var-201408-0095
Vulnerability from variot
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values. OpenSSL is prone to a denial-of-service vulnerability. Attackers may exploit this issue to consume large amounts of memory, resulting in a denial-of-service condition. The following versions are vulnerable: OpenSSL 0.9.8 versions prior to 0.9.8zb. OpenSSL 1.0.0 versions prior to 1.0.0n. OpenSSL 1.0.1 versions prior to 1.0.1i. - The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of information. Corrected: 2014-08-07 21:04:42 UTC (stable/10, 10.0-STABLE) 2014-09-09 10:09:46 UTC (releng/10.0, 10.0-RELEASE-p8) 2014-08-07 21:06:34 UTC (stable/9, 9.3-STABLE) 2014-09-09 10:13:46 UTC (releng/9.3, 9.3-RELEASE-p1) 2014-09-09 10:13:46 UTC (releng/9.2, 9.2-RELEASE-p11) 2014-09-09 10:13:46 UTC (releng/9.1, 9.1-RELEASE-p18) 2014-08-07 21:06:34 UTC (stable/8, 8.4-STABLE) 2014-09-09 10:13:46 UTC (releng/8.4, 8.4-RELEASE-p15) CVE Name: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510, CVE-2014-3509, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
FreeBSD includes software from the OpenSSL Project.
II. [CVE-2014-5139]
III. Additionally, a remote attacker may be able to run arbitrary code on a vulnerable system if the application has been set up for SRP.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.0]
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-10.0.patch
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-10.0.patch.asc
gpg --verify openssl-10.0.patch.asc
[FreeBSD 9.3]
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.3.patch
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.3.patch.asc
gpg --verify openssl-9.3.patch.asc
[FreeBSD 9.2, 9.1, 8.4]
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.patch
fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.patch.asc
gpg --verify openssl-9.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in
Restart all deamons using the library, or reboot the system.
3) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r269687 releng/8.4/ r271305 stable/9/ r269687 releng/9.1/ r271305 releng/9.2/ r271305 releng/9.3/ r271305 stable/10/ r269686 releng/10.0/ r271304
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII.
Detailed descriptions of the vulnerabilities can be found at: https://www.openssl.org/news/secadv_20140806.txt
It's important that you upgrade the libssl1.0.0 package and not just the openssl package. Alternatively, you may reboot your system.
For the testing distribution (jessie), these problems will be fixed soon.
Release Date: 2014-08-14 Last Updated: 2014-08-14
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access. HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL versions before 0.9.8zb
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-3505 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3506 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3507 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3510 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to resolve these vulnerabilities. The updates are available from https://h20392.www2.hp.com/portal/swdepot/displayP roductInfo.do?productNumber=OPENSSL11I
HP-UX Release HP-UX OpenSSL version
B.11.11 (11i v1) OpenSSL_A.00.09.08zb.001_HP-UX_B.11.11_32_64.depot
B.11.23 (11i v2) OpenSSL_A.00.09.08zb.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) OpenSSL_A.00.09.08zb.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08zb or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zb.001 or subsequent
HP-UX B.11.23
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zb.002 or subsequent
HP-UX B.11.31
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08zb.003 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 15 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
The updated packages have been upgraded to the 1.0.0n version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510 http://www.openssl.org/news/secadv_20140806.txt
Updated Packages:
Mandriva Business Server 1/X86_64: 17007f558e739eb863c8507d520ffbc9 mbs1/x86_64/lib64openssl1.0.0-1.0.0n-1.mbs1.x86_64.rpm f810bbe20b2de26cb99d13ddaf0ac2fa mbs1/x86_64/lib64openssl-devel-1.0.0n-1.mbs1.x86_64.rpm 54d87a61ca0440dc5f344931de1ff43e mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0n-1.mbs1.x86_64.rpm 5b1748370e5a855cc31d3eec7673da5e mbs1/x86_64/lib64openssl-static-devel-1.0.0n-1.mbs1.x86_64.rpm 7e19a555629b4a2d3d4533be7786ce5e mbs1/x86_64/openssl-1.0.0n-1.mbs1.x86_64.rpm a9e74f2bab2878f601cfb44620c76dbb mbs1/SRPMS/openssl-1.0.0n-1.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFT5HsDmqjQ0CJFipgRAhA5AJ0ZoDe2+SA7K7xk+NZLedQBVoFVvgCffPW9 5geoq7aMnxbnw5eTuuH+iIs= =CK7e -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-2308-1 August 07, 2014
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenSSL. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. When OpenSSL is used with certain applications, an attacker may use this issue to possibly gain access to sensitive information. (CVE-2014-3508)
Gabor Tyukasz discovered that OpenSSL contained a race condition when processing serverhello messages. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-5139)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.5
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.17
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.20
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: openssl security update Advisory ID: RHSA-2014:1053-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1053.html Issue date: 2014-08-13 CVE Names: CVE-2014-0221 CVE-2014-3505 CVE-2014-3506 CVE-2014-3508 CVE-2014-3510 =====================================================================
- Summary:
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library.
It was discovered that the OBJ_obj2txt() function could fail to properly NUL-terminate its output. This could possibly cause an application using OpenSSL functions to format fields of X.509 certificates to disclose portions of its memory. (CVE-2014-3508)
Multiple flaws were discovered in the way OpenSSL handled DTLS packets. (CVE-2014-0221, CVE-2014-3505, CVE-2014-3506)
A NULL pointer dereference flaw was found in the way OpenSSL performed a handshake when using the anonymous Diffie-Hellman (DH) key exchange. (CVE-2014-3510)
Red Hat would like to thank the OpenSSL project for reporting CVE-2014-0221. Upstream acknowledges Imre Rad of Search-Lab as the original reporter of this issue.
All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake 1127490 - CVE-2014-3508 openssl: information leak in pretty printing functions 1127499 - CVE-2014-3505 openssl: DTLS packet processing double free 1127500 - CVE-2014-3506 openssl: DTLS memory exhaustion 1127503 - CVE-2014-3510 openssl: DTLS anonymous (EC)DH denial of service
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: openssl-0.9.8e-27.el5_10.4.src.rpm
i386: openssl-0.9.8e-27.el5_10.4.i386.rpm openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-perl-0.9.8e-27.el5_10.4.i386.rpm
x86_64: openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-0.9.8e-27.el5_10.4.x86_64.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.x86_64.rpm openssl-perl-0.9.8e-27.el5_10.4.x86_64.rpm
Red Hat Enterprise Linux Desktop Workstation (v. 5 client):
Source: openssl-0.9.8e-27.el5_10.4.src.rpm
i386: openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-devel-0.9.8e-27.el5_10.4.i386.rpm
x86_64: openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.x86_64.rpm openssl-devel-0.9.8e-27.el5_10.4.i386.rpm openssl-devel-0.9.8e-27.el5_10.4.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: openssl-0.9.8e-27.el5_10.4.src.rpm
i386: openssl-0.9.8e-27.el5_10.4.i386.rpm openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-devel-0.9.8e-27.el5_10.4.i386.rpm openssl-perl-0.9.8e-27.el5_10.4.i386.rpm
ia64: openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-0.9.8e-27.el5_10.4.ia64.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.ia64.rpm openssl-devel-0.9.8e-27.el5_10.4.ia64.rpm openssl-perl-0.9.8e-27.el5_10.4.ia64.rpm
ppc: openssl-0.9.8e-27.el5_10.4.ppc.rpm openssl-0.9.8e-27.el5_10.4.ppc64.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.ppc.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.ppc64.rpm openssl-devel-0.9.8e-27.el5_10.4.ppc.rpm openssl-devel-0.9.8e-27.el5_10.4.ppc64.rpm openssl-perl-0.9.8e-27.el5_10.4.ppc.rpm
s390x: openssl-0.9.8e-27.el5_10.4.s390.rpm openssl-0.9.8e-27.el5_10.4.s390x.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.s390.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.s390x.rpm openssl-devel-0.9.8e-27.el5_10.4.s390.rpm openssl-devel-0.9.8e-27.el5_10.4.s390x.rpm openssl-perl-0.9.8e-27.el5_10.4.s390x.rpm
x86_64: openssl-0.9.8e-27.el5_10.4.i686.rpm openssl-0.9.8e-27.el5_10.4.x86_64.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm openssl-debuginfo-0.9.8e-27.el5_10.4.x86_64.rpm openssl-devel-0.9.8e-27.el5_10.4.i386.rpm openssl-devel-0.9.8e-27.el5_10.4.x86_64.rpm openssl-perl-0.9.8e-27.el5_10.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2014-0221.html https://www.redhat.com/security/data/cve/CVE-2014-3505.html https://www.redhat.com/security/data/cve/CVE-2014-3506.html https://www.redhat.com/security/data/cve/CVE-2014-3508.html https://www.redhat.com/security/data/cve/CVE-2014-3510.html https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv_20140605.txt https://www.openssl.org/news/secadv_20140806.txt
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFT69sGXlSAg2UNWIIRAuZjAJ9R5VuNKxbsx8+T/WGZrkH1VheAqgCdHHXN vrHSSMIJuncazkJWPE/LOyQ= =/f7Y -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. Solution:
The References section of this erratum contains a download link (you must log in to download the update).
