var-201210-0300
Vulnerability from variot
ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records. ISC BIND is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the 'named' process to lockup, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bind97 security update Advisory ID: RHSA-2012:1364-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1364.html Issue date: 2012-10-12 CVE Names: CVE-2012-5166 =====================================================================
- Summary:
Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
A flaw was found in the way BIND handled certain combinations of resource records. A remote attacker could use this flaw to cause a recursive resolver, or an authoritative server in certain configurations, to lockup. (CVE-2012-5166)
Users of bind97 are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
864273 - CVE-2012-5166 bind: Specially crafted DNS data can cause a lockup in named
- Package List:
RHEL Desktop Workstation (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind97-9.7.0-10.P2.el5_8.4.src.rpm
i386: bind97-9.7.0-10.P2.el5_8.4.i386.rpm bind97-chroot-9.7.0-10.P2.el5_8.4.i386.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.i386.rpm bind97-devel-9.7.0-10.P2.el5_8.4.i386.rpm bind97-libs-9.7.0-10.P2.el5_8.4.i386.rpm bind97-utils-9.7.0-10.P2.el5_8.4.i386.rpm
x86_64: bind97-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-chroot-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.i386.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-devel-9.7.0-10.P2.el5_8.4.i386.rpm bind97-devel-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-libs-9.7.0-10.P2.el5_8.4.i386.rpm bind97-libs-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-utils-9.7.0-10.P2.el5_8.4.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind97-9.7.0-10.P2.el5_8.4.src.rpm
i386: bind97-9.7.0-10.P2.el5_8.4.i386.rpm bind97-chroot-9.7.0-10.P2.el5_8.4.i386.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.i386.rpm bind97-devel-9.7.0-10.P2.el5_8.4.i386.rpm bind97-libs-9.7.0-10.P2.el5_8.4.i386.rpm bind97-utils-9.7.0-10.P2.el5_8.4.i386.rpm
ia64: bind97-9.7.0-10.P2.el5_8.4.ia64.rpm bind97-chroot-9.7.0-10.P2.el5_8.4.ia64.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.ia64.rpm bind97-devel-9.7.0-10.P2.el5_8.4.ia64.rpm bind97-libs-9.7.0-10.P2.el5_8.4.ia64.rpm bind97-utils-9.7.0-10.P2.el5_8.4.ia64.rpm
ppc: bind97-9.7.0-10.P2.el5_8.4.ppc.rpm bind97-chroot-9.7.0-10.P2.el5_8.4.ppc.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.ppc.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.ppc64.rpm bind97-devel-9.7.0-10.P2.el5_8.4.ppc.rpm bind97-devel-9.7.0-10.P2.el5_8.4.ppc64.rpm bind97-libs-9.7.0-10.P2.el5_8.4.ppc.rpm bind97-libs-9.7.0-10.P2.el5_8.4.ppc64.rpm bind97-utils-9.7.0-10.P2.el5_8.4.ppc.rpm
s390x: bind97-9.7.0-10.P2.el5_8.4.s390x.rpm bind97-chroot-9.7.0-10.P2.el5_8.4.s390x.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.s390.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.s390x.rpm bind97-devel-9.7.0-10.P2.el5_8.4.s390.rpm bind97-devel-9.7.0-10.P2.el5_8.4.s390x.rpm bind97-libs-9.7.0-10.P2.el5_8.4.s390.rpm bind97-libs-9.7.0-10.P2.el5_8.4.s390x.rpm bind97-utils-9.7.0-10.P2.el5_8.4.s390x.rpm
x86_64: bind97-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-chroot-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.i386.rpm bind97-debuginfo-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-devel-9.7.0-10.P2.el5_8.4.i386.rpm bind97-devel-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-libs-9.7.0-10.P2.el5_8.4.i386.rpm bind97-libs-9.7.0-10.P2.el5_8.4.x86_64.rpm bind97-utils-9.7.0-10.P2.el5_8.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-5166.html https://access.redhat.com/security/updates/classification/#important http://www.isc.org/software/bind/advisories/cve-2012-5166
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQeHtLXlSAg2UNWIIRAuueAKCewT5BA/GjZiVutV/M61HyIJEXeACbBKqw 29tUCdQ2XRVdYTL9FmHO1eg= =sKkE -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: ISC BIND Resource Record Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA50610
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50610/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50610
RELEASE DATE: 2012-09-13
DISCUSS ADVISORY: http://secunia.com/advisories/50610/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50610/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50610
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an assertion error when processing resource records having RDATA greater than 65535 bytes. This can be exploited to e.g.
Please see the vendor's advisory for a list of affected versions.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: https://kb.isc.org/article/AA-00778/74
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+ patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz: Upgraded. IMPORTANT NOTE: This package updates BIND from 9.7.6_P4 to 9.8.4_P1 since the 9.7 series is no longer supported. It is possible that some changes may be required to your local configuration. This release addresses some denial-of-service and other bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.8.4_P1-i486-1_slack12.1.tgz
Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.8.4_P1-i486-1_slack12.2.tgz
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.8.4_P1-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.8.4_P1-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.8.4_P1-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.2_P1-x86_64-1_slack14.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.9.2_P1-i486-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.9.2_P1-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 12.1 package: 2df945fd92d480df98711992180cdd70 bind-9.8.4_P1-i486-1_slack12.1.tgz
Slackware 12.2 package: ddf762702befde00ab86cda1a5766bbd bind-9.8.4_P1-i486-1_slack12.2.tgz
Slackware 13.0 package: b6c9a8f1262bd39db2dd77034f58e568 bind-9.8.4_P1-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: b35c20ad9778035c7e04ef2944375608 bind-9.8.4_P1-x86_64-1_slack13.0.txz
Slackware 13.1 package: a6b061aeb84003ea7b6ddcc157e0db65 bind-9.8.4_P1-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 54ee26b4924ab502eedfd024d83db20e bind-9.8.4_P1-x86_64-1_slack13.1.txz
Slackware 13.37 package: 04d40ede0a96160e79767bf995469773 bind-9.8.4_P1-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: f4635df06e3c0f62f035d00e15b0f5fb bind-9.8.4_P1-x86_64-1_slack13.37.txz
Slackware 14.0 package: 66612ea03941fc8ef5ef21409ecc6fe3 bind-9.9.2_P1-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 6f664fe7e955c0dbe806a63ad9212c00 bind-9.9.2_P1-x86_64-1_slack14.0.txz
Slackware -current package: 83bc10ca67bede66bf742a7d0ab6e628 n/bind-9.9.2_P1-i486-1.txz
Slackware x86_64 -current package: 4a539dd88ef3637eee56693c037a3dc8 n/bind-9.9.2_P1-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg bind-9.9.2_P1-i486-1_slack14.0.txz
Then, restart the name server:
/etc/rc.d/rc.bind restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ESA-2014-016: EMC VPLEX Multiple Vulnerabilities
EMC Identifier: ESA-2014-016
CVE Identifier: See below for individual CVEs
Severity Rating: CVSS v2 Base Score: See below for individual CVSS scores
Affected products:
All versions from VPLEX GeoSynchrony 4.0 through VPLEX GeoSynchrony 5.2.1 are affected
Summary:
EMC VPLEX GeoSynchrony 5.3 contains fixes for multiple vulnerabilities that could potentially be exploited by malicious users.
Details:
\x95Multiple Vulnerabilities affecting the VPLEX Web GUI. Please refer to the NVD website (http://web.nvd.nist.gov/) for more details on the below CVEs
Path Traversal vulnerability in VPLEX GUI \x96 CVE-2014-0632 CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
VPLEX GUI Session Timeout validity vulnerability \x96 CVE-2014-0633 CVSS v2 Base Score: 7.7 (AV:A/AC:L/Au:S/C:C/I:C/A:C)
Missing HttpOnly attribute vulnerability \x96 CVE-2014-0634 CVSS v2 Base Score: 6 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Session Fixation vulnerability \x96 CVE-2014-0635 CVSS v2 Base Score: 7.5 (AV:N/AC:M/Au:S/C:C/I:P/A:P)
BEAST Attack \x96 CVE-2011-3389 CVSS v2 Base Score: See NVD advisory for the CVSS score.
