var-201408-0081
Vulnerability from variot
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue. OpenSSL is prone to security-bypass vulnerability. Successfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. OpenSSL 1.0.1 versions prior to 1.0.1i are vulnerable. ============================================================================ Ubuntu Security Notice USN-2308-1 August 07, 2014
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenSSL.
Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
Adam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled certain DTLS packets. (CVE-2014-3506)
Adam Langley discovered that OpenSSL incorrectly handled memory when processing DTLS fragments. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. When OpenSSL is used with certain applications, an attacker may use this issue to possibly gain access to sensitive information. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-5139)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.5
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.17
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.20
After a standard system update you need to reboot your computer to make all the necessary changes. OpenSSL Security Advisory [6 Aug 2014] ========================================
Information leak in pretty printing functions (CVE-2014-3508)
A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. OpenSSL SSL/TLS clients and servers themselves are not affected.
OpenSSL 0.9.8 users should upgrade to 0.9.8zb OpenSSL 1.0.0 users should upgrade to 1.0.0n. OpenSSL 1.0.1 users should upgrade to 1.0.1i.
Thanks to Ivan Fratric (Google) for discovering this issue. This issue was reported to OpenSSL on 19th June 2014.
The fix was developed by Emilia Käsper and Stephen Henson of the OpenSSL development team.
Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)
The issue affects OpenSSL clients and allows a malicious server to crash the client with a null pointer dereference (read) by specifying an SRP ciphersuite even though it was not properly negotiated with the client. This can be exploited through a Denial of Service attack.
OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i.
Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for discovering and researching this issue. This issue was reported to OpenSSL on 2nd July 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory.
OpenSSL 1.0.0 SSL/TLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i.
Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this issue. This issue was reported to OpenSSL on 8th July 2014.
The fix was developed by Gabor Tyukasz.
Double Free when processing DTLS packets (CVE-2014-3505)
An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zb OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0n. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1i.
Thanks to Adam Langley and Wan-Teh Chang (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.
The fix was developed by Adam Langley.
DTLS memory exhaustion (CVE-2014-3506)
An attacker can force openssl to consume large amounts of memory whilst processing DTLS handshake messages. This can be exploited through a Denial of Service attack.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zb OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0n. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1i.
Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.
The fix was developed by Adam Langley.
DTLS memory leak from zero-length fragments (CVE-2014-3507)
By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zb OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0n. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1i.
Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.
The fix was developed by Adam Langley.
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages.
OpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb OpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i.
Thanks to Felix Gröbert (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 18th July 2014.
The fix was developed by Emilia Käsper of the OpenSSL development team.
OpenSSL 1.0.1 SSL/TLS server users should upgrade to 1.0.1i.
Thanks to David Benjamin and Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 21st July 2014.
The fix was developed by David Benjamin.
SRP buffer overrun (CVE-2014-3512)
A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected.
OpenSSL 1.0.1 SSL/TLS users should upgrade to 1.0.1i.
Thanks to Sean Devlin and Watson Ladd (Cryptography Services, NCC Group) for discovering this issue. This issue was reported to OpenSSL on 31st July 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20140806.txt
Note: the online version of the advisory may be updated with additional details over time.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz: Upgraded. This update fixes several security issues: Double Free when processing DTLS packets (CVE-2014-3505) DTLS memory exhaustion (CVE-2014-3506) DTLS memory leak from zero-length fragments (CVE-2014-3507) Information leak in pretty printing functions (CVE-2014-3508) Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) OpenSSL TLS protocol downgrade attack (CVE-2014-3511) SRP buffer overrun (CVE-2014-3512) Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139) For more information, see: https://www.openssl.org/news/secadv_20140806.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139 ( Security fix ) patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz: Upgraded. ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zb-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zb-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zb-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1i-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1i-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1i-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1i-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1i-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1i-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1i-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 30bdc015b10d8891b90d3f6ea34f5fdd openssl-0.9.8zb-i486-1_slack13.0.txz 3dc4140c22c04c94e5e74386a5a1c200 openssl-solibs-0.9.8zb-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 3da32f51273762d67bf9dbcc91af9413 openssl-0.9.8zb-x86_64-1_slack13.0.txz 075e5d12e5b909ecac923cb210f83544 openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 3b7e2bb2b317bf72b8f9b2b7a14bddfb openssl-0.9.8zb-i486-1_slack13.1.txz 92af0784eade0674332a56bfab73b97d openssl-solibs-0.9.8zb-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: df5f961109d7b50971660ca6a7d4c48c openssl-0.9.8zb-x86_64-1_slack13.1.txz 582aaeae3d56730a2e1538a67d4e44da openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 546445d56d3b367fa0dd4e80859c4620 openssl-0.9.8zb-i486-1_slack13.37.txz b80e9df8cdd0649939ec2fab20d24691 openssl-solibs-0.9.8zb-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: 9c9ce97dc21340924a3e27c1a8047023 openssl-0.9.8zb-x86_64-1_slack13.37.txz 0fe1931f2fc82fb8d5fbe72680caf843 openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz
Slackware 14.0 packages: d1580f4b22b99cee42b22276653c8180 openssl-1.0.1i-i486-1_slack14.0.txz ec93cec2bcab8ae7391a504573cbc231 openssl-solibs-1.0.1i-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 329475de3759225b1d02aa7317b2eb58 openssl-1.0.1i-x86_64-1_slack14.0.txz 25f2a198022d974534986a3913ca705c openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 8336457bc31d44ebf502ffc4443f12f7 openssl-1.0.1i-i486-1_slack14.1.txz 4b99ac357fbd3065c53367eea246b8c7 openssl-solibs-1.0.1i-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: f2b8f81d9d7dc02e5d1011f663ccc95d openssl-1.0.1i-x86_64-1_slack14.1.txz 4360abffbb57cb18ba0720f782d78250 openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz
Slackware -current packages: 49ecd332a899cf742d3467a6efe44269 a/openssl-solibs-1.0.1i-i486-1.txz 27da017c49045981b1793f105aff365f n/openssl-1.0.1i-i486-1.txz
Slackware x86_64 -current packages: 8d74f3d770802182137c84d925f58cbc a/openssl-solibs-1.0.1i-x86_64-1.txz fd9d94d3210f0aedf74959cb0887e2b8 n/openssl-1.0.1i-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1i-i486-1_slack14.1.txz openssl-solibs-1.0.1i-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04624296
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04624296 Version: 1
HPSBMU03304 rev.1 - HP Insight Control server deployment on Linux and Windows, Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-04-01 Last Updated: 2015-04-01
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) which are components of HP Insight Control server deployment. These vulnerabilities are related to the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE". The components of HP Insight Control server deployment could be exploited remotely to allow disclosure of information.
HP Insight Control server deployment includes HP System Management Homepage (SMH), HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following jobs. This bulletin provides the information needed to update the vulnerable components in HP Insight Control server deployment.
Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware
References:
CVE-2014-3508 CVE-2014-3509 CVE-2014-3511 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 SSRT102004
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3509 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3511 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3568 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-5139 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following instructions to resolve this vulnerability.
Note: For HP Insight deployment Control server v7.1.2, v7.2.0, v7.2.1 and v7.2.2, you must upgrade to v7.3.1 and follow the steps from 1 to 11 mentioned below to resolve the vulnerability.
Delete the files smh.exe from Component Copy Location listed in the following table, rows 1 and 2. Delete the files vca.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7..rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-bd2042a1c7574aad90c4839efe smhamd64-cp023964.exe \express\hpfeatures\hpagents-ws\components\Win2008
2 http://www.hp.com/swpublishing/MTX-062078f1ae354b7e99c86c151c smhx86-cp023963.exe \express\hpfeatures\hpagents-ws\components\Win2008
3 http://www.hp.com/swpublishing/MTX-7b23e47d5d9b420b94bd1323eb vcax86 cp025295.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-2557aa7dc1654cf6b547c1a9e4 vcaamd64-cp025296.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-5827037475e44abab586463723 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components
\express\hpfeatures\hpagents-sles10-x64\components
\express\hpfeatures\hpagents-rhel5-x64\components
\express\hpfeatures\hpagents-rhel6-x64\components
6 http://www.hp.com/swpublishing/MTX-57ab6bb78b6e47a18718f44133 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components
\express\hpfeatures\hpagents-sles10-x64\components
\express\hpfeatures\hpagents-rhel5-x64\components
\express\hpfeatures\hpagents-rhel6-x64\components
7 http://www.hp.com/swpublishing/MTX-34bcab41ac7e4db299e3f5f2f1 smhx86-cp025274.exe \express\hpfeatures\hpagents-ws\components\Win2003
8 http://www.hp.com/swpublishing/MTX-00eb9ac82e86449e8c3ba101bd smhamd64-cp025275.exe \express\hpfeatures\hpagents-ws\components\Win2003
Download and extract the HP SUM component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p991570621/v99346
Copy all content from extracted folder and paste at \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on the target running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on the target running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on the target running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on the target running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 job on the target running Windows.