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz: Upgraded. ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zb-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.0.txz
Updated packages for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz
Updated packages for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zb-i486-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.1.txz
Updated packages for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz
Updated packages for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zb-i486-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.37.txz
Updated packages for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.37.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1i-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1i-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1i-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1i-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1i-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1i-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1i-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 packages: 30bdc015b10d8891b90d3f6ea34f5fdd openssl-0.9.8zb-i486-1_slack13.0.txz 3dc4140c22c04c94e5e74386a5a1c200 openssl-solibs-0.9.8zb-i486-1_slack13.0.txz
Slackware x86_64 13.0 packages: 3da32f51273762d67bf9dbcc91af9413 openssl-0.9.8zb-x86_64-1_slack13.0.txz 075e5d12e5b909ecac923cb210f83544 openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz
Slackware 13.1 packages: 3b7e2bb2b317bf72b8f9b2b7a14bddfb openssl-0.9.8zb-i486-1_slack13.1.txz 92af0784eade0674332a56bfab73b97d openssl-solibs-0.9.8zb-i486-1_slack13.1.txz
Slackware x86_64 13.1 packages: df5f961109d7b50971660ca6a7d4c48c openssl-0.9.8zb-x86_64-1_slack13.1.txz 582aaeae3d56730a2e1538a67d4e44da openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz
Slackware 13.37 packages: 546445d56d3b367fa0dd4e80859c4620 openssl-0.9.8zb-i486-1_slack13.37.txz b80e9df8cdd0649939ec2fab20d24691 openssl-solibs-0.9.8zb-i486-1_slack13.37.txz
Slackware x86_64 13.37 packages: 9c9ce97dc21340924a3e27c1a8047023 openssl-0.9.8zb-x86_64-1_slack13.37.txz 0fe1931f2fc82fb8d5fbe72680caf843 openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz
Slackware 14.0 packages: d1580f4b22b99cee42b22276653c8180 openssl-1.0.1i-i486-1_slack14.0.txz ec93cec2bcab8ae7391a504573cbc231 openssl-solibs-1.0.1i-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 329475de3759225b1d02aa7317b2eb58 openssl-1.0.1i-x86_64-1_slack14.0.txz 25f2a198022d974534986a3913ca705c openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 8336457bc31d44ebf502ffc4443f12f7 openssl-1.0.1i-i486-1_slack14.1.txz 4b99ac357fbd3065c53367eea246b8c7 openssl-solibs-1.0.1i-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: f2b8f81d9d7dc02e5d1011f663ccc95d openssl-1.0.1i-x86_64-1_slack14.1.txz 4360abffbb57cb18ba0720f782d78250 openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz
Slackware -current packages: 49ecd332a899cf742d3467a6efe44269 a/openssl-solibs-1.0.1i-i486-1.txz 27da017c49045981b1793f105aff365f n/openssl-1.0.1i-i486-1.txz
Slackware x86_64 -current packages: 8d74f3d770802182137c84d925f58cbc a/openssl-solibs-1.0.1i-x86_64-1.txz fd9d94d3210f0aedf74959cb0887e2b8 n/openssl-1.0.1i-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1i-i486-1_slack14.1.txz openssl-solibs-1.0.1i-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. OpenSSL Security Advisory [6 Aug 2014] ========================================
Information leak in pretty printing functions (CVE-2014-3508)
A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. Applications may be affected if they echo pretty printing output to the attacker. OpenSSL SSL/TLS clients and servers themselves are not affected.
Thanks to Ivan Fratric (Google) for discovering this issue. This issue was reported to OpenSSL on 19th June 2014.
The fix was developed by Emilia Käsper and Stephen Henson of the OpenSSL development team.
Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)
The issue affects OpenSSL clients and allows a malicious server to crash the client with a null pointer dereference (read) by specifying an SRP ciphersuite even though it was not properly negotiated with the client. This can be exploited through a Denial of Service attack.
OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i.
Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for discovering and researching this issue. This issue was reported to OpenSSL on 2nd July 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension it could write up to 255 bytes to freed memory.
OpenSSL 1.0.0 SSL/TLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i.
Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this issue. This issue was reported to OpenSSL on 8th July 2014.
The fix was developed by Gabor Tyukasz.
Double Free when processing DTLS packets (CVE-2014-3505)
An attacker can force an error condition which causes openssl to crash whilst processing DTLS packets due to memory being freed twice. This can be exploited through a Denial of Service attack.
Thanks to Adam Langley and Wan-Teh Chang (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.
The fix was developed by Adam Langley. This can be exploited through a Denial of Service attack.
Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.
The fix was developed by Adam Langley.
DTLS memory leak from zero-length fragments (CVE-2014-3507)
By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack.
Thanks to Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 6th June 2014.
The fix was developed by Adam Langley.
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. A malicious server can crash the client with a null pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and sending carefully crafted handshake messages.
OpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb OpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n. OpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i.
Thanks to Felix Gröbert (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 18th July 2014.
The fix was developed by Emilia Käsper of the OpenSSL development team.
OpenSSL TLS protocol downgrade attack (CVE-2014-3511)
A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate TLS 1.0 instead of higher protocol versions when the ClientHello message is badly fragmented. This allows a man-in-the-middle attacker to force a downgrade to TLS 1.0 even if both the server and the client support a higher protocol version, by modifying the client's TLS records.
OpenSSL 1.0.1 SSL/TLS server users should upgrade to 1.0.1i.
Thanks to David Benjamin and Adam Langley (Google) for discovering and researching this issue. This issue was reported to OpenSSL on 21st July 2014.
The fix was developed by David Benjamin.
SRP buffer overrun (CVE-2014-3512)
A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected.