\x95Multiple Embedded Component Vulnerabilities
Multiple vulnerabilities in the following embedded components of the SLES Operating System have been fixed: Kernel: CVE-2011-1044, CVE-2011-4110, CVE-2012-2136 perl: CVE-2002-2443 krb5: CVE-2013-1667 bind packages: CVE-2012-5166 CVSS v2 Base Score: See NVD advisory for the individual CVSS scores.
Remote Information Disclosure vulnerability in OpenSSH - CVE-2012-0814 CVSS v2 Base Score: See NVD advisory for the CVSS score.
Multiple vulnerabilities in Oracle Java and Apache Tomcat: This release also contains critical security updates for Oracle Java and Apache Tomcat. Oracle Java has been upgraded to 1.6.0_45 and Apache tomcat has been upgraded to 6.0.36. Please refer the following links for more information: Java: http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html Tomcat: https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36 CVSS v2 Base Score: See vendor advisory for the individual CVSS scores.
Resolution:
EMC recommends all customers to upgrade to VPLEX GeoSynchrony version 5.3 at their earliest opportunity.
Link to remedies:
Customers can download the software from Support Zone.
Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.
For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.
EMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. ============================================================================ Ubuntu Security Notice USN-1601-1 October 10, 2012
bind9 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS
Summary:
Bind could be made to crash if it received specially crafted network traffic.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.4
Ubuntu 11.10: bind9 1:9.7.3.dfsg-1ubuntu4.5
Ubuntu 11.04: bind9 1:9.7.3.dfsg-1ubuntu2.7
Ubuntu 10.04 LTS: bind9 1:9.7.0.dfsg.P1-1ubuntu0.8
Ubuntu 8.04 LTS: bind9 1:9.4.2.dfsg.P2-2ubuntu0.12
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004
OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses the following:
Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in Apache Description: Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.24. CVE-ID CVE-2012-0883 CVE-2012-2687 CVE-2012-3499 CVE-2012-4558
Bind Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in BIND Description: Multiple vulnerabilities existed in BIND, the most serious of which may lead to a denial of service. These issues were addressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not affect Mac OS X v10.7 systems. CVE-ID CVE-2012-3817 CVE-2012-4244 CVE-2012-5166 CVE-2012-5688 CVE-2013-2266
Certificate Trust Policy Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Root certificates have been updated Description: Several certificates were added to or removed from the list of system roots. The complete list of recognized system roots may be viewed via the Keychain Access application.
ClamAV Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5 Impact: Multiple vulnerabilities in ClamAV Description: Multiple vulnerabilities exist in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.97.8. CVE-ID CVE-2013-2020 CVE-2013-2021
CoreGraphics Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JBIG2 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1025 : Felix Groebert of the Google Security Team
ImageIO Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 encoded data in PDF files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1026 : Felix Groebert of the Google Security Team
Installer Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Packages could be opened after certificate revocation Description: When Installer encountered a revoked certificate, it would present a dialog with an option to continue. The issue was addressed by removing the dialog and refusing any revoked package. CVE-ID CVE-2013-1027
IPSec Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: An attacker may intercept data protected with IPSec Hybrid Auth Description: The DNS name of an IPSec Hybrid Auth server was not being matched against the certificate, allowing an attacker with a certificate for any server to impersonate any other. This issue was addressed by properly checking the certificate. CVE-ID CVE-2013-1028 : Alexander Traud of www.traud.de
Kernel Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A local network user may cause a denial of service Description: An incorrect check in the IGMP packet parsing code in the kernel allowed a user who could send IGMP packets to the system to cause a kernel panic. The issue was addressed by removing the check. CVE-ID CVE-2013-1029 : Christopher Bohn of PROTECTSTAR INC.
Mobile Device Management Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Passwords may be disclosed to other local users Description: A password was passed on the command-line to mdmclient, which made it visible to other users on the same system. The issue was addressed by communicating the password through a pipe. CVE-ID CVE-2013-1030 : Per Olofsson at the University of Gothenburg
OpenSSL Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in OpenSSL Description: Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to disclosure of user data. These issues were addressed by updating OpenSSL to version 0.9.8y. CVE-ID CVE-2012-2686 CVE-2013-0166 CVE-2013-0169
PHP Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP, the most serious of which may lead to arbitrary code execution. These issues were addressed by updating PHP to version 5.3.26. CVE-ID CVE-2013-1635 CVE-2013-1643 CVE-2013-1824 CVE-2013-2110
PostgreSQL Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Multiple vulnerabilities in PostgreSQL Description: Multiple vulnerabilities exist in PostgreSQL, the most serious of which may lead to data corruption or privilege escalation. This update addresses the issues by updating PostgreSQL to version 9.0.13. CVE-ID CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-1902 CVE-2013-1903
Power Management Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: The screen saver may not start after the specified time period Description: A power assertion lock issue existed. This issue was addressed through improved lock handling. CVE-ID CVE-2013-1031
QuickTime Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 to v10.8.4 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of 'idsc' atoms in QuickTime movie files. This issue was addressed through additional bounds checking. CVE-ID CVE-2013-1032 : Jason Kratzer working with iDefense VCP
Screen Lock Available for: OS X Mountain Lion v10.8 to v10.8.4 Impact: A user with screen sharing access may be able to bypass the screen lock when another user is logged in Description: A session management issue existed in the screen lock's handling of screen sharing sessions. This issue was addressed through improved session tracking. CVE-ID CVE-2013-1033 : Jeff Grisso of Atos IT Solutions, Sebastien Stormacq
Note: OS X Mountain Lion v10.8.5 also addresses an issue where certain Unicode strings could cause applications to unexpectedly terminate.
OS X Mountain Lion v10.8.5 and Security Update 2013-004 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
The Software Update utility will present the update that applies to your system configuration. Only one is needed, either OS X Mountain Lion v10.8.5, or Security Update 2013-004.
For OS X Mountain Lion v10.8.4 The download file is named: OSXUpd10.8.5.dmg Its SHA-1 digest is: a74ab6d9501778437e7afba0bbed47b776a52b11
For OS X Mountain Lion v10.8 and v10.8.3 The download file is named: OSXUpdCombo10.8.5.dmg Its SHA-1 digest is: cb798ac9b97ceb2d8875af040ce4ff06187d61f2
For OS X Lion v10.7.5 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: dbc50fce7070f83b93b866a21b8f5c6e65007fa0
For OS X Lion Server v10.7.5 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 44a77edbd37732b865bc21a9aac443a3cdc47355
For Mac OS X v10.6.8 The download file is named: SecUpd2013-004.dmg Its SHA-1 digest is: d07d5142a2549270f0d2eaddb262b41bb5c16b61
For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2013-004.dmg Its SHA-1 digest is: 8f9abe93f7f9427cf86b89bd67df948a85537dbc
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJSMiPGAAoJEPefwLHPlZEw9qMP/17D4Q8velZ3H4AumPzHqqB4 QxPcuv8PXzhi55epUm2bzNfXR9A5L9KvzEsmggqxO2/ESO0zfeKgAmXXjCI3z5Qc +WkHgqowjwXU9cbjyDkhwb/ylXml+vCSIv2m9eXXNRTRi0rm9ZLSI/JMSRfLMojQ bZbzQSoSpuGaOeOOWESKCf9zBXFG6DBGo0wg3z8Bkywjtp/7bfddPAFHxIdhjDDN 1IgmhPRnP6NEdNSfR6RwF94M+hyiJ2I2DIDZTIo+6B4Ne90bEYdBiQmSxwKFAyc3 H9VFfB8XmrtA2k4DhE6Ow2jD/Y//QKz6TbyZNSQawXxuPsj43v6/T6BsWdfddGbQ hDGU85e7z7a4gmIPuS3DjMhSEyAixL/B3vKYBaZltH6JBCcPuLvGrU7nAiJa7KGQ 8MToOyv42TSj95drFzysk5fcO0MIUH5xiGlaU+ScEdBSpIpHDfpjeJYPqxHeGFaa V2xCGw1vMYbMoxNzRL0FPPdUxJkyBHvuzZXh6c6fATuQIPCtwejpPrYEo7x7RRpl ytsVLe3V27j7IfWb62nI+mNVfH5m+YgK4SGK5DSq8Nm1Lk0w4HXmTtrhOCogsJ2I yoqeg/XakiSdxZxhSa9/ZZsMB+D1B8siNzCj0+U0k4zYjxEA0GdSu/dYRVT62oIn vBrJ5gm+nnyRe2TUMAwz =h9hc -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-34
http://security.gentoo.org/
Severity: Normal Title: BIND: Denial of Service Date: January 29, 2014 Bugs: #437828, #446094, #453974, #463497, #478316, #483208, #498016 ID: 201401-34
Synopsis
Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.9.4_p2 >= 9.9.4_p2
Description
Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.9.4_p2"
References
[ 1 ] CVE-2012-5166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5166 [ 2 ] CVE-2012-5688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5688 [ 3 ] CVE-2012-5689 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5689 [ 4 ] CVE-2013-2266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2266 [ 5 ] CVE-2013-3919 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3919 [ 6 ] CVE-2013-4854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4854 [ 7 ] CVE-2014-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0591
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-34.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Corrected: 2012-11-22 23:15:38 UTC (RELENG_7, 7.4-STABLE) 2012-11-22 22:52:15 UTC (RELENG_7_4, 7.4-RELEASE-p11) 2012-10-11 13:25:09 UTC (RELENG_8, 8.3-STABLE) 2012-11-22 22:52:15 UTC (RELENG_8_3, 8.3-RELEASE-p5) 2012-10-10 19:50:15 UTC (RELENG_9, 9.1-PRERELEASE) 2012-11-22 22:52:15 UTC (RELENG_9_0, 9.0-RELEASE-p5) 2012-11-22 22:52:15 UTC (RELENG_9_1, 9.1-RC1-p1) 2012-11-22 22:52:15 UTC (RELENG_9_1, 9.1-RC2-p1) 2012-11-22 22:52:15 UTC (RELENG_9_1, 9.1-RC3-p1) CVE Name: CVE-2012-4244, CVE-2012-5166
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
II. Problem Description
The BIND daemon would crash when a query is made on a resource record with RDATA that exceeds 65535 bytes.