HISTORY Version:1 (rev.1) - 1 April 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: rhevm-spice-client security and bug fix update Advisory ID: RHSA-2015:0197-01 Product: Red Hat Enterprise Virtualization Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0197.html Issue date: 2014-07-25 Updated on: 2015-02-11 CVE Names: CVE-2014-3509 CVE-2014-3511 =====================================================================
- Summary:
Updated rhevm-spice-client packages that fix two security issues and several bugs are now available for Red Hat Enterprise Virtualization Manager 3.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
RHEV-M 3.5 - noarch
- Description:
Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems. (CVE-2014-3509)
A flaw was found in the way OpenSSL handled fragmented handshake packets. (CVE-2014-3511)
This update also fixes the following bugs:
-
Previously, various clipboard managers, operating on the client or on the guest, would occasionally lose synchronization, which resulted in clipboard data loss and the SPICE console freezing. Now, spice-gtk have been patched, such that clipboard synchronization does not freeze the SPICE console anymore. (BZ#1083489)
-
Prior to this update, when a SPICE console was launched from the Red Hat Enterprise Virtualization User Portal with the 'Native Client' invocation method and 'Open in Full Screen' selected, the displays of the guest virtual machine were not always configured to match the client displays. After this update, the SPICE console will show a full-screen guest display for each client monitor. (BZ#1076243)
-
A difference in behavior between Linux and Windows clients caused an extra nul character to be sent when pasting text in a guest machine from a Windows client. This invisible character was visible in some Java applications. With this update, the extra nul character is removed from text strings and no more extraneous character would appear. (BZ#1090122)
-
Previously, If the clipboard is of type image/bmp, and the data is of 0 size, GTK+ will crash. With this update, the data size is checked first, and GTK+ no longer crashes when clipboard is of type image/bmp, and the data is of 0 size. (BZ#1090433)
-
Modifier-only key combinations cannot be registered by users as hotkeys so if a user tries to set a modifier-only key sequence (for example, 'ctrl+alt') as the hotkey for releasing the cursor, it will fail, and the user will be able to release the cursor from the window. With this update, when a modifier-only hotkey is attempted to be registered, it will fall back to the default cursor-release sequence (which happens to be 'ctrl+alt'). (BZ#985319)
-
Display configuration sometimes used outdated information about the position of the remote-viewer windows in order to align and configure the guest displays. Occasionally, this caused the guest displays to became unexpectedly swapped when a window is resized. With this update, remote-viewer will always use the current window locations to align displays, rather than using a possibly outdated cached location information. (BZ#1018182)
All rhevm-spice-client users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1018145 - --full-screen=auto-conf sometimes (but frequently) doesn't work correctly 1018182 - primary monitor is switched if some screen gets bigger then current primary screen 1076243 - [BUG] RHEV SPICE console not opening in full screen or detecting resolution by default 1083489 - [SPICE][BUG] Spice session freezes randomly 1090122 - Pasting into java apps inserts unprintable character 1090433 - [GTK][BUG] win32: add more clipboard data checks to avoid crash 1103366 - Rebase virt-viewer to 0.6.0 1105650 - Fix windows productversion to fit -z releases 1115445 - in About dialog, hyphen version-build dividing hyphen is missing 1127498 - CVE-2014-3509 openssl: race condition in ssl_parse_serverhello_tlsext 1127504 - CVE-2014-3511 openssl: TLS protocol downgrade attack
- Package List:
RHEV-M 3.5:
Source: rhevm-spice-client-3.5-2.el6.src.rpm
noarch: rhevm-spice-client-x64-cab-3.5-2.el6.noarch.rpm rhevm-spice-client-x64-msi-3.5-2.el6.noarch.rpm rhevm-spice-client-x86-cab-3.5-2.el6.noarch.rpm rhevm-spice-client-x86-msi-3.5-2.el6.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2014-3509 https://access.redhat.com/security/cve/CVE-2014-3511 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFU253LXlSAg2UNWIIRAjJEAKCrqGkFJHhLN3Iqt069y96etuCAxgCcCTWW 1SViofNGiqbiufMWwY7okg4= =cjiU -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-39
http://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 26, 2014 Bugs: #494816, #519264, #525468 ID: 201412-39
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in Denial of Service or Man-in-the-Middle attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.1j *>= 0.9.8z_p2 >= 1.0.1j
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.
Resolution
All OpenSSL 1.0.1 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1j"
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8z_p2"
Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying these packages.
References
[ 1 ] CVE-2013-6449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6449 [ 2 ] CVE-2013-6450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6450 [ 3 ] CVE-2014-3505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3505 [ 4 ] CVE-2014-3506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3506 [ 5 ] CVE-2014-3507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3507 [ 6 ] CVE-2014-3509 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3509 [ 7 ] CVE-2014-3510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3510 [ 8 ] CVE-2014-3511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3511 [ 9 ] CVE-2014-3512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3512 [ 10 ] CVE-2014-3513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3513 [ 11 ] CVE-2014-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3567 [ 12 ] CVE-2014-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3568 [ 13 ] CVE-2014-5139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5139
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-39.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
References:
CVE-2014-3508 CVE-2014-3509 CVE-2014-3511 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 SSRT101894 SSRT101916 SSRT101918 SSRT101920 SSRT101921 SSRT101922 SSRT101923 SSRT101925 SSRT101926 SSRT101927
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The HP Matrix Operating Environment v7.2.3 Update kit applicable to HP Matrix Operating Environment 7.2.x installations is available at the following location:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =HPID
NOTE: Please read the readme.txt file before proceeding with the installation. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-14:18.openssl Security Advisory The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib Module: openssl Announced: 2014-09-09 Affects: All supported versions of FreeBSD. Corrected: 2014-08-07 21:04:42 UTC (stable/10, 10.0-STABLE) 2014-09-09 10:09:46 UTC (releng/10.0, 10.0-RELEASE-p8) 2014-08-07 21:06:34 UTC (stable/9, 9.3-STABLE) 2014-09-09 10:13:46 UTC (releng/9.3, 9.3-RELEASE-p1) 2014-09-09 10:13:46 UTC (releng/9.2, 9.2-RELEASE-p11) 2014-09-09 10:13:46 UTC (releng/9.1, 9.1-RELEASE-p18) 2014-08-07 21:06:34 UTC (stable/8, 8.4-STABLE) 2014-09-09 10:13:46 UTC (releng/8.4, 8.4-RELEASE-p15) CVE Name: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510, CVE-2014-3509, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
II. [CVE-2014-5139]
III. Impact
A remote attacker may be able to cause a denial of service (application crash, large memory consumption), obtain additional information, cause protocol downgrade. Additionally, a remote attacker may be able to run arbitrary code on a vulnerable system if the application has been set up for SRP.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.0]
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-10.0.patch
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-10.0.patch.asc
gpg --verify openssl-10.0.patch.asc
[FreeBSD 9.3]
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.3.patch
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.3.patch.asc
gpg --verify openssl-9.3.patch.asc
[FreeBSD 9.2, 9.1, 8.4]
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.patch
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.patch.asc
gpg --verify openssl-9.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in
Restart all deamons using the library, or reboot the system.
3) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r269687 releng/8.4/ r271305 stable/9/ r269687 releng/9.1/ r271305 releng/9.2/ r271305 releng/9.3/ r271305 stable/10/ r269686 releng/10.0/ r271304
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII.
References:
CVE-2014-0224 Remote Unauthorized Access, Disclosure of Information CVE-2014-3509 Remote Denial of Service (DoS) CVE-2014-3511 Remote Unauthorized Access, Disclosure of Information CVE-2014-5139 Remote Denial of Service (DoS) SSRT101818
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Note: For versions not listed, please contact support:
Note: ServiceCenter 6.2 is impacted only if using the Directory Services integration feature with the SC LDAP over SSL (LDAPS) protocol. If this feature is in use, HP recommends that ServiceCenter 6.2 customers upgrade to Service Manager 7.11, 9.21, or 9.34, and then apply the patches listed below.
