", "trust": 0.8, "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58024" }, { "title": "PK65782", "trust": 0.8, "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk65782" }, { "title": "7008517", "trust": 0.8, "url": "http://www-1.ibm.com/support/docview.wss?rs=177\u0026uid=swg27008517#61015" }, { "title": "PK63273", "trust": 0.8, "url": "http://www-1.ibm.com/support/docview.wss?rs=0\u0026context=sseqtj\u0026uid=swg1pk63273\u0026loc=en_us\u0026cs=utf-8\u0026cc=us\u0026lang=all" }, { "title": "7005198", "trust": 0.8, "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27005198#60" }, { "title": "7007033", "trust": 0.8, "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007033#60227" }, { "title": "1205", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1205" }, { "title": "1224", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1224" }, { "title": "1221", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1221" }, { "title": "NV07-013", "trust": 0.8, "url": "http://www.nec.co.jp/security-info/secinfo/nv07-013.html" }, { "title": "Oracle Critical Patch Update Advisory - July 2013", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" }, { "title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html" }, { "title": "RHSA-2008:0004", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2008-0004.html" }, { "title": "RHSA-2008:0005", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2008-0005.html" }, { "title": "RHSA-2008:0006", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2008-0006.html" }, { "title": "RHSA-2008:0007", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2008-0007.html" }, { "title": "RHSA-2008:0008", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2008-0008.html" }, { "title": "July 2013 Critical Patch Update Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update" }, { "title": "233623", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1" }, { "title": "TLSA-2007-56", "trust": 0.8, "url": "http://www.turbolinux.com/security/2007/tlsa-2007-56.txt" }, { "title": "Ubuntu Security Notice: apache2 vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-575-1" }, { "title": "Debian CVElist Bug Report Logs: apache2: CVE-2007-4465", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=8a7503dd359ab44b424a9918eb8a6f66" }, { "title": "", "trust": 0.1, "url": "https://github.com/kasem545/vulnsearch " }, { "title": "", "trust": 0.1, "url": "https://github.com/secureaxom/strike " } ], "sources": [ { "db": "VULMON", "id": "CVE-2007-5000" }, { "db": "JVNDB", "id": "JVNDB-2007-000819" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-79", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2007-000819" }, { "db": "NVD", "id": "CVE-2007-5000" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://secunia.com/advisories/28046" }, { "trust": 2.5, "url": "http://secunia.com/advisories/28073" }, { "trust": 2.0, "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58024" }, { "trust": 2.0, "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58074" }, { "trust": 2.0, "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200801e.html" }, { "trust": 2.0, "url": "http://support.avaya.com/elmodocs2/security/asa-2008-032.htm" }, { "trust": 2.0, "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk63273" }, { "trust": 2.0, "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245" }, { "trust": 2.0, "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" }, { "trust": 1.8, "url": "http://www.securityfocus.com/bid/26838" }, { "trust": 1.7, "url": "http://securitytracker.com/id?1019093" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28081" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28196" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28375" }, { "trust": 1.7, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:014" }, { "trust": 1.7, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:015" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2008-0004.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2008-0006.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2008-0007.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2008-0008.html" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28467" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28471" }, { "trust": 1.7, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:016" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28525" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28526" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28607" }, { "trust": 1.7, "url": "http://www.ubuntu.com/usn/usn-575-1" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28749" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28750" }, { "trust": 1.7, "url": "http://www.osvdb.org/39134" }, { "trust": 1.7, "url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00562.html" }, { "trust": 1.7, "url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00541.html" }, { "trust": 1.7, "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28977" }, { "trust": 1.7, "url": "http://secunia.com/advisories/28922" }, { "trust": 1.7, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1" }, { "trust": 