The BIND daemon would lock up when a query is made on specific combinations of RDATA.
III. Impact
A remote attacker can query a resolving name server to retrieve a record whose RDATA is known to be larger than 65535 bytes, thereby causing the resolving server to crash via an assertion failure in named.
An attacker who is in a position to add a record with RDATA larger than 65535 bytes to an authoritative name server can cause that server to crash by later querying for that record.
IV. Workaround
No workaround is available, but systems not running the BIND name server are not affected.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 7-STABLE, 8-STABLE, or 9-STABLE, or to the RELENG_7_4, RELENG_8_3, or RELENG_9_0 security branch dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to FreeBSD 7.4, 8.3, and 9.0 systems.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch http://security.FreeBSD.org/patches/SA-12:06/bind.patch
fetch http://security.FreeBSD.org/patches/SA-12:06/bind.patch.asc
b) Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
Recompile the operating system using buildworld and installworld as
described in
3) To update your vulnerable system via a binary patch:
Systems running 7.4-RELEASE, 8.3-RELEASE, 9.0-RELEASE, or 9.1-RC1 on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
4) Install and run BIND from the Ports Collection after the correction date. The following versions and newer versions of BIND installed from the Ports Collection are not affected by this vulnerability:
bind96-9.6.3.1.ESV.R7.4
bind97-9.7.6.4
bind98-9.8.3.4
bind99-9.9.1.4
VI. Correction details
The following list contains the revision numbers of each file that was corrected in FreeBSD.
Subversion:
Branch/path Revision
stable/7/ r243418 releng/7.4/ r243417 stable/8/ r241443 releng/8.3/ r243417 stable/9/ r241415 releng/9.0/ r243417 releng/9.1/ r243417
VII
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201210-0300", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "bind", "scope": "eq", "trust": 1.9, "vendor": "isc", "version": "9.6" }, { "model": "bind", "scope": "eq", "trust": 1.9, "vendor": "isc", "version": "9.7.1" }, { "model": "bind", "scope": "eq", "trust": 1.9, "vendor": "isc", "version": "9.7.0" }, { "model": "bind", "scope": "eq", "trust": 1.6, "vendor": "isc", "version": "9.7.2" }, { "model": "bind", "scope": "eq", "trust": 1.6, "vendor": "isc", "version": "9.4.0" }, { "model": "bind", "scope": "eq", "trust": 1.6, "vendor": "isc", "version": "9.3.2" }, { "model": "bind", "scope": "eq", "trust": 1.3, "vendor": "isc", "version": "9.4" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.3.5" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.5.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.4.2" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.6.3" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.5.2" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.3.3" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.5" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.8.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.8.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.2" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.6.2" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.0.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.9.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.3.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.8" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.3.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.7.6" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.3" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.1.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.7" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.7.5" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.6.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.1.3" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.3.4" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.1.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.1.2" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.5" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.7.3" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.3.6" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.7.4" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.8.3" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.4.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.4.3" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.6" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.0.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.5.3" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.9" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.8.2" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.2.4" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.5.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.6.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.9.0" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.1" }, { "model": "bind", "scope": "eq", "trust": 1.0, "vendor": "isc", "version": "9.3" }, { "model": "bind", "scope": "eq", "trust": 0.8, "vendor": "isc", "version": "9.2.x to 9.6.x" }, { "model": "bind", "scope": "eq", "trust": 0.8, "vendor": "isc", "version": "9.4-esv to 9.4-esv-r5-p1" }, { "model": "bind", "scope": "eq", "trust": 0.8, "vendor": "isc", "version": "9.6-esv to 9.6-esv-r7-p3" }, { "model": "bind", "scope": "eq", "trust": 0.8, "vendor": "isc", "version": "9.7.0 to 9.7.6-p3" }, { "model": "bind", "scope": "eq", "trust": 0.8, "vendor": "isc", "version": "9.8.0 to 9.8.3-p3" }, { "model": "bind", "scope": "eq", "trust": 0.8, "vendor": "isc", "version": "9.9.0 to 9.9.1-p3" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.7.5" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.8 to v10.8.4" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.7.5" }, { "model": "mcafee firewall enterprise 7.0.1.03h06", "scope": "ne", "trust": 0.3, "vendor": "intel", "version": null }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "14.0" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "9.0-rc1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.4.8" }, { "model": "big-ip link controller hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip apm hf3", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "3.0" }, { "model": "big-ip asm hf5", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.4.80" }, { "model": "big-ip apm hf5", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "bind", "scope": "eq", "trust": 0.3, "vendor": "isc", "version": "9.2" }, { "model": "enterprise linux hpc node optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "vplex geosynchrony", "scope": "eq", "trust": 0.3, "vendor": "emc", "version": "5.2.1" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.0" }, { "model": "hp-ux b.11.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.3" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "big-ip edge gateway hf3", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip apm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip link controller hf2", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "freeflow print server 73.c5.11", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "linux enterprise server sp1 ltss", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.2" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "5" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1.1" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "big-ip analytics hf2", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "vm server for", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "x863.4" }, { "model": "big-ip gtm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "linux enterprise server sp3 ltss", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "big-ip asm hf2", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "enterprise linux server optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "aura session manager", "scope": "ne", "trust": 0.3, "vendor": "avaya", "version": "6.3.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip asm hf3", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.16" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "12.2" }, { "model": "enterprise server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "big-ip psm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "big-ip apm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "firewall enterprise", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.0.1.03" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.2" }, { "model": "big-ip link controller hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.1" }, { "model": "big-ip analytics", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip gtm hf2", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2011" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.8" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7.5" }, { "model": "linux lts powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3" }, { "model": "big-ip ltm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "business server", "scope": "eq", "trust": 0.3, "vendor": "collax", "version": "5.5" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.4.80" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.12" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip ltm hf5", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "linux enterprise sdk sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.2" }, { "model": "linux enterprise server sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.37" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.8" }, { "model": "mcafee firewall enterprise", "scope": "eq", "trust": 0.3, "vendor": "intel", "version": "8.3" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "tcp/ip services for openvms bind eco5", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.7" }, { "model": "8.0-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.8.4" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.7" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.5" }, { "model": "enterprise linux workstation optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.8.1" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux lts sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.75" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.3" }, { "model": "big-ip gtm hf5", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0.00" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "9" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.5" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip ltm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "mac os", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "x10.8.5" }, { "model": "firewall enterprise 7.0.1.03h04", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "linux -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.126" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.3" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.4.5" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.6.