Patch Version Package Name / SSO URL
SM711P22 AIX Server 7.11.720 p22 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00614
HP Itanium Server 7.11.720 p22 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00615
HP parisc Server 7.11.720 p22 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00616
Linux x86 Server 7.11.720 p22 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00617
Solaris Server 7.11.720 p22 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00618
Windows Server 7.11.720 p22 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00619
SM921P9 AIX server 9.21.706 P9 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00621
HPUX/IA server 9.21.706 P9 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00622
HPUX/PA server 9.21.706 P9 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00623
Linux server 9.21.706 P9 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00624
Solaris server 9.21.706 P9 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00625
Windows server 9.21.706 P9 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00626
SM934P2 AIX Server 9.34.2003 p2 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00605
HP Itanium Server 9.34.2003 p2 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00606
Linux Server 9.34.2003 p2 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00607
Solaris Server 9.34.2003 p2 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00608
Windows Server 9.34.2003 p2 https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse arch/document/LID/HPSM_00609
HISTORY Version:1 (rev.1) - 22 January 2015 Initial release Version:2 (rev.2) - 23 January 2015 added note for versions not listed in table
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201408-0081", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0l" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0m" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0k" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0j" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1f" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "aura collaboration environment", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.1" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "8.4-release-p12", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "flex system fc3171 8gb san pass-thru", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.3" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "10.0-beta", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "upward integration modules scvmm add-in", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.0.3" }, { "model": "-release-p2", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.0" }, { "model": "virtual connect 8gb 24-port fc module", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "3.0" }, { "model": "system management homepage", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "tivoli netcool system service monitor fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.0" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "9.1-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "cloudsystem matrix", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "8.4-release-p15", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.8" }, { "model": "project openssl 1.0.1e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "sterling connect:direct for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1.0.4" }, { "model": "i v5r4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "insight control", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "project openssl 1.0.1a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.016" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "8.1-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "oncommand unified manager core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "9.2-release-p11", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "i v5r3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "proventia network security controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.470" }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.0" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7" }, { "model": "virtual connect 8gb 24-port fc module", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.3" }, { "model": "tivoli netcool/reporter", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "vios fp-25 sp-02", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.4" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5.1" }, { "model": "9.1-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "8.3-release-p16", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "insight control server provisioning", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.0" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0.1" }, { "model": "initiate master data service", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.2" }, { "model": "netscaler t1", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "7.3-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "8.4-release-p9", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6.2" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "7.1-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.34" }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10" }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "idatplex dx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79120" }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.8" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "-release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.1.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2407863" }, { "model": "flex system fc3171 8gb san switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5.4" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5.1" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.1.0" }, { "model": "idatplex dx360 m4 water cooled type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79180" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x35007383" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.1.2" }, { "model": "release-p4", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.1" }, { "model": "tivoli composite application manager for transactions", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0" }, { "model": "tivoli endpoint manager for remote control", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2.1" }, { "model": "project openssl 1.0.1g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.0" }, { "model": "tivoli composite application manager for transactions", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.4" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "10.0-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "clustered data ontap antivirus connector", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.0.2" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "9.1-rc2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.0.8" }, { "model": "rational application developer for websphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2207906" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.14" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.2.4" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5" }, { "model": "command center appliance", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "sterling file gateway", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "-release/alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "8.2-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.2.0" }, { "model": "initiate master data service patient hub", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.1" }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.00" }, { "model": "9.2-release-p8", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "netscaler gateway", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "junos os 14.2r1", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "oncommand unified manager core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5" }, { "model": "2-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "9.1--releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.2" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "proventia network security controller 1.0.3352m", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "idatplex dx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79130" }, { "model": "infosphere master data management patient hub", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.0" }, { "model": "6.3-release-p10", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "tivoli composite application manager for transactions", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.0" }, { "model": "9.3-beta3-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "-release-p20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "image construction and composition tool", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.1" }, { "model": "-release-p8", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "flex system fc5022 16gb san scalable switch 7.2.1c", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "9.0-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-release-p14", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5.0" }, { "model": "qradar siem mr2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "-stablepre2001-07-20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5.1" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "8.3-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.10" }, { "model": "6.3-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.14" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.0.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "virtual connect enterprise manager sdk", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.0" }, { "model": "9.2-rc2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "cloudsystem matrix", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x33007382" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.1" }, { "model": "initiate master data service", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "virtual connect 8gb 24-port fc module", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.0" }, { "model": "7.2-rc2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "7.0-release-p12", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "9.0-rc3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "upward integration modules for microsoft system center", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "junos os 13.3r4", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.11" }, { "model": "upward integration modules hardware management pack", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "endpoint manager for remote control", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.0" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.2" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3850x638370" }, { "model": "-release-p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "netscaler application delivery controller", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "systems director", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.20" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "upward integration modules integrated installer", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "oncommand unified manager core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "9.1-release-p12", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "7.1-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.1" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.3" }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.13" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "insight control server deployment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.3" }, { "model": "7.0-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.3" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "rc2", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2" }, { "model": "initiate master data service", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.1" }, { "model": "9.0-rc1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7955" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.2" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "nextscale nx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "54550" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.08" }, { "model": "7.2-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-stablepre122300", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.015" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.13" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.2x" }, { "model": "7.1-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "7.0-release-p8", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2" }, { "model": "8.4-release-p8", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "systems director", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.5.0" }, { "model": "prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2.1" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2408738" }, { "model": "insight control", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "sterling connect:direct for microsoft windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5.01" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0.2" }, { "model": "8.1-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.2" }, { "model": "servicecenter", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0.x" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "9.3-rc", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "9.3-beta1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "cloudsystem matrix", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.1" }, { "model": "8.4-release-p13", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "7.1-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "snapdrive for windows", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.1.2" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.2" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7" }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.31" }, { "model": "10.0-rc3-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "systems insight manager", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.7" }, { "model": "-pre-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "infosphere master data management provider hub", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2" }, { "model": "initiate master data service", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365079150" }, { "model": "rational application developer for websphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.0.1" }, { "model": "8.0-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.0.0" }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "flex system fc3171 8gb san switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.3" }, { "model": "9.3-stable", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "enterprise linux load balancer eus 6.5.z", "scope": null, "trust": 0.3, "vendor": "redhat", "version": null }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "9.2-rc2-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "5.3" }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.0" }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.0.6" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.2.2" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "9.2-release-p7", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x35507914" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.2.1" }, { "model": "8.3-release-p15", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.0.9" }, { "model": "project openssl 1.0.1c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "9.1-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "9.1-release-p16", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.3" }, { "model": "-release-p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.4" }, { "model": "7.3-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.5" }, { "model": "7.2-prerelease", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "data ontap smi-s agent", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.2.