Thanks to Sean Devlin and Watson Ladd (Cryptography Services, NCC Group) for discovering this issue. This issue was reported to OpenSSL on 31st July 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20140806.txt
Note: the online version of the advisory may be updated with additional details over time
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201408-0095", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.1" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.0d" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.1h" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.0f" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.0e" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.0g" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.0c" }, { "model": "openssl", "scope": "eq", "trust": 1.6, "vendor": "openssl", "version": "1.0.1e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0l" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8u" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8v" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8t" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8o" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8s" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8x" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0k" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8q" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0j" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8m" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8n" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8y" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8l" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8za" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0m" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8p" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8r" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8w" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8k" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8j" }, { "model": "openssl", "scope": "lt", "trust": 0.8, "vendor": "openssl", "version": "0.9.8 thats all 0.9.8zb" }, { "model": "openssl", "scope": "lt", "trust": 0.8, "vendor": "openssl", "version": "1.0.0 thats all 1.0.0n" }, { "model": "openssl", "scope": "lt", "trust": 0.8, "vendor": "openssl", "version": "1.0.1 thats all 1.0.1i" }, { "model": "hp virtual connect", "scope": "lt", "trust": 0.8, "vendor": "hewlett packard", "version": "8gb 24 port fiber channel module 3.00 (vc ( virtual connect ) 4.40 )" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7835" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "aura collaboration environment", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0" }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5855072.060.134.32804" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.1" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "8.4-release-p12", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip wom hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "flex system fc3171 8gb san pass-thru", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.3" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "10.0-beta", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7225" }, { "model": "upward integration modules scvmm add-in", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.0.3" }, { "model": "-release-p2", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "virtual connect 8gb 24-port fc module", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "3.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "project openssl 0.9.8f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "tivoli netcool system service monitor fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.0" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "9.1-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "project openssl 1.0.0d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "8.4-release-p15", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.8" }, { "model": "project openssl 1.0.1e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "big-ip apm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "i v5r4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "project openssl beta3", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.1" }, { "model": "big-ip webaccelerator hf7", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "project openssl 0.9.8u", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "project openssl 1.0.1a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.1" }, { "model": "one-x client enablement services sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "8.1-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "oncommand unified manager core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5745061.132.224.35203" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "9.2-release-p11", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl k", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "i v5r3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "proventia network security controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.470" }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.0.0" }, { "model": "project openssl 1.0.0g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7" }, { "model": "virtual connect 8gb 24-port fc module", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.3" }, { "model": "tivoli netcool/reporter", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5.1" }, { "model": "vios fp-25 sp-02", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.4" }, { "model": "9.1-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "8.3-release-p16", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.0" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0.1" }, { "model": "7.3-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "8.4-release-p9", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip asm hf7", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6.2" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "one-x client enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "7.1-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip edge gateway hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "big-ip apm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "idatplex dx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79120" }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "aura system platform sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "project openssl 0.9.8w", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "-release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "big-ip ltm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "jboss web server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.1.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2407863" }, { "model": "flex system fc3171 8gb san switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5.1" }, { "model": "big-ip psm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.1.0" }, { "model": "idatplex dx360 m4 water cooled type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79180" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x35007383" }, { "model": "project openssl 1.0.0m", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.1.2" }, { "model": "release-p4", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.1" }, { "model": "tivoli composite application manager for transactions", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0" }, { "model": "business server", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "1" }, { "model": "project openssl 1.0.1g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5855" }, { "model": "tivoli composite application manager for transactions", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.4" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "project openssl 0.9.8m", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "10.0-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "clustered data ontap antivirus connector", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.0.2" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "9.1-rc2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl j", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "colorqube", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "9303" }, { "model": "rational application developer for websphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2207906" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "megaraid storage manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "15.03.01.00" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.2.4" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "hp-ux b.11.23 (11i", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "v2)" }, { "model": "big-ip apm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53002.0" }, { "model": "big-ip ltm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip webaccelerator hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "-release/alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "8.2-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.2.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.1" }, { "model": "meeting exchange", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.3.0.3" }, { "model": "9.2-release-p8", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.0" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "oncommand unified manager core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5" }, { "model": "2-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "9.1--releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.2" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "proventia network security controller 1.0.3352m", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "idatplex dx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79130" }, { "model": "6.3-release-p10", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "tivoli composite application manager for transactions", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.0" }, { "model": "9.3-beta3-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.4" }, { "model": "-release-p20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "-release-p8", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "9.0-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "-release-p14", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.40" }, { "model": "-stablepre2001-07-20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5.1" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "project openssl 0.9.8r", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "big-ip ltm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "8.3-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "6.3-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 0.9.8n", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.14" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.0.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "9.2-rc2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.0" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x33007382" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "7.2-rc2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.1" }, { "model": "virtual connect 8gb 24-port fc module", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.0" }, { "model": "project openssl 0.9.8y", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "7.0-release-p12", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "9.0-rc3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "upward integration modules for microsoft system center", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "colorqube", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "8700" }, { "model": "jboss enterprise application platform", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6.3" }, { "model": "big-ip asm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5845072.060.134.32804" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.11" }, { "model": "upward integration modules hardware management pack", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.2" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3850x638370" }, { "model": "-release-p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "big-ip ltm hf7", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "project openssl 1.0.0l", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "oncommand unified manager core package", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "upward integration modules integrated installer", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.2" }, { "model": "9.1-release-p12", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "7.1-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0" }, { "model": "7.0-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.3" }, { "model": "project openssl 0.9.8p", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "rc2", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5740" }, { "model": "9.0-rc1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7955" }, { "model": "big-ip afm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.2" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "nextscale nx360 m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "54550" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "7.2-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-stablepre122300", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.2x" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.13" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "7.1-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "7.0-release-p8", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6.2" }, { "model": "8.4-release-p8", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip analytics hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2.1" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2408738" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0.2" }, { "model": "8.1-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.2" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0.x" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "9.3-rc", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "9.3-beta1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 0.9.8za", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.1" }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "8.4-release-p13", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "7.1-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "snapdrive for windows", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.1.2" }, { "model": "project openssl 0.9.8m beta1", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.2" }, { "model": "enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7" }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "project openssl 0.9.8q", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "10.0-rc3-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.7" }, { "model": "big-ip