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.1" }, { "model": "big-ip psm hf5", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "big-ip psm", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "2.3" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "12.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.37" }, { "model": "business server", "scope": "ne", "trust": 0.3, "vendor": "collax", "version": "5.5.4" }, { "model": "big-ip link controller hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "big-ip gtm hf3", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.0" }, { "model": "freeflow print server 73.b3.61", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "big-ip psm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip ltm hf2", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "linux enterprise server sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6" }, { "model": "big-ip ltm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip edge gateway", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "big-ip apm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.4" }, { "model": "enterprise linux desktop optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "mcafee firewall enterprise 8.2.1p06", "scope": "ne", "trust": 0.3, "vendor": "intel", "version": null }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.4" }, { "model": "enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "1.6" }, { "model": "big-ip gtm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip link controller hf3", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "linux enterprise server sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.11" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.0" }, { "model": "big-ip psm hf2", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "enterprise linux hpc node", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "4" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0.00" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.68" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.2.2" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "big-ip edge gateway hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip ltm", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "big-ip gtm", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "vplex geosynchrony", "scope": "ne", "trust": 0.3, "vendor": "emc", "version": "5.3" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.4.8" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.1" }, { "model": "big-ip link controller hf5", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2011" }, { "model": "big-ip asm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "linux lts lpia", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip asm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "enterprise manager", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "3.1" }, { "model": "big-ip edge gateway hf2", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "big-ip psm hf3", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "10" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.8" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7.5" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "11" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.0" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip gtm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0.00" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.10" }, { "model": "vplex geosynchrony", "scope": "eq", "trust": 0.3, "vendor": "emc", "version": "4.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.1" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.2.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "mcafee firewall enterprise 8.3.0p02", "scope": "ne", "trust": 0.3, "vendor": "intel", "version": null }, { "model": "linux enterprise desktop sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.40" }, { "model": "mcafee firewall enterprise", "scope": "eq", "trust": 0.3, "vendor": "intel", "version": "7.0.1.02" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.8.3" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "linux enterprise server for vmware sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux enterprise software development kit sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "9.1-rc2", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "14.0" }, { "model": "business server", "scope": "eq", "trust": 0.3, "vendor": "collax", "version": "5.5.2" }, { "model": "enterprise linux desktop workstation client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "linux enterprise desktop sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "1.8" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "big-ip psm hf4", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "vm server for", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "x863.3" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "9.4.8" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "9.0-rc3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.6" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.2" }, { "model": "big-ip asm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.1" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "enterprise server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "big-ip link controller", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "aix l", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3" }, { "model": "big-ip ltm hf3", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "vm server for", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "x863.2" }, { "model": "vplex geosynchrony sp1", "scope": "eq", "trust": 0.3, "vendor": "emc", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.5" }, { "model": "big-ip apm", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.8.2" }, { "model": "big-ip edge gateway hf5", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "freeflow print server 73.c0.41", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3.9" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.3" }, { "model": "firewall enterprise", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "8.2.1" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.1" }, { "model": "big-ip asm", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "2.0" }, { "model": "linux x86 64 -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" } ], "sources": [ { "db": "BID", "id": "55852" }, { "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "db": "CNNVD", "id": "CNNVD-201210-182" }, { "db": "NVD", "id": "CVE-2012-5166" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r7_p2:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r7_p1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r5_b1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r5:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:r5-rc1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:r5-p1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:b1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:*:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:b3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.3:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r7:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r6_rc2:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r4_p1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r4:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:r5-b1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:r5:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:a3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.2:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:p2_w2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:a6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:a5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:p5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.2:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:b3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:a1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.3:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.3:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.0:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.6:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r6_rc1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r6_b1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r3:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r2:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:r4-p1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:r4:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:r3:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.6:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:a2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:a1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.2:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.2:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.3:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.4:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.4:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.3:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.3:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.1:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.1:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:a1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:a7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:b3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:b4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:a3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:a2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.5:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.1:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.0:b3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.0:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.7:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.7:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.4:rc7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.4:rc6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.3:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.3:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:a1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.1:rc6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.1:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:p2_w1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:a4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:a3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:p4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:a6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.6:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