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.3x" }, { "model": "9.3-rc2-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "tssc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "8.3-release-p8", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "-stablepre2002-03-07", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "project openssl 1.0.1f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "sterling connect:direct for microsoft windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5.00" }, { "model": "oncommand workflow automation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.2" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.4.1" }, { "model": "gpfs for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.0.11" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x357087330" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.2" }, { "model": "8.3-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.6.1" }, { "model": "tivoli provisioning manager for images", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1.0" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.1" }, { "model": "upward integration modules scvmm add-in", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.2" }, { "model": "7.2-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.3" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0.0" }, { "model": "8.3-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "9.2-release-p3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system fc5022 16gb san scalable switch 7.3.0a", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "cms r17", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.2" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.0" }, { "model": "7.3-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "sdk for node.js", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.7" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "7" }, { "model": "initiate master data service", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "10.0" }, { "model": "6.4-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "sterling file gateway", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "oncommand workflow automation", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "oncommand unified manager core package 5.2.1p1", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.0" }, { "model": "8.4-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-release-p9", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "7.4-release-p12", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.1" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "8.3-release-p14", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.1.1" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2202585" }, { "model": "insight control", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "-release-p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.4" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "10.0-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "9.1-release-p7", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "cloudsystem matrix", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "9.1-release-p17", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.1.21" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "upward integration modules for vmware vsphere", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "3.5.3" }, { "model": "systems director", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.2.2" }, { "model": "flex system fc3171 8gb san pass-thru", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.2" }, { "model": "open systems snapvault 3.0.1p6", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2.2" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.5" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.1.1" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "-release-p1", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "9.3-beta1-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "watson explorer security", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "14.1" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "8-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "storage provisioning manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.4" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2227916" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.0" }, { "model": "-release-p6", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "8.4-rc1-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "qradar risk manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.3" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "flex system fc3171 8gb san pass-thru", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "8.1-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "systems director", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.3.1" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "8.0-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "7.1-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.4" }, { "model": "cloudsystem matrix", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "-stablepre050201", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "8.4-release-p14", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-release-p9", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5.0" }, { "model": "insight control server deployment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2-" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.1" }, { "model": "9.1-release-p18", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.1.2" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "junos os 14.1r2-s2", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "flex system fc3171 8gb san pass-thru", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "10.0-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.20" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1" }, { "model": "7.3-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 1.0.1i", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "i v5r4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.4x" }, { "model": "infosphere master data management standard/advanced edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "11.0" }, { "model": "image construction and composition tool", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.3" }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.1.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0.x" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "junos os 13.3r3-s2", "scope": null, "trust": 0.3, "vendor": "juniper", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "one-x client enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.33" }, { "model": "7.4-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "websphere datapower soa appliance", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6.0.0.9" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.0" }, { "model": "10.0-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "tivoli netcool system service monitor fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.1" }, { "model": "storage provisioning manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2.2" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "i v5r3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "10" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.7" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.3" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.4" }, { "model": "6.4-release-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x8804259" }, { "model": "10.0-release-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "i v5r4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "9.1-release-p15", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.1.21" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.3" }, { "model": "tssc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3.1" }, { "model": "7.0-release-p3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.1.5.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.4" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x37508752" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5.1" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.2.3" }, { "model": "8.2-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0.3" }, { "model": "insight control server provisioning", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5.0" }, { "model": "insight control server provisioning", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.0" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "i v5r3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "9.3-prerelease", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.20" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "8.3-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "storage provisioning manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.2" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "6.4-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "9.2-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "system management homepage", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.5" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5x" }, { "model": "8.4-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3" }, { "model": "-release-p7", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "-release-p32", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.10" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "aura collaboration environment", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "insight control server deployment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.2" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x36307158" }, { "model": "7.0-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "ip office application server sp", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.01" }, { "model": "storage provisioning manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.3.2" }, { "model": "upward integration modules hardware management pack", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "initiate master data service provider hub", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "upward integration modules integrated installer", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.2" }, { "model": "insight control server deployment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.3" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.3" }, { "model": "-release-p20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "10.0-release-p8", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "infosphere master data management standard/advanced edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "11.3" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "puredata system for operational analytics", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0" }, { "model": "8.1-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.6" }, { "model": "bladecenter advanced management module 3.66g", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "8.4-rc2-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "systems director", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.2.1" }, { "model": "9.3-rc2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "qradar vulnerability manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.3" }, { "model": "watson explorer security", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.1x" }, { "model": "9.3-rc3-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2408737" }, { "model": "9.0--releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.2" }, { "model": "9.2-rc1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.0" }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.2" }, { "model": "7.4-release-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0.x" }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.01" }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.21" }, { "model": "9.0-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "ip office application server sp", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.02" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "cloudsystem matrix", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.3" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "8.4-stable", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "release -p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.2-" }, { "model": "8.1-prerelease", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "linux lts", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "14.04" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "9.3-rc1-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "tivoli netcool system service monitor fp14", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.0" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2x" }, { "model": "tivoli management framework", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1.1" }, { "model": "cloudsystem matrix", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "7.4-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.0" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "9.2-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.2.