edge gateway hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "-pre-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura communication manager utility services sp", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.16.1.0.9.8" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7845" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x365079150" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "rational application developer for websphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.0.1" }, { "model": "8.0-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "flex system fc3171 8gb san switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.3" }, { "model": "ssl for openvms", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.4-453" }, { "model": "colorqube r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "8700072.161.134.32804" }, { "model": "enterprise linux load balancer eus 6.5.z", "scope": null, "trust": 0.3, "vendor": "redhat", "version": null }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "9.2-rc2-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip ltm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "9.3-stable", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.5" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.5" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.0" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5735" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.2.2" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "9.2-release-p7", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x35507914" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.2.1" }, { "model": "8.3-release-p15", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 1.0.1c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "big-ip asm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "9.1-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "ssl for openvms", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.4-467" }, { "model": "9.1-release-p16", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.3" }, { "model": "-release-p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.4" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.5" }, { "model": "7.3-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "7.2-prerelease", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.3x" }, { "model": "9.3-rc2-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.4.0.15" }, { "model": "tssc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0" }, { "model": "8.3-release-p8", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7855" }, { "model": "-stablepre2002-03-07", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "big-ip apm hf7", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8v" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "project openssl 1.0.1f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "big-ip psm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip wom hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "oncommand workflow automation", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.2" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "gpfs for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.0.11" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x357087330" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.2" }, { "model": "8.3-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.6.1" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.0.1" }, { "model": "upward integration modules scvmm add-in", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.2" }, { "model": "7.2-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.3" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0.0.0" }, { "model": "8.3-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 0.9.8g", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7830072.010.134.32804" }, { "model": "9.2-release-p3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "cms r17", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.2" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.0" }, { "model": "7.3-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "sdk for node.js", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.7" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "7" }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7845072.040.134.32804" }, { "model": "6.4-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "oncommand workflow automation", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "3.0" }, { "model": "oncommand unified manager core package 5.2.1p1", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.0" }, { "model": "8.4-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5845" }, { "model": "-release-p9", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "7.4-release-p12", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.1" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "big-ip edge gateway hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.1" }, { "model": "8.3-release-p14", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.1.1" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2202585" }, { "model": "-release-p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.4" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "10.0-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip webaccelerator hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "9.1-release-p7", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "colorqube r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "8900072.161.134.32804" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "tivoli workload scheduler for applications fp02", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.4" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "one-x client enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "9.1-release-p17", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.1.21" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "upward integration modules for vmware vsphere", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "3.5.3" }, { "model": "colorqube r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "9302072.180.134.32804" }, { "model": "flex system fc3171 8gb san pass-thru", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.2" }, { "model": "open systems snapvault 3.0.1p6", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2.2" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2" }, { "model": "big-ip wom hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.5" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.1.1" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "3655072.060.134.32804" }, { "model": "-release-p1", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "9.3-beta1-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip edge gateway hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "14.1" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.5.0.15" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5735061.132.224.35203" }, { "model": "8-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip psm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2227916" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.0" }, { "model": "-release-p6", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "8.4-rc1-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip webaccelerator hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "-release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "flex system fc3171 8gb san pass-thru", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "8.1-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "8.0-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "7.1-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.4" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "-stablepre050201", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "8.4-release-p14", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7855072.040.134.32804" }, { "model": "-release-p9", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "aura system manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "6655072.060.134.32804" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2-" }, { "model": "project openssl 0.9.8l", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "big-ip wom hf7", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "9.1-release-p18", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip analytics 11.0.0-hf2", "scope": null, "trust": 0.3, "vendor": "f5", "version": null }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "flex system fc3171 8gb san pass-thru", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "10.0-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.20" }, { "model": "7.3-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 1.0.1i", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0n", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "i v5r4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.4x" }, { "model": "one-x client enablement services sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.1.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0.x" }, { "model": "big-ip asm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "project openssl i", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "one-x client enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "7.4-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip analytics hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7220" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.3" }, { "model": "project openssl 1.0.0i", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.0" }, { "model": "big-ip analytics hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "10.0-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "hp-ux b.11.11 (11i", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "v1)" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5755061.132.224.35203" }, { "model": "tivoli netcool system service monitor fp1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.1" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "i v5r3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "10" }, { "model": "hp-ux b.11.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.7" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.3" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.4" }, { "model": "6.4-release-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x8804259" }, { "model": "10.0-release-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip edge gateway hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip apm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "i v5r4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "9.1-release-p15", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "ssl for openvms", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "1.4-493" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.1.21" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.3" }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7225072.030.134.32804" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.3.8.3" }, { "model": "tssc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3.1" }, { "model": "7.0-release-p3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.1.5.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.4" }, { "model": "tivoli workload scheduler for applications", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.6" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x37508752" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.2.3" }, { "model": "8.2-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0.3" }, { "model": "big-ip psm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip ltm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.3.9.3" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "i v5r3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2" }, { "model": "9.3-prerelease", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 1.0.0e", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "8.3-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "6.4-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "9.2-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "business server", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "1x8664" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5x" }, { "model": "8.4-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.3" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "big-ip apm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "-release-p7", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "-release-p32", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5740061.132.224.35203" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.10" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "7.0-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x36307158" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "aura collaboration environment", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8x" }, { "model": "campaign", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.1.0.4" }, { "model": "ip office application server sp", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.01" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "upward integration modules hardware management pack", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "upward integration modules integrated installer", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.5.3" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.2" }, { "model": "-release-p20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.3" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "big-ip asm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "project openssl 0.9.8t", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "10.0-release-p8", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "security network intrusion prevention system gx5108-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "puredata system for operational analytics", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0" }, { "model": "8.1-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.6" }, { "model": "bladecenter advanced management module 3.66g", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "big-ip ltm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "8.4-rc2-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "contact optimization", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "9.1.0.4" }, { "model": "project openssl 1.0.0c", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "big-ip apm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "9.3-rc2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.1x" }, { "model": "9.3-rc3-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2408737" }, { "model": "9.0--releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "data ontap smi-s agent", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.2" }, { "model": "9.2-rc1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.0" }, { "model": "security network intrusion prevention system gx4002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.2" }, { "model": "7.4-release-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0.x" }, { "model": "9.0-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "ip office application server sp", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.02" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.1" }, { "model": "big-ip gtm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "big-ip wom hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "release -p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.2-" }, { "model": "8.4-stable", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "8.1-prerelease", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "linux lts", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "14.04" }, { "model": "9.3-rc1-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "tivoli netcool system service monitor fp14", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.0.0" }, { "model": "security network intrusion prevention system gx7412-05", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "project openssl 1.0.0f", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2x" }, { "model": "tivoli management framework", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.1.1" }, { "model": "7.4-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "9.2-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.2.