.9:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.5:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.5:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.4:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.4:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r6:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r5_p1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:r1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6:*:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:r2:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:r1:*:*:esv:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.2:b1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:p4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:p3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:b3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:b3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:b2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:a2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:a1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:p1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:a5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:a4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.5:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.0:b4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.7:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.4:rc8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.3:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.2:p2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.1:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:a3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:a2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.1:rc7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2012-5166" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Jake Montgomery of Dyn, Inc.", "sources": [ { "db": "BID", "id": "55852" } ], "trust": 0.3 }, "cve": "CVE-2012-5166", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 6.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 7.8, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2012-5166", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2012-5166", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201210-182", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2012-5166", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2012-5166" }, { "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "db": "CNNVD", "id": "CNNVD-201210-182" }, { "db": "NVD", "id": "CVE-2012-5166" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records. ISC BIND is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause the \u0027named\u0027 process to lockup, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bind97 security update\nAdvisory ID: RHSA-2012:1364-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1364.html\nIssue date: 2012-10-12\nCVE Names: CVE-2012-5166 \n=====================================================================\n\n1. Summary:\n\nUpdated bind97 packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly. \n\nA flaw was found in the way BIND handled certain combinations of resource\nrecords. A remote attacker could use this flaw to cause a recursive\nresolver, or an authoritative server in certain configurations, to lockup. \n(CVE-2012-5166)\n\nUsers of bind97 are advised to upgrade to these updated packages, which\ncorrect this issue. After installing the update, the BIND daemon (named)\nwill be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n864273 - CVE-2012-5166 bind: Specially crafted DNS data can cause a lockup in named\n\n6. Package List:\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind97-9.7.0-10.P2.el5_8.4.src.rpm\n\ni386:\nbind97-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-chroot-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-utils-9.7.0-10.P2.el5_8.4.i386.rpm\n\nx86_64:\nbind97-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-chroot-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-utils-9.7.0-10.P2.el5_8.4.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind97-9.7.0-10.P2.el5_8.4.src.rpm\n\ni386:\nbind97-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-chroot-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-utils-9.7.0-10.P2.el5_8.4.i386.rpm\n\nia64:\nbind97-9.7.0-10.P2.el5_8.4.ia64.rpm\nbind97-chroot-9.7.0-10.P2.el5_8.4.ia64.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.ia64.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.ia64.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.ia64.rpm\nbind97-utils-9.7.0-10.P2.el5_8.4.ia64.rpm\n\nppc:\nbind97-9.7.0-10.P2.el5_8.4.ppc.rpm\nbind97-chroot-9.7.0-10.P2.el5_8.4.ppc.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.ppc.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.ppc64.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.ppc.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.ppc64.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.ppc.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.ppc64.rpm\nbind97-utils-9.7.0-10.P2.el5_8.4.ppc.rpm\n\ns390x:\nbind97-9.7.0-10.P2.el5_8.4.s390x.rpm\nbind97-chroot-9.7.0-10.P2.el5_8.4.s390x.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.s390.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.s390x.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.s390.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.s390x.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.s390.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.s390x.rpm\nbind97-utils-9.7.0-10.P2.el5_8.4.s390x.rpm\n\nx86_64:\nbind97-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-chroot-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-debuginfo-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-devel-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.i386.rpm\nbind97-libs-9.7.0-10.P2.el5_8.4.x86_64.rpm\nbind97-utils-9.7.0-10.P2.el5_8.4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5166.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttp://www.isc.org/software/bind/advisories/cve-2012-5166\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQeHtLXlSAg2UNWIIRAuueAKCewT5BA/GjZiVutV/M61HyIJEXeACbBKqw\n29tUCdQ2XRVdYTL9FmHO1eg=\n=sKkE\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nISC BIND Resource Record Denial of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA50610\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50610/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50610\n\nRELEASE DATE:\n2012-09-13\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50610/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50610/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50610\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in ISC BIND, which can be exploited\nby malicious people to cause a DoS (Denial of Service). \n\nThe vulnerability is caused due to an assertion error when processing\nresource records having RDATA greater than 65535 bytes. This can be\nexploited to e.g. \n\nPlease see the vendor\u0027s advisory for a list of affected versions. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttps://kb.isc.org/article/AA-00778/74\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n+--------------------------+\npatches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz: Upgraded. \n IMPORTANT NOTE: This package updates BIND from 9.7.6_P4 to\n 9.8.4_P1 since the 9.7 series is no longer supported. It is\n possible that some changes may be required to your local\n configuration. \n This release addresses some denial-of-service and other bugs. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.8.4_P1-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.8.4_P1-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.8.4_P1-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.8.4_P1-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.8.4_P1-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.8.4_P1-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.2_P1-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.9.2_P1-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.9.2_P1-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 12.1 package:\n2df945fd92d480df98711992180cdd70 bind-9.8.4_P1-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nddf762702befde00ab86cda1a5766bbd bind-9.8.4_P1-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\nb6c9a8f1262bd39db2dd77034f58e568 bind-9.8.4_P1-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\nb35c20ad9778035c7e04ef2944375608 bind-9.8.4_P1-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\na6b061aeb84003ea7b6ddcc157e0db65 bind-9.8.4_P1-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n54ee26b4924ab502eedfd024d83db20e bind-9.8.4_P1-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n04d40ede0a96160e79767bf995469773 bind-9.8.4_P1-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\nf4635df06e3c0f62f035d00e15b0f5fb bind-9.8.4_P1-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n66612ea03941fc8ef5ef21409ecc6fe3 bind-9.9.2_P1-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n6f664fe7e955c0dbe806a63ad9212c00 bind-9.9.2_P1-x86_64-1_slack14.0.txz\n\nSlackware -current package:\n83bc10ca67bede66bf742a7d0ab6e628 n/bind-9.9.2_P1-i486-1.txz\n\nSlackware x86_64 -current package:\n4a539dd88ef3637eee56693c037a3dc8 n/bind-9.9.2_P1-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg bind-9.9.2_P1-i486-1_slack14.0.txz\n\nThen, restart the name server:\n\n# /etc/rc.d/rc.bind restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nESA-2014-016: EMC VPLEX Multiple Vulnerabilities\n\nEMC Identifier: ESA-2014-016 \n\nCVE Identifier: See below for individual CVEs\n\nSeverity Rating: CVSS v2 Base Score: See below for individual CVSS scores\n\nAffected products: \n\nAll versions from VPLEX GeoSynchrony 4.0 through VPLEX GeoSynchrony 5.2.1 are affected\n\nSummary: \n\nEMC VPLEX GeoSynchrony 5.3 contains fixes for multiple vulnerabilities that could potentially be exploited by malicious users. \n\nDetails: \n\n\\x95Multiple Vulnerabilities affecting the VPLEX Web GUI. Please refer to the NVD website (http://web.nvd.nist.gov/) for more details on the below CVEs\n\nPath Traversal vulnerability in VPLEX GUI \\x96 CVE-2014-0632\nCVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C) \n\nVPLEX GUI Session Timeout validity vulnerability \\x96 CVE-2014-0633 \nCVSS v2 Base Score: 7.7 (AV:A/AC:L/Au:S/C:C/I:C/A:C)\n\nMissing HttpOnly attribute vulnerability \\x96 CVE-2014-0634\nCVSS v2 Base Score: 6 (AV:N/AC:M/Au:S/C:P/I:P/A:P)\n\nSession Fixation vulnerability \\x96 CVE-2014-0635\nCVSS v2 Base Score: 7.5 (AV:N/AC:M/Au:S/C:C/I:P/A:P)\n\nBEAST Attack \\x96 CVE-2011-3389\nCVSS v2 Base Score: See NVD advisory for the CVSS score. \n\n\\x95Multiple Embedded Component Vulnerabilities\n\nMultiple vulnerabilities in the following embedded components of the SLES