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.1" }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.12" }, { "model": "sterling connect:direct for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.1" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "8-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura experience portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "proventia network security controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.1209" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "systems director", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3.3.0" }, { "model": "7.3-release-p3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "8.2-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x32502583" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "9.2-release-p9", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6.5" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.0" }, { "model": "initiate master data service provider hub", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.7" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.7" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "-release-p38", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "tssc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.15" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3.3" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.2" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.5" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.1.1" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.1" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.4" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.2" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "8.4-beta1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "cloudbridge", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x31002582" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0.1" }, { "model": "gpfs for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3" }, { "model": "version control repository manager", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "6.0-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.1.5" }, { "model": "9.2-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "initiate master data service patient hub", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.4" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5" }, { "model": "sterling connect:direct for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1" }, { "model": "10.0-rc2-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 1.0.1d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.6" }, { "model": "8.4-prerelease", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.9" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.1.21" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1x" }, { "model": "9.3-release-p1", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.6" }, { "model": "flex system fc3171 8gb san switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.2" }, { "model": "8.4-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.1.0" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "8.1-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "tssc", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.3.16" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.5" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.1.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "-release-p14", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "8.1-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.5" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.1" }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2.1" }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.8" }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7" }, { "model": "tealeaf cx", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.7.1" }, { "model": "flex system fc3171 8gb san switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "proventia network security controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.913" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "9.1-rc1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "beta4", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.0.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.4" }, { "model": "system m5 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x310054570" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.0" }, { "model": "insight control server provisioning", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "9.0-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.1" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x35307160" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "-release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.0" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.2" }, { "model": "9.2-rc3-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "insight control", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.3.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "14.0" }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.6.1" }, { "model": "7.2-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.5" }, { "model": "initiate master data service", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "-stablepre050201", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5" }, { "model": "server migration pack", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "flex system fc5022 16gb san scalable switch", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.3.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "insight control", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.5" }, { "model": "9.2-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "websphere datapower soa appliance", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.02" }, { "model": "initiate master data service", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "7.3-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "flashsystem", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8400" }, { "model": "release p7", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.3--" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6" }, { "model": "aura experience portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "5.4-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "sterling b2b integrator", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1" }, { "model": "release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.1" }, { "model": "9.1-release-p14", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "9.1-release-p3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "virtual connect enterprise manager sdk", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.4.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "-release-p10", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3" }, { "model": "version control agent", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x357087180" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "server migration pack", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "9.3-beta1-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.1" }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.0.14" }, { "model": "project openssl 1.0.1b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "cms r17ac.g", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "idatplex dx360 m4 water cooled type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79190" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.0" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.4" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.3" }, { "model": "matrix operating environment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.1" }, { "model": "sterling connect:direct for microsoft windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.0" }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "4.2" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3950x638370" }, { "model": "10.0-rc1-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "watson explorer security", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "infosphere master data management standard/advanced edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "11.4" }, { "model": "qradar siem", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "10.0-stable", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "9.0-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "sterling b2b integrator", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2408956" }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8731" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.4" }, { "model": "websphere datapower soa appliance", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.0.0.17" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.2" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x8807903" }, { "model": "-release-p8", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.32" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "tivoli composite application manager for transactions", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.0" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.1.2" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "9.2-release-p10", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "8.4-release-p7", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "snapdrive for unix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.3" }, { "model": "enterprise linux hpc node", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "system m4 hd", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x36305466" }, { "model": "-release-p17", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "7.0-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.1" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.0" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "9.1-release-p10", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "qradar risk manager mr2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.2.5" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2" }, { "model": "10.0-release-p7", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x4407917" }, { "model": "flashsystem", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v8400" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.1" }, { "model": "system m4 hd", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x36505460" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x357087220" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1" }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8734" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.37" }, { "model": "netscaler service delivery appliance", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "0" }, { "model": "tivoli provisioning manager for os deployment", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "-stablepre122300", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5" }, { "model": "matrix operating environment", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.5.1" }, { "model": "storage server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "websphere datapower soa appliance", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6.0.1.5" }, { "model": "proventia network security controller 1.0.3350m", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.4" }, { "model": "9.1-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.0" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "cloudsystem matrix", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "cms r17ac.h", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "contact optimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "system management homepage", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "insight control server deployment", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2.2" }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "10.0" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.0" }, { "model": "flex system fc5022 16gb san scalable switch 7.2.0d5", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "9.2-rc1-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "8.0-rc1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.3" }, { "model": "systems insight manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "enterprise linux hpc node", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.2" }, { "model": "8.2-release-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "proventia network security controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.1768" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.1" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "system m5 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x325054580" }, { "model": "-release-p42", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.4" }, { "model": "version control repository manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3.4" }, { "model": "storage provisioning manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.3" }, { "model": "tivoli provisioning manager for images system edition", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x7.1.1.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.1" }, { "model": "6.4-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 1.0.1h", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.30" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "6.4-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "websphere datapower soa appliance", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.07" } ], "sources": [ { "db": "BID", "id": "69079" }, { "db": "NVD", "id": "CVE-2014-3511" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-3511" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "HP", "sources": [ { "db": "PACKETSTORM", "id": "130299" }, { "db": "PACKETSTORM", "id": "130868" }, { "db": "PACKETSTORM", "id": "130815" }, { "db": "PACKETSTORM", "id": "131014" }, { "db": "PACKETSTORM", "id": "132467" }, { "db": "PACKETSTORM", "id": "132085" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "132081" }, { "db": "PACKETSTORM", "id": "131254" } ], "trust": 1.0 }, "cve": "CVE-2014-3511", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2014-3511", "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-3511", "trust": 1.0, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2014-3511", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3511" }, { "db": "NVD", "id": "CVE-2014-3511" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a \"protocol downgrade\" issue. OpenSSL is prone to security-bypass vulnerability. \nSuccessfully exploiting these issues may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. \nOpenSSL 1.0.1 versions prior to 1.0.1i are vulnerable. ============================================================================\nUbuntu Security Notice USN-2308-1\nAugust 07, 2014\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nAdam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled\ncertain DTLS packets. \n(CVE-2014-3506)\n\nAdam Langley discovered that OpenSSL incorrectly handled memory when\nprocessing DTLS fragments. This issue\nonly affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. When OpenSSL is used with certain\napplications, an attacker may use this issue to possibly gain access to\nsensitive information. This issue\nonly affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS\nand Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and\nUbuntu 14.04 LTS. (CVE-2014-5139)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.5\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.17\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.20\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. OpenSSL Security Advisory [6 Aug 2014]\n========================================\n\nInformation leak in pretty printing functions (CVE-2014-3508)\n=============================================================\n\nA flaw in OBJ_obj2txt may cause pretty printing functions such as\nX509_name_oneline, X509_name_print_ex et al. to leak some information from the\nstack. Applications may be affected if they echo pretty printing output to the\nattacker. OpenSSL SSL/TLS clients and servers themselves are not affected. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8zb\nOpenSSL 1.0.0 users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 users should upgrade to 1.0.1i. \n\nThanks to Ivan Fratric (Google) for discovering this issue. This issue\nwas reported to OpenSSL on 19th June 2014. \n\nThe fix was developed by Emilia K\u00e4sper and Stephen Henson of the OpenSSL\ndevelopment team. \n\n\nCrash with SRP ciphersuite in Server Hello message (CVE-2014-5139)\n==================================================================\n\nThe issue affects OpenSSL clients and allows a malicious server to crash\nthe client with a null pointer dereference (read) by specifying an SRP\nciphersuite even though it was not properly negotiated with the client. This can\nbe exploited through a Denial of Service attack. \n\nOpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. \n\nThanks to Joonas Kuorilehto and Riku Hietam\u00e4ki (Codenomicon) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 2nd July 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nRace condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)\n==============================================================\n\nIf a multithreaded client connects to a malicious server using a resumed session\nand the server sends an ec point format extension it could write up to 255 bytes\nto freed memory. \n\nOpenSSL 1.0.0 SSL/TLS client users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. \n\nThanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this\nissue. This issue was reported to OpenSSL on 8th July 2014. \n\nThe fix was developed by Gabor Tyukasz. \n\n\nDouble Free when processing DTLS packets (CVE-2014-3505)\n========================================================\n\nAn attacker can force an error condition which causes openssl to crash whilst\nprocessing DTLS packets due to memory being freed twice. This can be exploited\nthrough a Denial of Service attack. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zb\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1i. \n\nThanks to Adam Langley and Wan-Teh Chang (Google) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 6th June\n2014. \n\nThe fix was developed by Adam Langley. \n\n\nDTLS memory exhaustion (CVE-2014-3506)\n======================================\n\nAn attacker can force openssl to consume large amounts of memory whilst\nprocessing DTLS handshake messages. This can be exploited through a Denial of\nService attack. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zb\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1i. \n\nThanks to Adam Langley (Google) for discovering and researching this\nissue. This issue was reported to OpenSSL on 6th June 2014. \n\nThe fix was developed by Adam Langley. \n\n\nDTLS memory leak from zero-length fragments (CVE-2014-3507)\n===========================================================\n\nBy sending carefully crafted DTLS packets an attacker could cause openssl to\nleak memory. This can be exploited through a Denial of Service attack. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zb\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1i. \n\nThanks to Adam Langley (Google) for discovering and researching this\nissue. This issue was reported to OpenSSL on 6th June 2014. \n\nThe fix was developed by Adam Langley. \n\nOpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)\n===============================================================\n\nOpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a\ndenial of service attack. A malicious server can crash the client with a null\npointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and\nsending carefully crafted handshake messages. \n\nOpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb\nOpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i. \n\nThanks to Felix Gr\u00f6bert (Google) for discovering and researching this issue. \nThis issue was reported to OpenSSL on 18th July 2014. \n\nThe fix was developed by Emilia K\u00e4sper of the OpenSSL development team. \n\nOpenSSL 1.0.1 SSL/TLS server users should upgrade to 1.0.1i. \n\nThanks to David Benjamin and Adam Langley (Google) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 21st July 2014. \n\nThe fix was developed by David Benjamin. \n\n\nSRP buffer overrun (CVE-2014-3512)\n==================================\n\nA malicious client or server can send invalid SRP parameters and overrun\nan internal buffer. Only applications which are explicitly set up for SRP\nuse are affected. \n\nOpenSSL 1.0.1 SSL/TLS users should upgrade to 1.0.1i. \n\nThanks to Sean Devlin and Watson Ladd (Cryptography Services, NCC\nGroup) for discovering this issue. This issue was reported to OpenSSL\non 31st July 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20140806.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1i-i486-1_slack14.1.txz: Upgraded. \n This update fixes several security issues:\n Double Free when processing DTLS packets (CVE-2014-3505)\n DTLS memory exhaustion (CVE-2014-3506)\n DTLS memory leak from zero-length fragments (CVE-2014-3507)\n Information leak in pretty printing functions (CVE-2014-3508)\n Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)\n OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)\n OpenSSL TLS protocol downgrade attack (CVE-2014-3511)\n SRP buffer overrun (CVE-2014-3512)\n Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)\n For more information, see:\n https://www.openssl.org/news/secadv_20140806.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz: Upgraded. \n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zb-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zb-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zb-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1i-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1i-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1i-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1i-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1i-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1i-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1i-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n30bdc015b10d8891b90d3f6ea34f5fdd openssl-0.9.8zb-i486-1_slack13.0.txz\n3dc4140c22c04c94e5e74386a5a1c200 openssl-solibs-0.9.8zb-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n3da32f51273762d67bf9dbcc91af9413 openssl-0.9.8zb-x86_64-1_slack13.0.txz\n075e5d12e5b909ecac923cb210f83544 openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n3b7e2bb2b317bf72b8f9b2b7a14bddfb openssl-0.9.8zb-i486-1_slack13.1.txz\n92af0784eade0674332a56bfab73b97d openssl-solibs-0.9.8zb-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\ndf5f961109d7b50971660ca6a7d4c48c openssl-0.9.8zb-x86_64-1_slack13.1.txz\n582aaeae3d56730a2e1538a67d4e44da openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n546445d56d3b367fa0dd4e80859c4620 openssl-0.9.8zb-i486-1_slack13.37.txz\nb80e9df8cdd0649939ec2fab20d24691 openssl-solibs-0.9.8zb-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n9c9ce97dc21340924a3e27c1a8047023 openssl-0.9.8zb-x86_64-1_slack13.37.txz\n0fe1931f2fc82fb8d5fbe72680caf843 openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\nd1580f4b22b99cee42b22276653c8180 openssl-1.0.1i-i486-1_slack14.0.txz\nec93cec2bcab8ae7391a504573cbc231 openssl-solibs-1.0.1i-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n329475de3759225b1d02aa7317b2eb58 openssl-1.0.1i-x86_64-1_slack14.0.txz\n25f2a198022d974534986a3913ca705c openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n8336457bc31d44ebf502ffc4443f12f7 openssl-1.0.1i-i486-1_slack14.1.txz\n4b99ac357fbd3065c53367eea246b8c7 openssl-solibs-1.0.1i-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nf2b8f81d9d7dc02e5d1011f663ccc95d openssl-1.0.1i-x86_64-1_slack14.1.txz\n4360abffbb57cb18ba0720f782d78250 openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n49ecd332a899cf742d3467a6efe44269 a/openssl-solibs-1.0.1i-i486-1.txz\n27da017c49045981b1793f105aff365f n/openssl-1.0.1i-i486-1.txz\n\nSlackware x86_64 -current packages:\n8d74f3d770802182137c84d925f58cbc a/openssl-solibs-1.0.1i-x86_64-1.txz\nfd9d94d3210f0aedf74959cb0887e2b8 n/openssl-1.0.1i-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1i-i486-1_slack14.1.txz openssl-solibs-1.0.1i-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04624296\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04624296\nVersion: 1\n\nHPSBMU03304 rev.1 - HP Insight Control server deployment on Linux and\nWindows, Remote Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-04-01\nLast Updated: 2015-04-01\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH), HP Smart Update Manager (SUM), and HP Version\nControl Agent (VCA) which are components of HP Insight Control server\ndeployment. These vulnerabilities are related to the SSLv3 vulnerability\nknown as \"Padding Oracle on Downgraded Legacy Encryption\" or \"POODLE\". The\ncomponents of HP Insight Control server deployment could be exploited\nremotely to allow disclosure of information. \n\nHP Insight Control server deployment includes HP System Management Homepage\n(SMH), HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and\ndeploys them through the following jobs. This bulletin provides the\ninformation needed to update the vulnerable components in HP Insight Control\nserver deployment. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\nUpgrade Proliant Firmware\n\nReferences:\n\nCVE-2014-3508\nCVE-2014-3509\nCVE-2014-3511\nCVE-2014-3513\nCVE-2014-3566\nCVE-2014-3567\nCVE-2014-3568\nCVE-2014-5139\nSSRT102004\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-3509 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3511 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2014-3568 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2014-5139 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following instructions to resolve this vulnerability. \n\nNote: For HP Insight deployment Control server v7.1.2, v7.2.0, v7.2.1 and\nv7.2.2, you must upgrade to v7.3.1 and follow the steps from 1 to 11\nmentioned below to resolve the vulnerability. \n\nDelete the files smh*.exe from Component Copy Location listed in the\nfollowing table, rows 1 and 2. \nDelete the files vca*.exe/vcaamd64-*.exe from Component Copy Location listed\nin the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-bd2042a1c7574aad90c4839efe\n smhamd64-cp023964.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-062078f1ae354b7e99c86c151c\n smhx86-cp023963.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-7b23e47d5d9b420b94bd1323eb\n vcax86 cp025295.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-2557aa7dc1654cf6b547c1a9e4\n vcaamd64-cp025296.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-5827037475e44abab586463723\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\n6\n http://www.hp.com/swpublishing/MTX-57ab6bb78b6e47a18718f44133\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\n7\n http://www.hp.com/swpublishing/MTX-34bcab41ac7e4db299e3f5f2f1\n smhx86-cp025274.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2003\n\n8\n http://www.hp.com/swpublishing/MTX-00eb9ac82e86449e8c3ba101bd\n smhamd64-cp025275.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2003\n\nDownload and extract the HP SUM component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p991570621/v99346\n\nCopy all content from extracted folder and paste at\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on the target running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on the target running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on the target running\nRHEL 6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on the target running\nRHEL 5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 job on the target\nrunning Windows. \n\nHISTORY\nVersion:1 (rev.1) - 1 April 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: rhevm-spice-client security and bug fix update\nAdvisory ID: RHSA-2015:0197-01\nProduct: Red Hat Enterprise Virtualization\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0197.html\nIssue date: 2014-07-25\nUpdated on: 2015-02-11\nCVE Names: CVE-2014-3509 CVE-2014-3511 \n=====================================================================\n\n1. Summary:\n\nUpdated rhevm-spice-client packages that fix two security issues and\nseveral bugs are now available for Red Hat Enterprise Virtualization\nManager 3. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRHEV-M 3.5 - noarch\n\n3. Description:\n\nRed Hat Enterprise Virtualization Manager provides access to virtual\nmachines using SPICE. These SPICE client packages provide the SPICE client\nand usbclerk service for both Windows 32-bit operating systems and Windows\n64-bit operating systems. (CVE-2014-3509)\n\nA flaw was found in the way OpenSSL handled fragmented handshake packets. (CVE-2014-3511)\n\nThis update also fixes the following bugs:\n\n* Previously, various clipboard managers, operating on the client or on the\nguest, would occasionally lose synchronization, which resulted in clipboard\ndata loss and the SPICE console freezing. Now, spice-gtk have been patched,\nsuch that clipboard synchronization does not freeze the SPICE console\nanymore. (BZ#1083489)\n\n* Prior to this update, when a SPICE console was launched from the Red Hat\nEnterprise Virtualization User Portal with the \u0027Native Client\u0027 invocation\nmethod and \u0027Open in Full Screen\u0027 selected, the displays of the guest\nvirtual machine were not always configured to match the client displays. \nAfter this update, the SPICE console will show a full-screen guest display\nfor each client monitor. (BZ#1076243)\n\n* A difference in behavior between Linux and Windows clients caused an\nextra nul character to be sent when pasting text in a guest machine from a\nWindows client. This invisible character was visible in some Java\napplications. With this update, the extra nul character is removed from\ntext strings and no more extraneous character would appear. (BZ#1090122)\n\n* Previously, If the clipboard is of type image/bmp, and the data is of 0\nsize, GTK+ will crash. With this update, the data size is checked first,\nand GTK+ no longer crashes when clipboard is of type image/bmp, and the\ndata is of 0 size. (BZ#1090433)\n\n* Modifier-only key combinations cannot be registered by users as hotkeys\nso if a user tries to set a modifier-only key sequence (for example,\n\u0027ctrl+alt\u0027) as the hotkey for releasing the cursor, it will fail, and the\nuser will be able to release the cursor from the window. With this update,\nwhen a modifier-only hotkey is attempted to be registered, it will fall\nback to the default cursor-release sequence (which happens to be\n\u0027ctrl+alt\u0027). (BZ#985319)\n\n* Display configuration sometimes used outdated information about the\nposition of the remote-viewer windows in order to align and configure the\nguest displays. Occasionally, this caused the guest displays to became\nunexpectedly swapped when a window is resized. With this update,\nremote-viewer will always use the current window locations to align\ndisplays, rather than using a possibly outdated cached location\ninformation. (BZ#1018182)\n\nAll rhevm-spice-client users are advised to upgrade to these updated\npackages, which contain backported patches to correct these issues. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1018145 - --full-screen=auto-conf sometimes (but frequently) doesn\u0027t work correctly\n1018182 - primary monitor is switched if some screen gets bigger then current primary screen\n1076243 - [BUG] RHEV SPICE console not opening in full screen or detecting resolution by default\n1083489 - [SPICE][BUG] Spice session freezes randomly\n1090122 - Pasting into java apps inserts unprintable character\n1090433 - [GTK][BUG] win32: add more clipboard data checks to avoid crash\n1103366 - Rebase virt-viewer to 0.6.0\n1105650 - Fix windows productversion to fit -z releases\n1115445 - in About dialog, hyphen version-build dividing hyphen is missing\n1127498 - CVE-2014-3509 openssl: race condition in ssl_parse_serverhello_tlsext\n1127504 - CVE-2014-3511 openssl: TLS protocol downgrade attack\n\n6. Package List:\n\nRHEV-M 3.5:\n\nSource:\nrhevm-spice-client-3.5-2.el6.src.rpm\n\nnoarch:\nrhevm-spice-client-x64-cab-3.5-2.el6.noarch.rpm\nrhevm-spice-client-x64-msi-3.5-2.el6.noarch.rpm\nrhevm-spice-client-x86-cab-3.5-2.el6.noarch.rpm\nrhevm-spice-client-x86-msi-3.5-2.el6.