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1" }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.0.12" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "big-ip asm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.00" }, { "model": "project openssl 1.0.0j", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7830" }, { "model": "project openssl 1.0.0b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.1" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "big-ip analytics hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "8-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura experience portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "big-ip webaccelerator hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "proventia network security controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.1209" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "7.3-release-p3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "ssl for openvms", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.4-471" }, { "model": "8.2-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x32502583" }, { "model": "9.2-release-p9", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6.5" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.0.0" }, { "model": "-release-p38", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "colorqube", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "8900" }, { "model": "tssc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.15" }, { "model": "aura presence services sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3.3" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.5" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.1" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.4" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.2" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "big-ip asm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "8.4-beta1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "project openssl 0.9.8zb", "scope": "ne", "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl f", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x31002582" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0.1" }, { "model": "gpfs for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.2" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2" }, { "model": "tivoli workload scheduler for applications fp01", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "6.0-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip psm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.1.5" }, { "model": "9.2-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.4" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "upward integration modules for microsoft system center", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.5" }, { "model": "10.0-rc2-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 1.0.1d", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.6" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.5" }, { "model": "8.4-prerelease", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.9" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.1.21" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2.1" }, { "model": "big-ip pem", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1x" }, { "model": "9.3-release-p1", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "data ontap smi-s agent", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.2.1" }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.6" }, { "model": "flex system fc3171 8gb san switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.2" }, { "model": "8.4-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl beta1", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.1" }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7970072.200.134.32804" }, { "model": "flex system manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.2.1.0" }, { "model": "8.1-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "tssc", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.3.16" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.5" }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7220072.030.134.32804" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "31005.1.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "-release-p14", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.1" }, { "model": "8.1-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "colorqube r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "9303072.180.134.32804" }, { "model": "colorqube", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "9302" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.5" }, { "model": "big-ip analytics hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.3.1" }, { "model": "big-ip psm hf7", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "snapdrive for unix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.2.1" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "5" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "security network intrusion prevention system gx3002", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "big-ip asm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.0" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.8" }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "security network intrusion prevention system gv200", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "big-ip edge gateway", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.1.7.1" }, { "model": "big-ip analytics", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "flex system fc3171 8gb san switch", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1.1" }, { "model": "proventia network security controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.913" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "9.1-rc1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "beta4", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.0.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.4" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "system m5 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x310054570" }, { "model": "big-ip webaccelerator hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "9.0-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.1" }, { "model": "system m4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x35307160" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "-release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.0" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "41005.2" }, { "model": "9.2-rc3-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "colorqube r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "9301072.180.134.32804" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "14.0" }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.6.1" }, { "model": "7.2-release-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "1.5" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.1.0.9" }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "-stablepre050201", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5" }, { "model": "big-ip apm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53003.0" }, { "model": "colorqube", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "9301" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5755" }, { "model": "security network intrusion prevention system gx5008-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "project openssl 1.0.0h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "9.2-release-p4", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "7.3-release-p6", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "flashsystem", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8400" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "36550" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "release p7", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.3--" }, { "model": "big-ip link controller", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6" }, { "model": "big-ip analytics hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "aura experience portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "5.4-stable", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.1" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.2" }, { "model": "one-x client enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "9.1-release-p14", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "9.1-release-p3", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.0.00" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "-release-p10", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3" }, { "model": "big-ip asm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system manager sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "big-ip ltm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x357087180" }, { "model": "project openssl 0.9.8o", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "66550" }, { "model": "sdk for node.js", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.1.0.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.1" }, { "model": "project openssl e", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.8" }, { "model": "project openssl 1.0.1b", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "project openssl 1.0.0k", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "9.3-beta1-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip analytics hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "cms r17ac.g", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "aura system platform sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "idatplex dx360 m4 water cooled type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "79190" }, { "model": "big-ip wom", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "campaign", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "scale out network attached storage", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.4.3.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "2.2.3" }, { "model": "aura conferencing", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.0" }, { "model": "security network intrusion prevention system gx7412", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.2" }, { "model": "system type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x3950x638370" }, { "model": "10.0-rc1-p1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "5745" }, { "model": "sametime", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.0" }, { "model": "big-ip psm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "aura system platform sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "security network intrusion prevention system gx5208-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "10.0-stable", "scope": "ne", "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip ltm hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "hp-ux b.11.31 (11i", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "v3)" }, { "model": "9.0-release", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip apm hf2", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.0" }, { "model": "big-ip wom hf1", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x2408956" }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8731" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "7.4" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.2" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x8807903" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "-release-p8", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "tivoli composite application manager for transactions", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.0" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.1.2" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3.0" }, { "model": "security network protection", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "51005.