Operating System have been fixed:\n\tKernel: CVE-2011-1044, CVE-2011-4110, CVE-2012-2136\n\tperl: CVE-2002-2443\n\tkrb5: CVE-2013-1667\n\tbind packages: CVE-2012-5166\nCVSS v2 Base Score: See NVD advisory for the individual CVSS scores. \n\nRemote Information Disclosure vulnerability in OpenSSH - CVE-2012-0814\nCVSS v2 Base Score: See NVD advisory for the CVSS score. \n\nMultiple vulnerabilities in Oracle Java and Apache Tomcat: This release also contains critical security updates for Oracle Java and Apache Tomcat. Oracle Java has been upgraded to 1.6.0_45 and Apache tomcat has been upgraded to 6.0.36. Please refer the following links for more information:\n\tJava: http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html \n\tTomcat: https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36 \nCVSS v2 Base Score: See vendor advisory for the individual CVSS scores. \n\nResolution:\n \nEMC recommends all customers to upgrade to VPLEX GeoSynchrony version 5.3 at their earliest opportunity. \n\nLink to remedies:\n\nCustomers can download the software from Support Zone. \n\n\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. \n\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. \n\nEMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided \"as is\" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. ============================================================================\nUbuntu Security Notice USN-1601-1\nOctober 10, 2012\n\nbind9 vulnerability\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.04 LTS\n- Ubuntu 8.04 LTS\n\nSummary:\n\nBind could be made to crash if it received specially crafted network\ntraffic. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n bind9 1:9.8.1.dfsg.P1-4ubuntu0.4\n\nUbuntu 11.10:\n bind9 1:9.7.3.dfsg-1ubuntu4.5\n\nUbuntu 11.04:\n bind9 1:9.7.3.dfsg-1ubuntu2.7\n\nUbuntu 10.04 LTS:\n bind9 1:9.7.0.dfsg.P1-1ubuntu0.8\n\nUbuntu 8.04 LTS:\n bind9 1:9.4.2.dfsg.P2-2ubuntu0.12\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update\n2013-004\n\nOS X Mountain Lion v10.8.5 and Security Update 2013-004 is now\navailable and addresses the following:\n\nApache\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in Apache\nDescription: Multiple vulnerabilities existed in Apache, the most\nserious of which may lead to cross-site scripting. These issues were\naddressed by updating Apache to version 2.2.24. \nCVE-ID\nCVE-2012-0883\nCVE-2012-2687\nCVE-2012-3499\nCVE-2012-4558\n\nBind\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in BIND\nDescription: Multiple vulnerabilities existed in BIND, the most\nserious of which may lead to a denial of service. These issues were\naddressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not\naffect Mac OS X v10.7 systems. \nCVE-ID\nCVE-2012-3817\nCVE-2012-4244\nCVE-2012-5166\nCVE-2012-5688\nCVE-2013-2266\n\nCertificate Trust Policy\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Root certificates have been updated\nDescription: Several certificates were added to or removed from the\nlist of system roots. The complete list of recognized system roots\nmay be viewed via the Keychain Access application. \n\nClamAV\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5\nImpact: Multiple vulnerabilities in ClamAV\nDescription: Multiple vulnerabilities exist in ClamAV, the most\nserious of which may lead to arbitrary code execution. This update\naddresses the issues by updating ClamAV to version 0.97.8. \nCVE-ID\nCVE-2013-2020\nCVE-2013-2021\n\nCoreGraphics\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of JBIG2\nencoded data in PDF files. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-1025 : Felix Groebert of the Google Security Team\n\nImageIO\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of JPEG2000\nencoded data in PDF files. This issue was addressed through\nadditional bounds checking. \nCVE-ID\nCVE-2013-1026 : Felix Groebert of the Google Security Team\n\nInstaller\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Packages could be opened after certificate revocation\nDescription: When Installer encountered a revoked certificate, it\nwould present a dialog with an option to continue. The issue was\naddressed by removing the dialog and refusing any revoked package. \nCVE-ID\nCVE-2013-1027\n\nIPSec\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: An attacker may intercept data protected with IPSec Hybrid\nAuth\nDescription: The DNS name of an IPSec Hybrid Auth server was not\nbeing matched against the certificate, allowing an attacker with a\ncertificate for any server to impersonate any other. This issue was\naddressed by properly checking the certificate. \nCVE-ID\nCVE-2013-1028 : Alexander Traud of www.traud.de\n\nKernel\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: A local network user may cause a denial of service\nDescription: An incorrect check in the IGMP packet parsing code in\nthe kernel allowed a user who could send IGMP packets to the system\nto cause a kernel panic. The issue was addressed by removing the\ncheck. \nCVE-ID\nCVE-2013-1029 : Christopher Bohn of PROTECTSTAR INC. \n\nMobile Device Management\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Passwords may be disclosed to other local users\nDescription: A password was passed on the command-line to mdmclient,\nwhich made it visible to other users on the same system. The issue\nwas addressed by communicating the password through a pipe. \nCVE-ID\nCVE-2013-1030 : Per Olofsson at the University of Gothenburg\n\nOpenSSL\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in OpenSSL\nDescription: Multiple vulnerabilities existed in OpenSSL, the most\nserious of which may lead to disclosure of user data. These issues\nwere addressed by updating OpenSSL to version 0.9.8y. \nCVE-ID\nCVE-2012-2686\nCVE-2013-0166\nCVE-2013-0169\n\nPHP\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in PHP\nDescription: Multiple vulnerabilities existed in PHP, the most\nserious of which may lead to arbitrary code execution. These issues\nwere addressed by updating PHP to version 5.3.26. \nCVE-ID\nCVE-2013-1635\nCVE-2013-1643\nCVE-2013-1824\nCVE-2013-2110\n\nPostgreSQL\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Multiple vulnerabilities in PostgreSQL\nDescription: Multiple vulnerabilities exist in PostgreSQL, the most\nserious of which may lead to data corruption or privilege escalation. \nThis update addresses the issues by updating PostgreSQL to version\n9.0.13. \nCVE-ID\nCVE-2013-1899\nCVE-2013-1900\nCVE-2013-1901\nCVE-2013-1902\nCVE-2013-1903\n\nPower Management\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: The screen saver may not start after the specified time\nperiod\nDescription: A power assertion lock issue existed. This issue was\naddressed through improved lock handling. \nCVE-ID\nCVE-2013-1031\n\nQuickTime\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8 to v10.8.4\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\n\u0027idsc\u0027 atoms in QuickTime movie files. This issue was addressed\nthrough additional bounds checking. \nCVE-ID\nCVE-2013-1032 : Jason Kratzer working with iDefense VCP\n\nScreen Lock\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\nImpact: A user with screen sharing access may be able to bypass the\nscreen lock when another user is logged in\nDescription: A session management issue existed in the screen lock\u0027s\nhandling of screen sharing sessions. This issue was addressed through\nimproved session tracking. \nCVE-ID\nCVE-2013-1033 : Jeff Grisso of Atos IT Solutions, Sebastien Stormacq\n\nNote: OS X Mountain Lion v10.8.5 also addresses an issue where\ncertain Unicode strings could cause applications to unexpectedly\nterminate. \n\n\nOS X Mountain Lion v10.8.5 and Security Update 2013-004 may be\nobtained from the Software Update pane in System Preferences,\nor Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nThe Software Update utility will present the update that applies\nto your system configuration. Only one is needed, either\nOS X Mountain Lion v10.8.5, or Security Update\n2013-004. \n\nFor OS X Mountain Lion v10.8.4\nThe download file is named: OSXUpd10.8.5.dmg\nIts SHA-1 digest is: a74ab6d9501778437e7afba0bbed47b776a52b11\n\nFor OS X Mountain Lion v10.8 and v10.8.3\nThe download file is named: OSXUpdCombo10.8.5.dmg\nIts SHA-1 digest is: cb798ac9b97ceb2d8875af040ce4ff06187d61f2\n\nFor OS X Lion v10.7.5\nThe download file is named: SecUpd2013-004.dmg\nIts SHA-1 digest is: dbc50fce7070f83b93b866a21b8f5c6e65007fa0\n\nFor OS X Lion Server v10.7.5\nThe download file is named: SecUpdSrvr2013-004.dmg\nIts SHA-1 digest is: 44a77edbd37732b865bc21a9aac443a3cdc47355\n\nFor Mac OS X v10.6.8\nThe download file is named: SecUpd2013-004.dmg\nIts SHA-1 digest is: d07d5142a2549270f0d2eaddb262b41bb5c16b61\n\nFor Mac OS X Server v10.6.8\nThe download file is named: SecUpdSrvr2013-004.dmg\nIts SHA-1 digest is: 8f9abe93f7f9427cf86b89bd67df948a85537dbc\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJSMiPGAAoJEPefwLHPlZEw9qMP/17D4Q8velZ3H4AumPzHqqB4\nQxPcuv8PXzhi55epUm2bzNfXR9A5L9KvzEsmggqxO2/ESO0zfeKgAmXXjCI3z5Qc\n+WkHgqowjwXU9cbjyDkhwb/ylXml+vCSIv2m9eXXNRTRi0rm9ZLSI/JMSRfLMojQ\nbZbzQSoSpuGaOeOOWESKCf9zBXFG6DBGo0wg3z8Bkywjtp/7bfddPAFHxIdhjDDN\n1IgmhPRnP6NEdNSfR6RwF94M+hyiJ2I2DIDZTIo+6B4Ne90bEYdBiQmSxwKFAyc3\nH9VFfB8XmrtA2k4DhE6Ow2jD/Y//QKz6TbyZNSQawXxuPsj43v6/T6BsWdfddGbQ\nhDGU85e7z7a4gmIPuS3DjMhSEyAixL/B3vKYBaZltH6JBCcPuLvGrU7nAiJa7KGQ\n8MToOyv42TSj95drFzysk5fcO0MIUH5xiGlaU+ScEdBSpIpHDfpjeJYPqxHeGFaa\nV2xCGw1vMYbMoxNzRL0FPPdUxJkyBHvuzZXh6c6fATuQIPCtwejpPrYEo7x7RRpl\nytsVLe3V27j7IfWb62nI+mNVfH5m+YgK4SGK5DSq8Nm1Lk0w4HXmTtrhOCogsJ2I\nyoqeg/XakiSdxZxhSa9/ZZsMB+D1B8siNzCj0+U0k4zYjxEA0GdSu/dYRVT62oIn\nvBrJ5gm+nnyRe2TUMAwz\n=h9hc\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201401-34\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: BIND: Denial of Service\n Date: January 29, 2014\n Bugs: #437828, #446094, #453974, #463497, #478316, #483208, #498016\n ID: 201401-34\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in BIND, possibly resulting in\nDenial of Service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.9.4_p2 \u003e= 9.9.4_p2\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in BIND. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.9.4_p2\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5166\n[ 2 ] CVE-2012-5688\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5688\n[ 3 ] CVE-2012-5689\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5689\n[ 4 ] CVE-2013-2266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2266\n[ 5 ] CVE-2013-3919\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3919\n[ 6 ] CVE-2013-4854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4854\n[ 7 ] CVE-2014-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0591\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-34.