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3509\nhttps://access.redhat.com/security/cve/CVE-2014-3511\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFU253LXlSAg2UNWIIRAjJEAKCrqGkFJHhLN3Iqt069y96etuCAxgCcCTWW\n1SViofNGiqbiufMWwY7okg4=\n=cjiU\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201412-39\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: December 26, 2014\n Bugs: #494816, #519264, #525468\n ID: 201412-39\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\ncould result in Denial of Service or Man-in-the-Middle attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.1j *\u003e= 0.9.8z_p2\n \u003e= 1.0.1j\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers referenced below for details. \n\nResolution\n==========\n\nAll OpenSSL 1.0.1 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1j\"\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8z_p2\"\n\nPackages which depend on this library may need to be recompiled. Tools\nsuch as revdep-rebuild may assist in identifying these packages. \n\nReferences\n==========\n\n[ 1 ] CVE-2013-6449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6449\n[ 2 ] CVE-2013-6450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6450\n[ 3 ] CVE-2014-3505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3505\n[ 4 ] CVE-2014-3506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3506\n[ 5 ] CVE-2014-3507\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3507\n[ 6 ] CVE-2014-3509\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3509\n[ 7 ] CVE-2014-3510\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3510\n[ 8 ] CVE-2014-3511\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3511\n[ 9 ] CVE-2014-3512\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3512\n[ 10 ] CVE-2014-3513\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3513\n[ 11 ] CVE-2014-3567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3567\n[ 12 ] CVE-2014-3568\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3568\n[ 13 ] CVE-2014-5139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5139\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201412-39.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nReferences:\n\nCVE-2014-3508\nCVE-2014-3509\nCVE-2014-3511\nCVE-2014-3513\nCVE-2014-3566\nCVE-2014-3567\nCVE-2014-3568\nCVE-2014-5139\nSSRT101894\nSSRT101916\nSSRT101918\nSSRT101920\nSSRT101921\nSSRT101922\nSSRT101923\nSSRT101925\nSSRT101926\nSSRT101927\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The HP Matrix\nOperating Environment v7.2.3 Update kit applicable to HP Matrix Operating\nEnvironment 7.2.x installations is available at the following location:\n\nhttps://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber\n=HPID\n\nNOTE: Please read the readme.txt file before proceeding with the\ninstallation. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-14:18.openssl Security Advisory\n The FreeBSD Project\n\nTopic: OpenSSL multiple vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2014-09-09\nAffects: All supported versions of FreeBSD. \nCorrected: 2014-08-07 21:04:42 UTC (stable/10, 10.0-STABLE)\n 2014-09-09 10:09:46 UTC (releng/10.0, 10.0-RELEASE-p8)\n 2014-08-07 21:06:34 UTC (stable/9, 9.3-STABLE)\n 2014-09-09 10:13:46 UTC (releng/9.3, 9.3-RELEASE-p1)\n 2014-09-09 10:13:46 UTC (releng/9.2, 9.2-RELEASE-p11)\n 2014-09-09 10:13:46 UTC (releng/9.1, 9.1-RELEASE-p18)\n 2014-08-07 21:06:34 UTC (stable/8, 8.4-STABLE)\n 2014-09-09 10:13:46 UTC (releng/8.4, 8.4-RELEASE-p15)\nCVE Name: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510,\n CVE-2014-3509, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. [CVE-2014-5139]\n\nIII. Impact\n\nA remote attacker may be able to cause a denial of service (application\ncrash, large memory consumption), obtain additional information,\ncause protocol downgrade. Additionally, a remote attacker may be able\nto run arbitrary code on a vulnerable system if the application has been\nset up for SRP. \n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.0]\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-10.0.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-10.0.patch.asc\n# gpg --verify openssl-10.0.patch.asc\n\n[FreeBSD 9.3]\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.3.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.3.patch.asc\n# gpg --verify openssl-9.3.patch.asc\n\n[FreeBSD 9.2, 9.1, 8.4]\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.patch.asc\n# gpg --verify openssl-9.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:http://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\n3) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r269687\nreleng/8.4/ r271305\nstable/9/ r269687\nreleng/9.1/ r271305\nreleng/9.2/ r271305\nreleng/9.3/ r271305\nstable/10/ r269686\nreleng/10.0/ r271304\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:http://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. \n\nReferences:\n\nCVE-2014-0224 Remote Unauthorized Access, Disclosure of Information\nCVE-2014-3509 Remote Denial of Service (DoS)\nCVE-2014-3511 Remote Unauthorized Access, Disclosure of Information\nCVE-2014-5139 Remote Denial of Service (DoS)\nSSRT101818\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nNote: For versions not listed, please contact support:\n\nNote: ServiceCenter 6.2 is impacted only if using the Directory Services\nintegration feature with the SC LDAP over SSL (LDAPS) protocol. If this\nfeature is in use, HP recommends that ServiceCenter 6.2 customers upgrade to\nService Manager 7.11, 9.21, or 9.34, and then apply the patches listed below. \n\nPatch Version\n Package Name / SSO URL\n\nSM711P22\n AIX Server 7.11.720 p22\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00614\n\nHP Itanium Server 7.11.720 p22\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00615\n\nHP parisc Server 7.11.720 p22\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00616\n\nLinux x86 Server 7.11.720 p22\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00617\n\nSolaris Server 7.11.720 p22\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00618\n\nWindows Server 7.11.720 p22\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00619\n\nSM921P9\n AIX server 9.21.706 P9\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00621\n\nHPUX/IA server 9.21.706 P9\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00622\n\nHPUX/PA server 9.21.706 P9\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00623\n\nLinux server 9.21.706 P9\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00624\n\nSolaris server 9.21.706 P9\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00625\n\nWindows server 9.21.706 P9\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00626\n\nSM934P2\n AIX Server 9.34.2003 p2\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00605\n\nHP Itanium Server 9.34.2003 p2\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00606\n\nLinux Server 9.34.2003 p2\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00607\n\nSolaris Server 9.34.2003 p2\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00608\n\nWindows Server 9.34.2003 p2\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse\narch/document/LID/HPSM_00609\n\nHISTORY\nVersion:1 (rev.1) - 22 January 2015 Initial release\nVersion:2 (rev.2) - 23 January 2015 added note for versions not listed in\ntable", "sources": [ { "db": "NVD", "id": "CVE-2014-3511" }, { "db": "BID", "id": "69079" }, { "db": "PACKETSTORM", "id": "127790" }, { "db": "PACKETSTORM", "id": "169648" }, { "db": "PACKETSTORM", "id": "127811" }, { "db": "PACKETSTORM", "id": "131254" }, { "db": "PACKETSTORM", "id": "130359" }, { "db": "PACKETSTORM", "id": "132081" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "VULMON", "id": "CVE-2014-3511" }, { "db": "PACKETSTORM", "id": "129721" }, { "db": "PACKETSTORM", "id": "132467" }, { "db": "PACKETSTORM", "id": "131014" }, { "db": "PACKETSTORM", "id": "130815" }, { "db": "PACKETSTORM", "id": "128214" }, { "db": "PACKETSTORM", "id": "130868" }, { "db": "PACKETSTORM", "id": "130299" }, { "db": "PACKETSTORM", "id": "132085" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-3511", "trust": 3.0 }, { "db": "BID", "id": "69079", "trust": 1.4 }, { "db": "SECUNIA", "id": "59700", "trust": 1.1 }, { "db": "SECUNIA", "id": "61100", "trust": 1.1 }, { "db": "SECUNIA", "id": "60803", "trust": 1.1 }, { "db": "SECUNIA", "id": "59710", "trust": 1.1 }, { "db": "SECUNIA", "id": "60810", "trust": 1.1 }, { "db": "SECUNIA", "id": "60917", "trust": 1.1 }, { "db": "SECUNIA", "id": "61017", "trust": 1.1 }, { "db": "SECUNIA", "id": "60921", "trust": 1.1 }, { "db": "SECUNIA", "id": "60221", "trust": 1.1 }, { "db": "SECUNIA", "id": "60022", "trust": 1.1 }, { "db": "SECUNIA", "id": "60938", "trust": 1.1 }, { "db": "SECUNIA", "id": "61139", "trust": 1.1 }, { "db": "SECUNIA", "id": "61043", "trust": 1.1 }, { "db": "SECUNIA", "id": "59756", "trust": 1.1 }, { "db": "SECUNIA", "id": "61959", "trust": 1.1 }, { "db": "SECUNIA", "id": "58962", "trust": 1.1 }, { "db": "SECUNIA", "id": "61775", "trust": 1.1 }, { "db": "SECUNIA", "id": "60377", "trust": 1.1 }, { "db": "SECUNIA", "id": "60684", "trust": 1.1 }, { "db": "SECUNIA", "id": "61184", "trust": 1.1 }, { "db": "SECUNIA", "id": "59887", "trust": 1.1 }, { "db": "SECUNIA", "id": "60890", "trust": 1.1 }, { "db": "SECUNIA", "id": "60493", "trust": 1.1 }, { "db": "SECTRACK", "id": "1030693", "trust": 1.1 }, { "db": "TENABLE", "id": "TNS-2014-06", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10084", "trust": 1.1 }, { "db": "JUNIPER", "id": "JSA10649", "trust": 0.3 }, { "db": "VULMON", "id": "CVE-2014-3511", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130299", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130868", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128214", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130815", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "131014", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132467", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129721", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132085", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127790", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "137292", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "137201", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132081", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130359", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "131254", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127811", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "169648", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3511" }, { "db": "BID", "id": "69079" }, { "db": "PACKETSTORM", "id": "130299" }, { "db": "PACKETSTORM", "id": "130868" }, { "db": "PACKETSTORM", "id": "128214" }, { "db": "PACKETSTORM", "id": "130815" }, { "db": "PACKETSTORM", "id": "131014" }, { "db": "PACKETSTORM", "id": "132467" }, { "db": "PACKETSTORM", "id": "129721" }, { "db": "PACKETSTORM", "id": "132085" }, { "db": "PACKETSTORM", "id": "127790" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "132081" }, { "db": "PACKETSTORM", "id": "130359" }, { "db": "PACKETSTORM", "id": "131254" }, { "db": "PACKETSTORM", "id": "127811" }, { "db": "PACKETSTORM", "id": "169648" }, { "db": "NVD", "id": "CVE-2014-3511" } ] }, "id": "VAR-201408-0081", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.44401007833333334 }, "last_update_date": "2024-07-23T21:31:18.574000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Red Hat: Critical: rhev-hypervisor6 security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20150126 - security advisory" }, { "title": "Tenable Security Advisories: [R4] Tenable Products Affected by OpenSSL Protocol Downgrade Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2014-06" }, { "title": "Ubuntu Security Notice: openssl vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2308-1" }, { "title": "Debian Security Advisories: DSA-2998-1 openssl -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=bfd576c692d8814b2a331baf29ad367c" }, { "title": "Amazon Linux AMI: ALAS-2014-391", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-391" }, { "title": "Symantec Security Advisories: SA85 : OpenSSL Security Advisory 06-Aug-2014", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=02a206cf2efb06aecdaf29aeca851b55" }, { "title": "Splunk Security Announcements: Splunk Enterprise 6.1.4 and 5.0.10 address four vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=f5716086497f074005596fe8e0bc5dce" }, { "title": "Citrix Security Bulletins: Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmware", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=eb059834b7f24e2562bcf592b6d0afbc" }, { "title": "oval", "trust": 0.1, "url": "https://github.com/jumanjihouse/oval " }, { "title": "wormhole", "trust": 0.1, "url": "https://github.com/jumanjihouse/wormhole " } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3511" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2014-3511" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://www.openssl.org/news/secadv_20140806.txt" }, { "trust": 1.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509" }, { "trust": 1.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511" }, { "trust": 1.4, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "trust": 1.4, "url": "https://support.citrix.com/article/ctx216642" }, { "trust": 1.4, "url": "https://www.freebsd.org/security/advisories/freebsd-sa-14:18.openssl.asc" }, { "trust": 1.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-5139" }, { "trust": 1.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2015-0197.html" }, { "trust": 1.2, "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml" }, { "trust": 1.1, "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-008.txt.asc" }, { "trust": 1.1, "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc" }, { "trust": 1.1, "url": "http://linux.oracle.com/errata/elsa-2014-1052.html" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-0126.