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "9.2-release-p10", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "snapdrive for windows", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "8.4-release-p7", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip analytics hf7", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "snapdrive for unix", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "5.3" }, { "model": "enterprise linux hpc node", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "system m4 hd", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x36305466" }, { "model": "project openssl 0.9.8s", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "-release-p17", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "big-ip apm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2" }, { "model": "7.0-release-p11", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "clustered data ontap antivirus connector", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.1" }, { "model": "9.1-release-p10", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "security network intrusion prevention system gx5208", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "security network intrusion prevention system gx7412-10", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.2.5" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5" }, { "model": "security network intrusion prevention system gv1000", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.0.9.8" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.2" }, { "model": "10.0-release-p7", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "open systems snapvault", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.0.1" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "flex system compute node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x4407917" }, { "model": "flashsystem", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "v8400" }, { "model": "aix", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "system m4 hd", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x36505460" }, { "model": "system m4 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x357087220" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "flex system manager node", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8734" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.37" }, { "model": "workcentre r14-11 spar", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "7835072.010.134.32804" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.4" }, { "model": "-stablepre122300", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.5" }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0.00" }, { "model": "storage server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "workcentre", "scope": "eq", "trust": 0.3, "vendor": "xerox", "version": "79700" }, { "model": "project openssl beta2", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "1.0.1" }, { "model": "proventia network security controller 1.0.3350m", "scope": null, "trust": 0.3, "vendor": "ibm", "version": null }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "9.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.4" }, { "model": "9.1-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.0" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "security network intrusion prevention system gx4004-v2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "big-ip psm hf5", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "cms r17ac.h", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "contact optimization", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.1" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "security network intrusion prevention system gx5008", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.3" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "10.0" }, { "model": "enterprise linux desktop workstation client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "security network intrusion prevention system gx6116", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.6" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.3.0" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "3.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "6.3" }, { "model": "big-ip edge gateway hf7", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1.0" }, { "model": "9.2-rc1-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "8.0-rc1", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "big-ip ltm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.0" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "10.2.1" }, { "model": "vios", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.2.1.3" }, { "model": "security network intrusion prevention system gx7800", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.4" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "enterprise linux hpc node", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.2" }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.3" }, { "model": "8.2-release-p2", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "upward integration modules for vmware vsphere", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "3.5.1" }, { "model": "security network intrusion prevention system gx4004", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.5" }, { "model": "proventia network security controller", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "1.0.1768" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "system m5 type", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "x325054580" }, { "model": "-release-p42", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "big-ip edge gateway hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "8.4" }, { "model": "big-ip aam", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.6.0" }, { "model": "meeting exchange", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "ssl for openvms", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.4-476" }, { "model": "big-ip psm hf3", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.2.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "9.1" }, { "model": "big-ip psm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.1" }, { "model": "6.4-releng", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null }, { "model": "project openssl 1.0.1h", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "big-ip asm", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "11.5.1" }, { "model": "project openssl 1.0.0a", "scope": null, "trust": 0.3, "vendor": "openssl", "version": null }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "6.4-release-p5", "scope": null, "trust": 0.3, "vendor": "freebsd", "version": null } ], "sources": [ { "db": "BID", "id": "69076" }, { "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "db": "CNNVD", "id": "CNNVD-201408-128" }, { "db": "NVD", "id": "CVE-2014-3506" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-3506" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adam Langley of Google", "sources": [ { "db": "BID", "id": "69076" }, { "db": "CNNVD", "id": "CNNVD-201408-128" } ], "trust": 0.9 }, "cve": "CVE-2014-3506", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2014-3506", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2014-3506", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201408-128", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2014-3506", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3506" }, { "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "db": "CNNVD", "id": "CNNVD-201408-128" }, { "db": "NVD", "id": "CVE-2014-3506" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values. OpenSSL is prone to a denial-of-service vulnerability. \nAttackers may exploit this issue to consume large amounts of memory, resulting in a denial-of-service condition. \nThe following versions are vulnerable:\nOpenSSL 0.9.8 versions prior to 0.9.8zb. \nOpenSSL 1.0.0 versions prior to 1.0.0n. \nOpenSSL 1.0.1 versions prior to 1.0.1i. \n - The SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" also known as \"Poodle\", which could be exploited remotely\nresulting in disclosure of information. \nCorrected: 2014-08-07 21:04:42 UTC (stable/10, 10.0-STABLE)\n 2014-09-09 10:09:46 UTC (releng/10.0, 10.0-RELEASE-p8)\n 2014-08-07 21:06:34 UTC (stable/9, 9.3-STABLE)\n 2014-09-09 10:13:46 UTC (releng/9.3, 9.3-RELEASE-p1)\n 2014-09-09 10:13:46 UTC (releng/9.2, 9.2-RELEASE-p11)\n 2014-09-09 10:13:46 UTC (releng/9.1, 9.1-RELEASE-p18)\n 2014-08-07 21:06:34 UTC (stable/8, 8.4-STABLE)\n 2014-09-09 10:13:46 UTC (releng/8.4, 8.4-RELEASE-p15)\nCVE Name: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510,\n CVE-2014-3509, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. \n\nII. [CVE-2014-5139]\n\nIII. Additionally, a remote attacker may be able\nto run arbitrary code on a vulnerable system if the application has been\nset up for SRP. \n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.0]\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-10.0.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-10.0.patch.asc\n# gpg --verify openssl-10.0.patch.asc\n\n[FreeBSD 9.3]\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.3.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.3.patch.asc\n# gpg --verify openssl-9.3.patch.asc\n\n[FreeBSD 9.2, 9.1, 8.4]\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:18/openssl-9.patch.asc\n# gpg --verify openssl-9.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:http://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\n3) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r269687\nreleng/8.4/ r271305\nstable/9/ r269687\nreleng/9.1/ r271305\nreleng/9.2/ r271305\nreleng/9.3/ r271305\nstable/10/ r269686\nreleng/10.0/ r271304\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:http://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. \n\nDetailed descriptions of the vulnerabilities can be found at:\nhttps://www.openssl.org/news/secadv_20140806.txt\n\nIt\u0027s important that you upgrade the libssl1.0.0 package and not just\nthe openssl package. Alternatively, you may reboot your system. \n\nFor the testing distribution (jessie), these problems will be fixed\nsoon. \n\nRelease Date: 2014-08-14\nLast Updated: 2014-08-14\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized\naccess. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running\nOpenSSL. These vulnerabilities could be exploited remotely to create a Denial\nof Service (DoS), allow unauthorized access. \nHP-UX B.11.11, B.11.23, B.11.31 running OpenSSL versions before 0.9.8zb\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3505 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3506 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3507 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-3510 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to resolve these vulnerabilities. The\nupdates are available from https://h20392.www2.hp.com/portal/swdepot/displayP\nroductInfo.do?productNumber=OPENSSL11I\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n OpenSSL_A.00.09.08zb.001_HP-UX_B.11.11_32_64.depot\n\nB.11.23 (11i v2)\n OpenSSL_A.00.09.08zb.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n OpenSSL_A.00.09.08zb.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08zb or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08zb.001 or subsequent\n\nHP-UX B.11.23\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08zb.002 or subsequent\n\nHP-UX B.11.31\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08zb.003 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 15 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n \n The updated packages have been upgraded to the 1.0.0n version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510\n http://www.openssl.org/news/secadv_20140806.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 17007f558e739eb863c8507d520ffbc9 mbs1/x86_64/lib64openssl1.0.0-1.0.0n-1.mbs1.x86_64.rpm\n f810bbe20b2de26cb99d13ddaf0ac2fa mbs1/x86_64/lib64openssl-devel-1.0.0n-1.mbs1.x86_64.rpm\n 54d87a61ca0440dc5f344931de1ff43e mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0n-1.mbs1.x86_64.rpm\n 5b1748370e5a855cc31d3eec7673da5e mbs1/x86_64/lib64openssl-static-devel-1.0.0n-1.mbs1.x86_64.rpm\n 7e19a555629b4a2d3d4533be7786ce5e mbs1/x86_64/openssl-1.0.0n-1.mbs1.x86_64.rpm \n a9e74f2bab2878f601cfb44620c76dbb mbs1/SRPMS/openssl-1.0.0n-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFT5HsDmqjQ0CJFipgRAhA5AJ0ZoDe2+SA7K7xk+NZLedQBVoFVvgCffPW9\n5geoq7aMnxbnw5eTuuH+iIs=\n=CK7e\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-2308-1\nAugust 07, 2014\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. This issue\nonly affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. When OpenSSL is used with certain\napplications, an attacker may use this issue to possibly gain access to\nsensitive information. (CVE-2014-3508)\n\nGabor Tyukasz discovered that OpenSSL contained a race condition when\nprocessing serverhello messages. This issue\nonly affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS\nand Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. This issue only affected Ubuntu 12.04 LTS and\nUbuntu 14.04 LTS. (CVE-2014-5139)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.5\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.17\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.20\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: openssl security update\nAdvisory ID: RHSA-2014:1053-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1053.html\nIssue date: 2014-08-13\nCVE Names: CVE-2014-0221 CVE-2014-3505 CVE-2014-3506 \n CVE-2014-3508 CVE-2014-3510 \n=====================================================================\n\n1. Summary:\n\nUpdated openssl packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary. \n\nIt was discovered that the OBJ_obj2txt() function could fail to properly\nNUL-terminate its output. This could possibly cause an application using\nOpenSSL functions to format fields of X.509 certificates to disclose\nportions of its memory. (CVE-2014-3508)\n\nMultiple flaws were discovered in the way OpenSSL handled DTLS packets. (CVE-2014-0221,\nCVE-2014-3505, CVE-2014-3506)\n\nA NULL pointer dereference flaw was found in the way OpenSSL performed a\nhandshake when using the anonymous Diffie-Hellman (DH) key exchange. (CVE-2014-3510)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-0221. Upstream acknowledges Imre Rad of Search-Lab as the original\nreporter of this issue. \n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake\n1127490 - CVE-2014-3508 openssl: information leak in pretty printing functions\n1127499 - CVE-2014-3505 openssl: DTLS packet processing double free\n1127500 - CVE-2014-3506 openssl: DTLS memory exhaustion\n1127503 - CVE-2014-3510 openssl: DTLS anonymous (EC)DH denial of service\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nopenssl-0.9.8e-27.el5_10.4.src.rpm\n\ni386:\nopenssl-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-perl-0.9.8e-27.el5_10.4.i386.rpm\n\nx86_64:\nopenssl-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-0.9.8e-27.el5_10.4.x86_64.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.x86_64.rpm\nopenssl-perl-0.9.8e-27.el5_10.4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Workstation (v. 5 client):\n\nSource:\nopenssl-0.9.8e-27.el5_10.4.src.rpm\n\ni386:\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.i386.rpm\n\nx86_64:\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.x86_64.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nopenssl-0.9.8e-27.el5_10.4.src.rpm\n\ni386:\nopenssl-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-perl-0.9.8e-27.el5_10.4.i386.rpm\n\nia64:\nopenssl-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-0.9.8e-27.el5_10.4.ia64.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.ia64.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.ia64.rpm\nopenssl-perl-0.9.8e-27.el5_10.4.ia64.rpm\n\nppc:\nopenssl-0.9.8e-27.el5_10.4.ppc.rpm\nopenssl-0.9.8e-27.el5_10.4.ppc64.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.ppc.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.ppc64.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.ppc.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.ppc64.rpm\nopenssl-perl-0.9.8e-27.el5_10.4.ppc.rpm\n\ns390x:\nopenssl-0.9.8e-27.el5_10.4.s390.rpm\nopenssl-0.9.8e-27.el5_10.4.s390x.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.s390.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.s390x.