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \nCorrected: 2012-11-22 23:15:38 UTC (RELENG_7, 7.4-STABLE)\n 2012-11-22 22:52:15 UTC (RELENG_7_4, 7.4-RELEASE-p11)\n 2012-10-11 13:25:09 UTC (RELENG_8, 8.3-STABLE)\n 2012-11-22 22:52:15 UTC (RELENG_8_3, 8.3-RELEASE-p5)\n 2012-10-10 19:50:15 UTC (RELENG_9, 9.1-PRERELEASE)\n 2012-11-22 22:52:15 UTC (RELENG_9_0, 9.0-RELEASE-p5)\n 2012-11-22 22:52:15 UTC (RELENG_9_1, 9.1-RC1-p1)\n 2012-11-22 22:52:15 UTC (RELENG_9_1, 9.1-RC2-p1)\n 2012-11-22 22:52:15 UTC (RELENG_9_1, 9.1-RC3-p1)\nCVE Name: CVE-2012-4244, CVE-2012-5166\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nII. Problem Description\n\nThe BIND daemon would crash when a query is made on a resource record\nwith RDATA that exceeds 65535 bytes. \n\nThe BIND daemon would lock up when a query is made on specific\ncombinations of RDATA. \n\nIII. Impact\n\nA remote attacker can query a resolving name server to retrieve a record\nwhose RDATA is known to be larger than 65535 bytes, thereby causing the\nresolving server to crash via an assertion failure in named. \n\nAn attacker who is in a position to add a record with RDATA larger than\n65535 bytes to an authoritative name server can cause that server to\ncrash by later querying for that record. \n\nIV. Workaround\n\nNo workaround is available, but systems not running the BIND name\nserver are not affected. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 7-STABLE, 8-STABLE, or 9-STABLE,\nor to the RELENG_7_4, RELENG_8_3, or RELENG_9_0 security branch dated\nafter the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to FreeBSD 7.4,\n8.3, and 9.0 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-12:06/bind.patch\n# fetch http://security.FreeBSD.org/patches/SA-12:06/bind.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nRecompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:http://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\n3) To update your vulnerable system via a binary patch:\n\nSystems running 7.4-RELEASE, 8.3-RELEASE, 9.0-RELEASE, or 9.1-RC1 on\nthe i386 or amd64 platforms can be updated via the freebsd-update(8)\nutility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n4) Install and run BIND from the Ports Collection after the correction\ndate. The following versions and newer versions of BIND installed from\nthe Ports Collection are not affected by this vulnerability:\n\n bind96-9.6.3.1.ESV.R7.4\n bind97-9.7.6.4\n bind98-9.8.3.4\n bind99-9.9.1.4\n\nVI. Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nSubversion:\n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/7/ r243418\nreleng/7.4/ r243417\nstable/8/ r241443\nreleng/8.3/ r243417\nstable/9/ r241415\nreleng/9.0/ r243417\nreleng/9.1/ r243417\n- -------------------------------------------------------------------------\n\nVII", "sources": [ { "db": "NVD", "id": "CVE-2012-5166" }, { "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "db": "BID", "id": "55852" }, { "db": "VULMON", "id": "CVE-2012-5166" }, { "db": "PACKETSTORM", "id": "117348" }, { "db": "PACKETSTORM", "id": "116541" }, { "db": "PACKETSTORM", "id": "118736" }, { "db": "PACKETSTORM", "id": "125919" }, { "db": "PACKETSTORM", "id": "117281" }, { "db": "PACKETSTORM", "id": "123228" }, { "db": "PACKETSTORM", "id": "124979" }, { "db": "PACKETSTORM", "id": "118325" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-5166", "trust": 3.5 }, { "db": "ISC", "id": "AA-00801", "trust": 2.1 }, { "db": "SECUNIA", "id": "50956", "trust": 1.7 }, { "db": "BID", "id": "55852", "trust": 1.4 }, { "db": "SECUNIA", "id": "50903", "trust": 1.1 }, { "db": "SECUNIA", "id": "51106", "trust": 1.1 }, { "db": "SECUNIA", "id": "50909", "trust": 1.1 }, { "db": "SECUNIA", "id": "51054", "trust": 1.1 }, { "db": "SECUNIA", "id": "51078", "trust": 1.1 }, { "db": "SECUNIA", "id": "51178", "trust": 1.1 }, { "db": "SECUNIA", "id": "51096", "trust": 1.1 }, { "db": "OSVDB", "id": "86118", "trust": 1.1 }, { "db": "JVNDB", "id": "JVNDB-2012-004866", "trust": 0.8 }, { "db": "SECUNIA", "id": "50878", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201210-182", "trust": 0.6 }, { "db": "SECUNIA", "id": "50610", "trust": 0.2 }, { "db": "ISC", "id": "AA-00778", "trust": 0.2 }, { "db": "VULMON", "id": "CVE-2012-5166", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "117348", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116541", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "118736", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "125919", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "117281", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "123228", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "124979", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "118325", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2012-5166" }, { "db": "BID", "id": "55852" }, { "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "db": "PACKETSTORM", "id": "117348" }, { "db": "PACKETSTORM", "id": "116541" }, { "db": "PACKETSTORM", "id": "118736" }, { "db": "PACKETSTORM", "id": "125919" }, { "db": "PACKETSTORM", "id": "117281" }, { "db": "PACKETSTORM", "id": "123228" }, { "db": "PACKETSTORM", "id": "124979" }, { "db": "PACKETSTORM", "id": "118325" }, { "db": "CNNVD", "id": "CNNVD-201210-182" }, { "db": "NVD", "id": "CVE-2012-5166" } ] }, "id": "VAR-201210-0300", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.44417140666666666 }, "last_update_date": "2024-07-23T19:53:24.742000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APPLE-SA-2013-09-12-1", "trust": 0.8, "url": "http://lists.apple.com/archives/security-announce/2013/sep/msg00002.html" }, { "title": "HT5880", "trust": 0.8, "url": "http://support.apple.com/kb/ht5880" }, { "title": "HT5880", "trust": 0.8, "url": "http://support.apple.com/kb/ht5880?viewlocale=ja_jp" }, { "title": "DSA-2560", "trust": 0.8, "url": "http://www.debian.org/security/2012/dsa-2560" }, { "title": "FEDORA-2012-15981", "trust": 0.8, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-october/090586.html" }, { "title": "FEDORA-2012-16022", "trust": 0.8, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-october/090491.html" }, { "title": "FEDORA-2012-15965", "trust": 0.8, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-october/090346.html" }, { "title": "IV30364", "trust": 0.8, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30364" }, { "title": "IV30365", "trust": 0.8, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30365" }, { "title": "IV30366", "trust": 0.8, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30366" }, { "title": "IV30367", "trust": 0.8, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30367" }, { "title": "IV30368", "trust": 0.8, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30368" }, { "title": "IV30247", "trust": 0.8, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30247" }, { "title": "CVE-2012-5166: Specially crafted DNS data can cause a lockup in named", "trust": 0.8, "url": "https://kb.isc.org/article/aa-00801" }, { "title": "CVE-2012-5166 [JP]: \u7279\u5225\u306b\u7d30\u5de5\u3055\u308c\u305fDNS\u306e\u30c7\u30fc\u30bf\u306b\u3088\u308bnamed\u306e\u30cf\u30f3\u30b0\u30a2\u30c3\u30d7", "trust": 0.8, "url": "https://kb.isc.org/article/aa-00808" }, { "title": "openSUSE-SU-2012:1372", "trust": 0.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00011.html" }, { "title": "SUSE-SU-2012:1390", "trust": 0.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00013.html" }, { "title": "RHSA-2012:1364", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2012-1364.html" }, { "title": "RHSA-2012:1365", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2012-1365.html" }, { "title": "RHSA-2012:1363", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2012-1363.html" }, { "title": "CVE-2012-5166 Denial of Service vulnerability in ISC BIND", "trust": 0.8, "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5166_denial_of" }, { "title": "XRX13-003", "trust": 0.8, "url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_xrx13-003_v1.0.pdf" }, { "title": "bind-9.9.2-P1", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45066" }, { "title": "Red Hat: Important: bind security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121363 - security advisory" }, { "title": "Red Hat: Important: bind97 security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121364 - security advisory" }, { "title": "Red Hat: Important: bind security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121365 - security advisory" }, { "title": "Debian CVElist Bug Report Logs: CVE-2012-5166: Specially crafted DNS data can cause a lockup in named", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=e99545463f44dd9e58ef8aecc46750ec" }, { "title": "Debian Security Advisories: DSA-2560-1 bind9 -- denial of service", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=7b9fe8ac24a68c94bee1a7c650a314f8" }, { "title": "Ubuntu Security Notice: bind9 vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1601-1" }, { "title": "Amazon Linux AMI: ALAS-2012-138", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2012-138" }, { "title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce" } ], "sources": [ { "db": "VULMON", "id": "CVE-2012-5166" }, { "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "db": "CNNVD", "id": "CNNVD-201210-182" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-189", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "db": "NVD", "id": "CVE-2012-5166" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.1, "url": "https://kb.isc.org/article/aa-00801" }, { "trust": 1.7, "url": "http://secunia.com/advisories/50956" }, { "trust": 1.4, "url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_xrx13-003_v1.0.pdf" }, { "trust": 1.4, "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_5166_denial_of" }, { "trust": 1.4, "url": "http://support.apple.com/kb/ht5880" }, { "trust": 1.4, "url": "http://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2012-1364.html" }, { "trust": 1.2, "url": "http://www.isc.org/software/bind/advisories/cve-2012-5166" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2012-1365.html" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-october/090491.html" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-october/090586.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00013.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00011.html" }, { "trust": 1.1, "url": "http://www.debian.org/security/2012/dsa-2560" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/55852" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2012-1363.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/51054" }, { "trust": 1.1, "url": "http://secunia.com/advisories/50903" }, { "trust": 1.1, "url": "http://secunia.com/advisories/50909" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-october/090346.