1.7, "url": "http://docs.info.apple.com/article.html?artnum=307562" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html" }, { "trust": 1.7, "url": "http://secunia.com/advisories/29420" }, { "trust": 1.7, "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html" }, { "trust": 1.7, "url": "http://secunia.com/advisories/29640" }, { "trust": 1.7, "url": "http://secunia.com/advisories/29806" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2008-0009.html" }, { "trust": 1.7, "url": "http://secunia.com/advisories/29988" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html" }, { "trust": 1.7, "url": "http://secunia.com/advisories/30356" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html" }, { "trust": 1.7, "url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html" }, { "trust": 1.7, "url": "http://secunia.com/advisories/30430" }, { "trust": 1.7, "url": "http://secunia.com/advisories/31142" }, { "trust": 1.7, "url": "http://secunia.com/advisories/30732" }, { "trust": 1.7, "url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2008/0178" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2007/4202" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2008/1697" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2007/4301" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2008/0924/references" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2008/0809/references" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2008/1224/references" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2007/4201" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2008/1623/references" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2008/0084" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2008/0398" }, { "trust": 1.7, "url": "http://www.vupen.com/english/advisories/2008/1875/references" }, { "trust": 1.7, "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "trust": 1.7, "url": "http://secunia.com/advisories/32800" }, { "trust": 1.7, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01345501" }, { "trust": 1.7, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39002" }, { "trust": 1.7, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39001" }, { "trust": 1.7, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9539" }, { "trust": 1.7, "url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded" }, { "trust": 1.7, "url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded" }, { "trust": 1.7, "url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded" }, { "trust": 1.4, "url": "http://httpd.apache.org/security/vulnerabilities_13.html" }, { "trust": 1.4, "url": "http://httpd.apache.org/security/vulnerabilities_20.html" }, { "trust": 1.4, "url": "http://httpd.apache.org/security/vulnerabilities_22.html" }, { "trust": 1.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e" }, { "trust": 0.8, "url": "http://www.frsirt.com/english/advisories/2007/4201" }, { "trust": 0.8, "url": "http://www.frsirt.com/english/advisories/2007/4202" }, { "trust": 0.8, "url": "http://jvn.jp/en/jp/jvn80057925/index.html" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5000" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388" }, { "trust": 0.6, "url": "httpd.apache.org%3e" }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs." }, { "trust": 0.6, "url": "httpd.apache.org/security/vulnerabilities_22.html" }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs." }, { "trust": 0.6, "url": "httpd.apache.org/security/vulnerabilities_20.html" }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs." }, { "trust": 0.6, "url": "httpd.apache.org/security/vulnerabilities_13.html" }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs." }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005" }, { "trust": 0.4, "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do" }, { "trust": 0.4, "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc" }, { "trust": 0.4, "url": "http://h30046.www3.hp.com/subsignin.php" }, { "trust": 0.3, "url": "http://httpd.apache.org/" }, { "trust": 0.3, "url": "https://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01607570\u0026admit=109447627+1227181083938+28353475" }, { "trust": 0.3, "url": " http://www.phptoys.com/product/micro-news.html" }, { "trust": 0.3, "url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110" }, { "trust": 0.3, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1" }, { "trust": 0.3, "url": "http://www.apache.org/dist/httpd/announcement1.3.html" }, { "trust": 0.3, "url": "http://www.apache.org/dist/httpd/announcement2.0.html" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2008-031.htm" }, { "trust": 0.3, "url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.by3b3q..t.dhzu.1jro.hzoeej00" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0004.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0007.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0008.