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/58962" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59700" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59710" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59756" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59887" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60022" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60221" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60377" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60493" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60684" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60803" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60810" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60890" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60917" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60921" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60938" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61017" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61043" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61100" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61139" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61184" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61775" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61959" }, { "trust": 1.1, "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15564.html" }, { "trust": 1.1, "url": "http://www.arubanetworks.com/support/alerts/aid-08182014.txt" }, { "trust": 1.1, "url": "http://www.debian.org/security/2014/dsa-2998" }, { "trust": 1.1, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/69079" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1030693" }, { "trust": 1.1, "url": "http://www.splunk.com/view/sp-caaanhs" }, { "trust": 1.1, "url": "http://www.tenable.com/security/tns-2014-06" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020240" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389" }, { "trust": 1.1, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127504" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95162" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05158380" }, { "trust": 1.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10084" }, { "trust": 1.1, "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-september/000196.html" }, { "trust": 1.1, "url": "https://techzone.ergon.ch/cve-2014-3511" }, { "trust": 1.0, "url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=280b1f1ad12131defcd986676a8fc9717aaa601b" }, { "trust": 0.9, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567" }, { "trust": 0.9, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513" }, { "trust": 0.9, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568" }, { "trust": 0.8, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.8, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.8, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3512" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3510" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3507" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3506" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3505" }, { "trust": 0.4, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_" }, { "trust": 0.4, "url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682663" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021317" }, { "trust": 0.3, "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wan_boot" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684903" }, { "trust": 0.3, "url": "http://openssl.org/" }, { "trust": 0.3, "url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004917" }, { "trust": 0.3, "url": "http://www.ibm.com/support/docview.wss?uid=swg21686583" }, { "trust": 0.3, "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096266" }, { "trust": 0.3, "url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004931" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21686126" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004872" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691210" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04574073" }, { "trust": 0.3, "url": "http://seclists.org/bugtraq/2015/mar/84" }, { "trust": 0.3, "url": "http://seclists.org/bugtraq/2015/feb/151" }, { "trust": 0.3, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10649\u0026cat=sirt_1\u0026actp=list" }, { "trust": 0.3, "url": "aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100182969" }, { "trust": 0.3, "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04512909" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04624296" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05150888" }, { "trust": 0.3, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05158380" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21684570" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685467" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21682293" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097658" }, { "trust": 0.3, "url": "https://rhn.redhat.com/errata/rhsa-2014-1052.html" }, { "trust": 0.3, "url": "https://rhn.redhat.com/errata/rhsa-2014-1054.html" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684913" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691014" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020240" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21715901" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691005" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21683389" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097903" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098264" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682034" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098252" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098585" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689886" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686182" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682016" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21685967" }, { "trust": 0.3, "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096510" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687099" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691162" }, { "trust": 0.3, "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15564.html?ref=rss" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966557" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683744" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555" }, { "trust": 0.2, "url": "http://www.hpe.com/support/security_bulletin_archive" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1790" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1788" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1792" }, { "trust": 0.2, "url": "http://www.hpe.com/support/subscriber_choice" }, { "trust": 0.2, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131085" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3195" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799" }, { "trust": 0.2, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7501" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2017" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6565" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0205" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3569" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=280b1f1ad12131defcd986676a8fc9717aaa601b" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=35208" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.rapid7.com/db/vulnerabilities/oracle-solaris-cve-2014-3511" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/2308-1/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224" }, { "trust": 0.1, "url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3510\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3507\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3506\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3512\u003e" }, { "trust": 0.1, "url": "http://www.freebsd.org/handbook/makeworld.html\u003e." }, { "trust": 0.1, "url": "https://www.openssl.org/news/secadv_20140806.txt\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3508\u003e" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-9.patch" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-10.0.patch" }, { "trust": 0.1, "url": "http://security.freebsd.org/\u003e." }, { "trust": 0.1, "url": "http://security.freebsd.org/advisories/freebsd-sa-14:18.openssl.asc\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3511\u003e" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-9.patch.asc" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3509\u003e" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-9.3.patch.asc" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-10.0.patch.asc" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-9.3.patch" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5139\u003e" }, { "trust": 0.1, "url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e" }, { "trust": 0.1, "url": "http://h20565.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04486577-1" }, { "trust": 0.1, "url": "https://technet.microsoft.com/library/security/3009008" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3513" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6450" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3568" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6449" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3506" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6450" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-5139" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3507" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3512" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3567" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3509" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6449" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3510" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3505" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3511" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.20" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.17" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.5" }, { "trust": 0.1, "url": "http://www.ubuntu.com/usn/usn-2308-1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7995" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2007-6750" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8035" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2015" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0728" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-7547" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05111017" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4969" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05131044" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05130958" }, { "trust": 0.1, "url": "http://www.hpe.com/info/insightcontrol" }, { "trust": 0.1, "url": "http://www.hpe.com/info/insightmanagement" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2019" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2020" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2018" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2022" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2027" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2026" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2021" }, { "trust": 0.1, "url": "http://h18013.www1.hp.com/products/servers/management/hpsim/download.html" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2014-3509" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2014-3511" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-2557aa7dc1654cf6b547c1a9e4" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-bd2042a1c7574aad90c4839efe" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-57ab6bb78b6e47a18718f44133" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-00eb9ac82e86449e8c3ba101bd" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-34bcab41ac7e4db299e3f5f2f1" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-062078f1ae354b7e99c86c151c" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-5827037475e44abab586463723" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-7b23e47d5d9b420b94bd1323eb" }, { "trust": 0.1, "url": "http://slackware.com" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3510" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3509" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3511" }, { "trust": 0.1, "url": "http://slackware.com/gpg-key" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3506" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3512" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3505" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3508" }, { "trust": 0.1, "url": "http://osuosl.org)" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5139" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3507" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3511" }, { "db": "BID", "id": "69079" }, { "db": "PACKETSTORM", "id": "130299" }, { "db": "PACKETSTORM", "id": "130868" }, { "db": "PACKETSTORM", "id": "128214" }, { "db": "PACKETSTORM", "id": "130815" }, { "db": "PACKETSTORM", "id": "131014" }, { "db": "PACKETSTORM", "id": "132467" }, { "db": "PACKETSTORM", "id": "129721" }, { "db": "PACKETSTORM", "id": "132085" }, { "db": "PACKETSTORM", "id": "127790" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "132081" }, { "db": "PACKETSTORM", "id": "130359" }, { "db": "PACKETSTORM", "id": "131254" }, { "db": "PACKETSTORM", "id": "127811" }, { "db": "PACKETSTORM", "id": "169648" }, { "db": "NVD", "id": "CVE-2014-3511" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-3511" }, { "db": "BID", "id": "69079" }, { "db": "PACKETSTORM", "id": "130299" }, { "db": "PACKETSTORM", "id": "130868" }, { "db": "PACKETSTORM", "id": "128214" }, { "db": "PACKETSTORM", "id": "130815" }, { "db": "PACKETSTORM", "id": "131014" }, { "db": "PACKETSTORM", "id": "132467" }, { "db": "PACKETSTORM", "id": "129721" }, { "db": "PACKETSTORM", "id": "132085" }, { "db": "PACKETSTORM", "id": "127790" }, { "db": "PACKETSTORM", "id": "137292" }, { "db": "PACKETSTORM", "id": "137201" }, { "db": "PACKETSTORM", "id": "132081" }, { "db": "PACKETSTORM", "id": "130359" }, { "db": "PACKETSTORM", "id": "131254" }, { "db": "PACKETSTORM", "id": "127811" }, { "db": "PACKETSTORM", "id": "169648" }, { "db": "NVD", "id": "CVE-2014-3511" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-08-13T00:00:00", "db": "VULMON", "id": "CVE-2014-3511" }, { "date": "2014-08-06T00:00:00", "db": "BID", "id": "69079" }, { "date": "2015-02-09T21:09:18", "db": "PACKETSTORM", "id": "130299" }, { "date": "2015-03-18T00:44:34", "db": "PACKETSTORM", "id": "130868" }, { "date": "2014-09-09T17:32:22", "db": "PACKETSTORM", "id": "128214" }, { "date": "2015-03-13T17:11:00", "db": "PACKETSTORM", "id": "130815" }, { "date": "2015-03-25T00:42:25", "db": "PACKETSTORM", "id": "131014" }, { "date": "2015-06-29T15:35:42", "db": "PACKETSTORM", "id": "132467" }, { "date": "2014-12-26T15:46:37", "db": "PACKETSTORM", "id": "129721" }, { "date": "2015-05-29T23:37:43", "db": "PACKETSTORM", "id": "132085" }, { "date": "2014-08-08T21:44:17", "db": "PACKETSTORM", "id": "127790" }, { "date": "2016-06-02T19:12:12", "db": "PACKETSTORM", "id": "137292" }, { "date": "2016-05-26T09:22:00", "db": "PACKETSTORM", "id": "137201" }, { "date": "2015-05-29T23:37:11", "db": "PACKETSTORM", "id": "132081" }, { "date": "2015-02-12T00:29:07", "db": "PACKETSTORM", "id": "130359" }, { "date": "2015-04-02T00:37:56", "db": "PACKETSTORM", "id": "131254" }, { "date": "2014-08-11T11:11:00", "db": "PACKETSTORM", "id": "127811" }, { "date": "2014-08-06T12:12:12", "db": "PACKETSTORM", "id": "169648" }, { "date": "2014-08-13T23:55:07.623000", "db": "NVD", "id": "CVE-2014-3511" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-11-15T00:00:00", "db": "VULMON", "id": "CVE-2014-3511" }, { "date": "2016-09-09T15:00:00", "db": "BID", "id": "69079" }, { "date": "2023-11-07T02:20:10.770000", "db": "NVD", "id": "CVE-2014-3511" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "69079" } ], "trust": 0.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability", "sources": [ { "db": "BID", "id": "69079" } ], "trust": 0.3 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Design Error", "sources": [ { "db": "BID", "id": "69079" } ], "trust": 0.3 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.