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.s390.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.s390x.rpm\nopenssl-perl-0.9.8e-27.el5_10.4.s390x.rpm\n\nx86_64:\nopenssl-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-0.9.8e-27.el5_10.4.x86_64.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.i686.rpm\nopenssl-debuginfo-0.9.8e-27.el5_10.4.x86_64.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.i386.rpm\nopenssl-devel-0.9.8e-27.el5_10.4.x86_64.rpm\nopenssl-perl-0.9.8e-27.el5_10.4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2014-0221.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3505.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3506.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3508.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-3510.html\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://www.openssl.org/news/secadv_20140605.txt\nhttps://www.openssl.org/news/secadv_20140806.txt\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFT69sGXlSAg2UNWIIRAuZjAJ9R5VuNKxbsx8+T/WGZrkH1VheAqgCdHHXN\nvrHSSMIJuncazkJWPE/LOyQ=\n=/f7Y\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1i-i486-1_slack14.1.txz: Upgraded. \n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zb-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zb-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zb-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zb-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zb-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1i-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1i-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1i-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1i-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1i-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1i-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1i-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1i-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1i-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 packages:\n30bdc015b10d8891b90d3f6ea34f5fdd openssl-0.9.8zb-i486-1_slack13.0.txz\n3dc4140c22c04c94e5e74386a5a1c200 openssl-solibs-0.9.8zb-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n3da32f51273762d67bf9dbcc91af9413 openssl-0.9.8zb-x86_64-1_slack13.0.txz\n075e5d12e5b909ecac923cb210f83544 openssl-solibs-0.9.8zb-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n3b7e2bb2b317bf72b8f9b2b7a14bddfb openssl-0.9.8zb-i486-1_slack13.1.txz\n92af0784eade0674332a56bfab73b97d openssl-solibs-0.9.8zb-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\ndf5f961109d7b50971660ca6a7d4c48c openssl-0.9.8zb-x86_64-1_slack13.1.txz\n582aaeae3d56730a2e1538a67d4e44da openssl-solibs-0.9.8zb-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n546445d56d3b367fa0dd4e80859c4620 openssl-0.9.8zb-i486-1_slack13.37.txz\nb80e9df8cdd0649939ec2fab20d24691 openssl-solibs-0.9.8zb-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n9c9ce97dc21340924a3e27c1a8047023 openssl-0.9.8zb-x86_64-1_slack13.37.txz\n0fe1931f2fc82fb8d5fbe72680caf843 openssl-solibs-0.9.8zb-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\nd1580f4b22b99cee42b22276653c8180 openssl-1.0.1i-i486-1_slack14.0.txz\nec93cec2bcab8ae7391a504573cbc231 openssl-solibs-1.0.1i-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n329475de3759225b1d02aa7317b2eb58 openssl-1.0.1i-x86_64-1_slack14.0.txz\n25f2a198022d974534986a3913ca705c openssl-solibs-1.0.1i-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n8336457bc31d44ebf502ffc4443f12f7 openssl-1.0.1i-i486-1_slack14.1.txz\n4b99ac357fbd3065c53367eea246b8c7 openssl-solibs-1.0.1i-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nf2b8f81d9d7dc02e5d1011f663ccc95d openssl-1.0.1i-x86_64-1_slack14.1.txz\n4360abffbb57cb18ba0720f782d78250 openssl-solibs-1.0.1i-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n49ecd332a899cf742d3467a6efe44269 a/openssl-solibs-1.0.1i-i486-1.txz\n27da017c49045981b1793f105aff365f n/openssl-1.0.1i-i486-1.txz\n\nSlackware x86_64 -current packages:\n8d74f3d770802182137c84d925f58cbc a/openssl-solibs-1.0.1i-x86_64-1.txz\nfd9d94d3210f0aedf74959cb0887e2b8 n/openssl-1.0.1i-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1i-i486-1_slack14.1.txz openssl-solibs-1.0.1i-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. OpenSSL Security Advisory [6 Aug 2014]\n========================================\n\nInformation leak in pretty printing functions (CVE-2014-3508)\n=============================================================\n\nA flaw in OBJ_obj2txt may cause pretty printing functions such as\nX509_name_oneline, X509_name_print_ex et al. to leak some information from the\nstack. Applications may be affected if they echo pretty printing output to the\nattacker. OpenSSL SSL/TLS clients and servers themselves are not affected. \n\nThanks to Ivan Fratric (Google) for discovering this issue. This issue\nwas reported to OpenSSL on 19th June 2014. \n\nThe fix was developed by Emilia K\u00e4sper and Stephen Henson of the OpenSSL\ndevelopment team. \n\n\nCrash with SRP ciphersuite in Server Hello message (CVE-2014-5139)\n==================================================================\n\nThe issue affects OpenSSL clients and allows a malicious server to crash\nthe client with a null pointer dereference (read) by specifying an SRP\nciphersuite even though it was not properly negotiated with the client. This can\nbe exploited through a Denial of Service attack. \n\nOpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. \n\nThanks to Joonas Kuorilehto and Riku Hietam\u00e4ki (Codenomicon) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 2nd July 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nRace condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)\n==============================================================\n\nIf a multithreaded client connects to a malicious server using a resumed session\nand the server sends an ec point format extension it could write up to 255 bytes\nto freed memory. \n\nOpenSSL 1.0.0 SSL/TLS client users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 SSL/TLS client users should upgrade to 1.0.1i. \n\nThanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this\nissue. This issue was reported to OpenSSL on 8th July 2014. \n\nThe fix was developed by Gabor Tyukasz. \n\n\nDouble Free when processing DTLS packets (CVE-2014-3505)\n========================================================\n\nAn attacker can force an error condition which causes openssl to crash whilst\nprocessing DTLS packets due to memory being freed twice. This can be exploited\nthrough a Denial of Service attack. \n\nThanks to Adam Langley and Wan-Teh Chang (Google) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 6th June\n2014. \n\nThe fix was developed by Adam Langley. This can be exploited through a Denial of\nService attack. \n\nThanks to Adam Langley (Google) for discovering and researching this\nissue. This issue was reported to OpenSSL on 6th June 2014. \n\nThe fix was developed by Adam Langley. \n\n\nDTLS memory leak from zero-length fragments (CVE-2014-3507)\n===========================================================\n\nBy sending carefully crafted DTLS packets an attacker could cause openssl to\nleak memory. This can be exploited through a Denial of Service attack. \n\nThanks to Adam Langley (Google) for discovering and researching this\nissue. This issue was reported to OpenSSL on 6th June 2014. \n\nThe fix was developed by Adam Langley. \n\nOpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)\n===============================================================\n\nOpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a\ndenial of service attack. A malicious server can crash the client with a null\npointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and\nsending carefully crafted handshake messages. \n\nOpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb\nOpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n. \nOpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i. \n\nThanks to Felix Gr\u00f6bert (Google) for discovering and researching this issue. \nThis issue was reported to OpenSSL on 18th July 2014. \n\nThe fix was developed by Emilia K\u00e4sper of the OpenSSL development team. \n\n\nOpenSSL TLS protocol downgrade attack (CVE-2014-3511)\n=====================================================\n\nA flaw in the OpenSSL SSL/TLS server code causes the server to negotiate\nTLS 1.0 instead of higher protocol versions when the ClientHello message is\nbadly fragmented. This allows a man-in-the-middle attacker to force a\ndowngrade to TLS 1.0 even if both the server and the client support a higher\nprotocol version, by modifying the client\u0027s TLS records. \n\nOpenSSL 1.0.1 SSL/TLS server users should upgrade to 1.0.1i. \n\nThanks to David Benjamin and Adam Langley (Google) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 21st July 2014. \n\nThe fix was developed by David Benjamin. \n\n\nSRP buffer overrun (CVE-2014-3512)\n==================================\n\nA malicious client or server can send invalid SRP parameters and overrun\nan internal buffer. Only applications which are explicitly set up for SRP\nuse are affected. \n\nThanks to Sean Devlin and Watson Ladd (Cryptography Services, NCC\nGroup) for discovering this issue. This issue was reported to OpenSSL\non 31st July 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20140806.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time", "sources": [ { "db": "NVD", "id": "CVE-2014-3506" }, { "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "db": "BID", "id": "69076" }, { "db": "VULMON", "id": "CVE-2014-3506" }, { "db": "PACKETSTORM", "id": "130868" }, { "db": "PACKETSTORM", "id": "128214" }, { "db": "PACKETSTORM", "id": "127803" }, { "db": "PACKETSTORM", "id": "127940" }, { "db": "PACKETSTORM", "id": "128387" }, { "db": "PACKETSTORM", "id": "127799" }, { "db": "PACKETSTORM", "id": "127790" }, { "db": "PACKETSTORM", "id": "127862" }, { "db": "PACKETSTORM", "id": "128297" }, { "db": "PACKETSTORM", "id": "127811" }, { "db": "PACKETSTORM", "id": "169648" } ], "trust": 2.97 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-3506", "trust": 3.9 }, { "db": "BID", "id": "69076", "trust": 1.4 }, { "db": "SECUNIA", "id": "61250", "trust": 1.1 }, { "db": "SECUNIA", "id": "59710", "trust": 1.1 }, { "db": "SECUNIA", "id": "60687", "trust": 1.1 }, { "db": "SECUNIA", "id": "61184", "trust": 1.1 }, { "db": "SECUNIA", "id": "60938", "trust": 1.1 }, { "db": "SECUNIA", "id": "60684", "trust": 1.1 }, { "db": "SECUNIA", "id": "61775", "trust": 1.1 }, { "db": "SECUNIA", "id": "60493", "trust": 1.1 }, { "db": "SECUNIA", "id": "59221", "trust": 1.1 }, { "db": "SECUNIA", "id": "60221", "trust": 1.1 }, { "db": "SECUNIA", "id": "59743", "trust": 1.1 }, { "db": "SECUNIA", "id": "60778", "trust": 1.1 }, { "db": "SECUNIA", "id": "61017", "trust": 1.1 }, { "db": "SECUNIA", "id": "59756", "trust": 1.1 }, { "db": "SECUNIA", "id": "60921", "trust": 1.1 }, { "db": "SECUNIA", "id": "61959", "trust": 1.1 }, { "db": "SECUNIA", "id": "60917", "trust": 1.1 }, { "db": "SECUNIA", "id": "61040", "trust": 1.1 }, { "db": "SECUNIA", "id": "59700", "trust": 1.1 }, { "db": "SECUNIA", "id": "60803", "trust": 1.1 }, { "db": "SECUNIA", "id": "60824", "trust": 1.1 }, { "db": "SECUNIA", "id": "61100", "trust": 1.1 }, { "db": "SECUNIA", "id": "60022", "trust": 1.1 }, { "db": "SECUNIA", "id": "58962", "trust": 1.1 }, { "db": "SECTRACK", "id": "1030693", "trust": 1.1 }, { "db": "JVNDB", "id": "JVNDB-2014-003810", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2022.0696", "trust": 0.6 }, { "db": "LENOVO", "id": "LEN-24443", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201408-128", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2014-3506", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130868", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128214", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127803", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127940", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128387", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127799", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127790", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127862", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128297", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127811", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "169648", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3506" }, { "db": "BID", "id": "69076" }, { "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "db": "PACKETSTORM", "id": "130868" }, { "db": "PACKETSTORM", "id": "128214" }, { "db": "PACKETSTORM", "id": "127803" }, { "db": "PACKETSTORM", "id": "127940" }, { "db": "PACKETSTORM", "id": "128387" }, { "db": "PACKETSTORM", "id": "127799" }, { "db": "PACKETSTORM", "id": "127790" }, { "db": "PACKETSTORM", "id": "127862" }, { "db": "PACKETSTORM", "id": "128297" }, { "db": "PACKETSTORM", "id": "127811" }, { "db": "PACKETSTORM", "id": "169648" }, { "db": "CNNVD", "id": "CNNVD-201408-128" }, { "db": "NVD", "id": "CVE-2014-3506" } ] }, "id": "VAR-201408-0095", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.44401007833333334 }, "last_update_date": "2024-07-22T21:22:36.590000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HPSBHF03293", "trust": 0.8, "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2" }, { "title": "HPSBUX03095 SSRT101674", "trust": 0.8, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c04404655" }, { "title": "HPSBOV03099 SSRT101686", "trust": 0.8, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c04426586" }, { "title": "1682293", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293" }, { "title": "1686997", "trust": 0.8, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "title": "Fix DTLS handshake message size checks.", "trust": 0.8, "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1250f12613b61758675848f6600ebd914ccd7636" }, { "title": "DTLS memory exhaustion (CVE-2014-3506)", "trust": 0.8, "url": "https://www.openssl.org/news/secadv_20140806.txt" }, { "title": "ELSA-2014-1053", "trust": 0.8, "url": "http://linux.oracle.com/errata/elsa-2014-1053.html" }, { "title": "RHSA-2014:1297", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2014-1297.html" }, { "title": "RHSA-2014:1256", "trust": 0.8, "url": "https://rhn.redhat.com/errata/rhsa-2014-1256.html" }, { "title": "Huawei-SA-20141008-OpenSSL", "trust": 0.8, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm" }, { "title": "TLSA-2014-6", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2014/tlsa-2014-6j.html" }, { "title": "openssl-0.9.8zb", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51694" }, { "title": "openssl-1.0.1i", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51696" }, { "title": "openssl-1.0.0n", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51695" }, { "title": "Ubuntu Security Notice: openssl vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2308-1" }, { "title": "Debian Security Advisories: DSA-2998-1 openssl -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=bfd576c692d8814b2a331baf29ad367c" }, { "title": "Amazon Linux AMI: ALAS-2014-391", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-391" }, { "title": "Symantec Security Advisories: SA85 : OpenSSL Security Advisory 06-Aug-2014", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=02a206cf2efb06aecdaf29aeca851b55" }, { "title": "oval", "trust": 0.1, "url": "https://github.com/jumanjihouse/oval " }, { "title": "wormhole", "trust": 0.1, "url": "https://github.com/jumanjihouse/wormhole " }, { "title": "", "trust": 0.1, "url": "https://github.com/hrbrmstr/internetdb " } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3506" }, { "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "db": "CNNVD", "id": "CNNVD-201408-128" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-399", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "db": "NVD", "id": "CVE-2014-3506" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "https://www.openssl.org/news/secadv_20140806.txt" }, { "trust": 1.5, "url": "http://rhn.redhat.com/errata/rhsa-2014-1256.html" }, { "trust": 1.4, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "trust": 1.4, "url": "https://www.freebsd.org/security/advisories/freebsd-sa-14:18.openssl.asc" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2014-1297.html" }, { "trust": 1.1, "url": "http://linux.oracle.com/errata/elsa-2014-1053.