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422" }, { "trust": 0.2, "url": "http://www.mandriva.com/security/" }, { "trust": 0.2, "url": "http://www.mandriva.com/security/advisories" }, { "trust": 0.2, "url": "https://www.hp.com/go/swa" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/79.html" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/575-1/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2364" }, { "trust": 0.1, "url": "http://support.openview.hp.com/support.jsp" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6420" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939" }, { "trust": 0.1, "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm" }, { "trust": 0.1, "url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html" }, { "trust": 0.1, "url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863" }, { "trust": 0.1, "url": "http://www.vmware.com/download/ace/" }, { "trust": 0.1, "url": "http://www.vmware.com/download/player/" }, { "trust": 0.1, "url": "http://www.vmware.com/security" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/1055" }, { "trust": 0.1, "url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304" }, { "trust": 0.1, "url": "http://www.vmware.com/download/ws/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040" }, { "trust": 0.1, "url": "http://www.vmware.com/support/policies/security_response.html" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847" }, { "trust": 0.1, "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm" }, { "trust": 0.1, "url": "http://www.vmware.com/support/policies/eos.html" }, { "trust": 0.1, "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752" }, { "trust": 0.1, "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle" }, { "trust": 0.1, "url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847" }, { "trust": 0.1, "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce" }, { "trust": 0.1, "url": "http://www.vmware.com/support/policies/eos_vi.html" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6422" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6421" }, { "trust": 0.1, "url": "http://secunia.com/" }, { "trust": 0.1, "url": "http://lists.grok.org.uk/full-disclosure-charter.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839" }, { "trust": 0.1, "url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555" }, { "trust": 0.1, "url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-3378" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4887" }, { "trust": 0.1, "url": "http://itrc.hp.com" } ], "sources": [ { "db": "VULMON", "id": "CVE-2007-5000" }, { "db": "BID", "id": "26838" }, { "db": "JVNDB", "id": "JVNDB-2007-000819" }, { "db": "PACKETSTORM", "id": "89987" }, { "db": "PACKETSTORM", "id": "80533" }, { "db": "PACKETSTORM", "id": "62719" }, { "db": "PACKETSTORM", "id": "62721" }, { "db": "PACKETSTORM", "id": "101257" }, { "db": "PACKETSTORM", "id": "63217" }, { "db": "PACKETSTORM", "id": "72120" }, { "db": "CNNVD", "id": "CNNVD-200712-135" }, { "db": "NVD", "id": "CVE-2007-5000" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2007-5000" }, { "db": "BID", "id": "26838" }, { "db": "JVNDB", "id": "JVNDB-2007-000819" }, { "db": "PACKETSTORM", "id": "89987" }, { "db": "PACKETSTORM", "id": "80533" }, { "db": "PACKETSTORM", "id": "62719" }, { "db": "PACKETSTORM", "id": "62721" }, { "db": "PACKETSTORM", "id": "101257" }, { "db": "PACKETSTORM", "id": "63217" }, { "db": "PACKETSTORM", "id": "72120" }, { "db": "CNNVD", "id": "CNNVD-200712-135" }, { "db": "NVD", "id": "CVE-2007-5000" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2007-12-13T00:00:00", "db": "VULMON", "id": "CVE-2007-5000" }, { "date": "2007-12-12T00:00:00", "db": "BID", "id": "26838" }, { "date": "2008-05-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2007-000819" }, { "date": "2010-05-27T05:11:37", "db": "PACKETSTORM", "id": "89987" }, { "date": "2009-08-23T16:31:17", "db": "PACKETSTORM", "id": "80533" }, { "date": "2008-01-17T05:56:17", "db": "PACKETSTORM", "id": "62719" }, { "date": "2008-01-17T05:59:17", "db": "PACKETSTORM", "id": "62721" }, { "date": "2011-05-10T00:45:11", "db": "PACKETSTORM", "id": "101257" }, { "date": "2008-02-04T18:22:06", "db": "PACKETSTORM", "id": "63217" }, { "date": "2008-11-20T19:21:09", "db": "PACKETSTORM", "id": "72120" }, { "date": "2007-12-13T00:00:00", "db": "CNNVD", "id": "CNNVD-200712-135" }, { "date": "2007-12-13T18:46:00", "db": "NVD", "id": "CVE-2007-5000" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-03-07T00:00:00", "db": "VULMON", "id": "CVE-2007-5000" }, { "date": "2015-04-13T21:15:00", "db": "BID", "id": "26838" }, { "date": "2013-07-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2007-000819" }, { "date": "2021-06-07T00:00:00", "db": "CNNVD", "id": "CNNVD-200712-135" }, { "date": "2023-11-07T02:01:09.193000", "db": "NVD", "id": "CVE-2007-5000" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200712-135" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cross-site scripting vulnerability in Apache HTTP Server \"mod_imap\" and \"mod_imagemap\"", "sources": [ { "db": "JVNDB", "id": "JVNDB-2007-000819" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "xss", "sources": [ { "db": "PACKETSTORM", "id": "62719" }, { "db": "PACKETSTORM", "id": "62721" }, { "db": "PACKETSTORM", "id": "72120" }, { "db": "CNNVD", "id": "CNNVD-200712-135" } ], "trust": 0.9 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.