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/51096" }, { "trust": 1.1, "url": "http://secunia.com/advisories/51106" }, { "trust": 1.1, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30366" }, { "trust": 1.1, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30368" }, { "trust": 1.1, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30364" }, { "trust": 1.1, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30367" }, { "trust": 1.1, "url": "http://secunia.com/advisories/51078" }, { "trust": 1.1, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30365" }, { "trust": 1.1, "url": "http://osvdb.org/86118" }, { "trust": 1.1, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30247" }, { "trust": 1.1, "url": "http://secunia.com/advisories/51178" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2012:162" }, { "trust": 1.1, "url": "http://lists.apple.com/archives/security-announce/2013/sep/msg00002.html" }, { "trust": 1.1, "url": "http://www.ibm.com/support/docview.wss?uid=isg1iv30185" }, { "trust": 1.1, "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2012\u0026m=slackware-security.536004" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "trust": 1.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04952488" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19706" }, { "trust": 1.0, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5166" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2012/at120033.txt" }, { "trust": 0.8, "url": "http://jprs.jp/tech/security/2012-10-10-bind9-vuln-rr-combination.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5166" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5166" }, { "trust": 0.6, "url": "http://secunia.com/advisories/50878" }, { "trust": 0.3, "url": "http://www.collax.com/produkte/die-komplettloesung-fuer-kleine-unternehmen" }, { "trust": 0.3, "url": "http://seclists.org/bugtraq/2014/mar/att-156/esa-2014-016.txt" }, { "trust": 0.3, "url": "http://www.isc.org/products/bind/" }, { "trust": 0.3, "url": "http://www.xerox.com/download/security/security-bulletin/1683f-4d960e4b16bb2/cert_xrx13-004_v1.01.pdf" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100168007" }, { "trust": 0.3, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=kb76535" }, { "trust": 0.3, "url": "http://www.freebsd.org/security/advisories/freebsd-sa-12:06.bind.asc" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04952488" }, { "trust": 0.3, "url": "http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03526327\u0026ac.admitted=1351077150059.876444892.492883150" }, { "trust": 0.3, "url": "http://support.f5.com/kb/en-us/solutions/public/14000/200/sol14201.html" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5688" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3817" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4244" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/189.html" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2012:1363" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=27151" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/1601-1/" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5166.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.1, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/knowledge/articles/11258" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50610" }, { "trust": 0.1, "url": "https://kb.isc.org/article/aa-00778/74" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50610/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50610/#comments" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/blog/325/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3868" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5688" }, { "trust": 0.1, "url": "http://slackware.com" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1667" }, { "trust": 0.1, "url": "http://osuosl.org)" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3868" }, { "trust": 0.1, "url": "http://slackware.com/gpg-key" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3817" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1667" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0814" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0634" }, { "trust": 0.1, "url": "https://tomcat.apache.org/security-6.html#fixed_in_apache_tomcat_6.0.36" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1667" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2136" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4110" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2002-2443" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1044" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/)" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0632" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0633" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0635" }, { "trust": 0.1, "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" }, { "trust": 0.1, "url": "http://www.ubuntu.com/usn/usn-1601-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu4.5" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu2.7" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.4.2.dfsg.p2-2ubuntu0.12" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.p1-1ubuntu0.8" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.4" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3499" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1899" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4558" }, { "trust": 0.1, "url": "http://support.apple.com/kb/ht1222" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1903" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1635" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1025" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1029" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1643" }, { "trust": 0.1, "url": "http://www.apple.com/support/downloads/" }, { "trust": 0.1, "url": "https://www.traud.de" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2687" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1901" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1026" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1824" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1027" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1031" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1902" }, { "trust": 0.1, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1033" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1032" }, { "trust": 0.1, "url": "http://gpgtools.org" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1030" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2686" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1028" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0883" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1900" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0166" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0591" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3919" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-3919" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5689" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201401-34.xml" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2266" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5688" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2266" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5166" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4854" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0591" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4854" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5689" }, { "trust": 0.1, "url": "http://www.freebsd.org/handbook/makeworld.html\u003e." }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-12:06/bind.patch.asc" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-12:06/bind.patch" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4244" }, { "trust": 0.1, "url": "http://security.freebsd.org/\u003e." }, { "trust": 0.1, "url": "https://kb.isc.org/article/aa-00778" }, { "trust": 0.1, "url": "http://security.freebsd.org/advisories/freebsd-sa-12:06.bind.asc" } ], "sources": [ { "db": "VULMON", "id": "CVE-2012-5166" }, { "db": "BID", "id": "55852" }, { "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "db": "PACKETSTORM", "id": "117348" }, { "db": "PACKETSTORM", "id": "116541" }, { "db": "PACKETSTORM", "id": "118736" }, { "db": "PACKETSTORM", "id": "125919" }, { "db": "PACKETSTORM", "id": "117281" }, { "db": "PACKETSTORM", "id": "123228" }, { "db": "PACKETSTORM", "id": "124979" }, { "db": "PACKETSTORM", "id": "118325" }, { "db": "CNNVD", "id": "CNNVD-201210-182" }, { "db": "NVD", "id": "CVE-2012-5166" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2012-5166" }, { "db": "BID", "id": "55852" }, { "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "db": "PACKETSTORM", "id": "117348" }, { "db": "PACKETSTORM", "id": "116541" }, { "db": "PACKETSTORM", "id": "118736" }, { "db": "PACKETSTORM", "id": "125919" }, { "db": "PACKETSTORM", "id": "117281" }, { "db": "PACKETSTORM", "id": "123228" }, { "db": "PACKETSTORM", "id": "124979" }, { "db": "PACKETSTORM", "id": "118325" }, { "db": "CNNVD", "id": "CNNVD-201210-182" }, { "db": "NVD", "id": "CVE-2012-5166" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-10-10T00:00:00", "db": "VULMON", "id": "CVE-2012-5166" }, { "date": "2012-10-09T00:00:00", "db": "BID", "id": "55852" }, { "date": "2012-10-12T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "date": "2012-10-12T23:40:33", "db": "PACKETSTORM", "id": "117348" }, { "date": "2012-09-14T01:16:19", "db": "PACKETSTORM", "id": "116541" }, { "date": "2012-12-10T23:33:33", "db": "PACKETSTORM", "id": "118736" }, { "date": "2014-03-27T22:22:22", "db": "PACKETSTORM", "id": "125919" }, { "date": "2012-10-11T06:35:38", "db": "PACKETSTORM", "id": "117281" }, { "date": "2013-09-13T19:32:22", "db": "PACKETSTORM", "id": "123228" }, { "date": "2014-01-30T01:18:39", "db": "PACKETSTORM", "id": "124979" }, { "date": "2012-11-23T17:16:44", "db": "PACKETSTORM", "id": "118325" }, { "date": "2012-10-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201210-182" }, { "date": "2012-10-10T21:55:00.860000", "db": "NVD", "id": "CVE-2012-5166" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-09-19T00:00:00", "db": "VULMON", "id": "CVE-2012-5166" }, { "date": "2016-07-29T17:00:00", "db": "BID", "id": "55852" }, { "date": "2013-09-30T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004866" }, { "date": "2012-10-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201210-182" }, { "date": "2017-09-19T01:35:29.763000", "db": "NVD", "id": "CVE-2012-5166" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "117348" }, { "db": "PACKETSTORM", "id": "117281" }, { "db": "PACKETSTORM", "id": "118325" }, { "db": "CNNVD", "id": "CNNVD-201210-182" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "ISC BIND Service disruption in (named Daemon hang ) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-004866" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "digital error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201210-182" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.