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60687" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59221" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60824" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60917" }, { "trust": 1.1, "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-008.txt.asc" }, { "trust": 1.1, "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60938" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60921" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00036.html" }, { "trust": 1.1, "url": "http://www.debian.org/security/2014/dsa-2998" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=140853041709441\u0026w=2" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=141077370928502\u0026w=2" }, { "trust": 1.1, "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61775" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61959" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682293" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59756" }, { "trust": 1.1, "url": "http://security.gentoo.org/glsa/glsa-201412-39.xml" }, { "trust": 1.1, "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "trust": 1.1, "url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-september/000196.html" }, { "trust": 1.1, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1127500" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683389" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020240" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1030693" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/69076" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:158" }, { "trust": 1.1, "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15573.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61250" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61184" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61100" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61040" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61017" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60803" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60778" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60684" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60493" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60221" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60022" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59743" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59710" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59700" }, { "trust": 1.1, "url": "http://secunia.com/advisories/58962" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html" }, { "trust": 1.1, "url": "http://linux.oracle.com/errata/elsa-2014-1052.html" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95160" }, { "trust": 1.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3508" }, { "trust": 1.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3510" }, { "trust": 1.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3506" }, { "trust": 1.0, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3506" }, { "trust": 1.0, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3505" }, { "trust": 1.0, "url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=1250f12613b61758675848f6600ebd914ccd7636" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3506" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3507" }, { "trust": 0.7, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3509" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-5139" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3512" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3511" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0696" }, { "trust": 0.6, "url": "https://support.lenovo.com/us/en/solutions/len-24443" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021317" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684444" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684903" }, { "trust": 0.3, "url": "http://www.openssl.org" }, { "trust": 0.3, "url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004917" }, { "trust": 0.3, "url": "http://www.ibm.com/support/docview.wss?uid=swg21686583" }, { "trust": 0.3, "url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004931" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004872" }, { "trust": 0.3, "url": "http://seclists.org/bugtraq/2015/mar/84" }, { "trust": 0.3, "url": "aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100182969" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04426586" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04404655" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21684570" }, { "trust": 0.3, "url": "https://www.xerox.com/download/security/security-bulletin/2a20e-5105457a515cc/cert_security_mini-_bulletin_xrx15e_for_wc57xx_v1_0.pdf" }, { "trust": 0.3, "url": "https://www.xerox.com/download/security/security-bulletin/2deee-50da9c14daae3/cert_mini_security_bulletin_xrx15a_v1-01.pdf" }, { "trust": 0.3, "url": "https://www.xerox.com/download/security/security-bulletin/2df3c-51055b159fd50/cert_security_mini_bulletin_xrx15f_for_connectkey_1.5_v1-01.pdf" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685467" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21682293" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098196" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097658" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100182784" }, { "trust": 0.3, "url": "https://rhn.redhat.com/errata/rhsa-2014-1052.html" }, { "trust": 0.3, "url": "https://rhn.redhat.com/errata/rhsa-2014-1054.html" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691014" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020240" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21691005" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963783" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21683389" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097903" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098264" }, { "trust": 0.3, "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098585" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686182" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21685967" }, { "trust": 0.3, "url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096510" }, { "trust": 0.3, "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15573.html?ref=rss" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966557" }, { "trust": 0.3, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2014-3508.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2014-3510.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2014-3505.html" }, { "trust": 0.3, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2014-3506.html" }, { "trust": 0.3, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.3, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.2, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.2, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.2, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.2, "url": "http://www.debian.org/security/" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3505" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3509" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3508" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3510" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3507" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/399.html" }, { "trust": 0.1, "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1250f12613b61758675848f6600ebd914ccd7636" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=35205" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/2308-1/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3510\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3507\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3506\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3512\u003e" }, { "trust": 0.1, "url": "http://www.freebsd.org/handbook/makeworld.html\u003e." }, { "trust": 0.1, "url": "https://www.openssl.org/news/secadv_20140806.txt\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3508\u003e" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-9.patch" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-10.0.patch" }, { "trust": 0.1, "url": "http://security.freebsd.org/\u003e." }, { "trust": 0.1, "url": "http://security.freebsd.org/advisories/freebsd-sa-14:18.openssl.asc\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3511\u003e" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-9.patch.asc" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3509\u003e" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-9.3.patch.asc" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-10.0.patch.asc" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:18/openssl-9.3.patch" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5139\u003e" }, { "trust": 0.1, "url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e" }, { "trust": 0.1, "url": "http://www.debian.org/security/faq" }, { "trust": 0.1, "url": "https://h20392.www2.hp.com/portal/swdepot/displayp" }, { "trust": 0.1, "url": "https://www.hp.com/go/swa" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.3" }, { "trust": 0.1, "url": "http://www.mandriva.com/en/support/security/" }, { "trust": 0.1, "url": "http://www.mandriva.com/en/support/security/advisories/" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.20" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.17" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.5" }, { "trust": 0.1, "url": "http://www.ubuntu.com/usn/usn-2308-1" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://www.openssl.org/news/secadv_20140605.txt" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2014-1053.html" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=securitypatches\u0026version=2.1.0" }, { "trust": 0.1, "url": "http://slackware.com" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3511" }, { "trust": 0.1, "url": "http://slackware.com/gpg-key" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3512" }, { "trust": 0.1, "url": "http://osuosl.org)" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5139" } ], "sources": [ { "db": "VULMON", "id": "CVE-2014-3506" }, { "db": "BID", "id": "69076" }, { "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "db": "PACKETSTORM", "id": "130868" }, { "db": "PACKETSTORM", "id": "128214" }, { "db": "PACKETSTORM", "id": "127803" }, { "db": "PACKETSTORM", "id": "127940" }, { "db": "PACKETSTORM", "id": "128387" }, { "db": "PACKETSTORM", "id": "127799" }, { "db": "PACKETSTORM", "id": "127790" }, { "db": "PACKETSTORM", "id": "127862" }, { "db": "PACKETSTORM", "id": "128297" }, { "db": "PACKETSTORM", "id": "127811" }, { "db": "PACKETSTORM", "id": "169648" }, { "db": "CNNVD", "id": "CNNVD-201408-128" }, { "db": "NVD", "id": "CVE-2014-3506" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2014-3506" }, { "db": "BID", "id": "69076" }, { "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "db": "PACKETSTORM", "id": "130868" }, { "db": "PACKETSTORM", "id": "128214" }, { "db": "PACKETSTORM", "id": "127803" }, { "db": "PACKETSTORM", "id": "127940" }, { "db": "PACKETSTORM", "id": "128387" }, { "db": "PACKETSTORM", "id": "127799" }, { "db": "PACKETSTORM", "id": "127790" }, { "db": "PACKETSTORM", "id": "127862" }, { "db": "PACKETSTORM", "id": "128297" }, { "db": "PACKETSTORM", "id": "127811" }, { "db": "PACKETSTORM", "id": "169648" }, { "db": "CNNVD", "id": "CNNVD-201408-128" }, { "db": "NVD", "id": "CVE-2014-3506" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-08-13T00:00:00", "db": "VULMON", "id": "CVE-2014-3506" }, { "date": "2014-08-06T00:00:00", "db": "BID", "id": "69076" }, { "date": "2014-08-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "date": "2015-03-18T00:44:34", "db": "PACKETSTORM", "id": "130868" }, { "date": "2014-09-09T17:32:22", "db": "PACKETSTORM", "id": "128214" }, { "date": "2014-08-08T21:50:05", "db": "PACKETSTORM", "id": "127803" }, { "date": "2014-08-20T15:20:13", "db": "PACKETSTORM", "id": "127940" }, { "date": "2014-09-25T00:05:16", "db": "PACKETSTORM", "id": "128387" }, { "date": "2014-08-08T21:48:03", "db": "PACKETSTORM", "id": "127799" }, { "date": "2014-08-08T21:44:17", "db": "PACKETSTORM", "id": "127790" }, { "date": "2014-08-14T02:25:06", "db": "PACKETSTORM", "id": "127862" }, { "date": "2014-09-17T20:46:27", "db": "PACKETSTORM", "id": "128297" }, { "date": "2014-08-11T11:11:00", "db": "PACKETSTORM", "id": "127811" }, { "date": "2014-08-06T12:12:12", "db": "PACKETSTORM", "id": "169648" }, { "date": "2014-08-20T00:00:00", "db": "CNNVD", "id": "CNNVD-201408-128" }, { "date": "2014-08-13T23:55:07.403000", "db": "NVD", "id": "CVE-2014-3506" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-08-29T00:00:00", "db": "VULMON", "id": "CVE-2014-3506" }, { "date": "2016-07-27T01:00:00", "db": "BID", "id": "69076" }, { "date": "2015-06-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003810" }, { "date": "2022-02-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201408-128" }, { "date": "2023-11-07T02:20:09.810000", "db": "NVD", "id": "CVE-2014-3506" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "127790" }, { "db": "PACKETSTORM", "id": "127862" }, { "db": "CNNVD", "id": "CNNVD-201408-128" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL of DTLS Implementation of d1_both.c Service disruption in (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003810" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201408-128" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.