var-201410-1418
Vulnerability from variot
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. There is a security vulnerability in the SSL protocol 3.0 version used in OpenSSL 1.0.1i and earlier versions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2014-10-16-4 OS X Server v3.2.2
OS X Server v3.2.2 is now available and addresses the following:
Server Available for: OS X Mavericks v10.9.5 or later Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support a better TLS version, by blocking TLS 1.0 and higher connection attempts. This issue was addressed by disabling SSL 3.0 support in Web Server, Calendar & Contacts Server, and Remote Administration. CVE-ID CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of Google Security Team
OS X Server v3.2.2 may be obtained from the Mac App Store. HP Storage Data Protector Cell Manager v8 before v8.13_206 and v9 before v9.03MMR running on HP-UX 11i, Windows Server 2008/2008R2/2012/2012R2, Redhat, CentOS, Oracle Linux, and SUSE Linux_x64. ============================================================================ Ubuntu Security Notice USN-2486-1 January 27, 2015
openjdk-6 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK 6.
Software Description: - openjdk-6: Open Source Java implementation
Details:
Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to expose sensitive data over the network. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6593)
A vulnerability was discovered in the OpenJDK JRE related to integrity and availability. (CVE-2015-0383)
A vulnerability was discovered in the OpenJDK JRE related to availability. (CVE-2015-0410)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.12.04.1 icedtea-6-jre-jamvm 6b34-1.13.6-1ubuntu0.12.04.1 openjdk-6-jre 6b34-1.13.6-1ubuntu0.12.04.1 openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.12.04.1 openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.12.04.1 openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.12.04.1
Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.10.04.1 openjdk-6-jre 6b34-1.13.6-1ubuntu0.10.04.1 openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.10.04.1 openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.10.04.1 openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.10.04.1
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2486-1 CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0400, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
Package Information: https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.12.04.1 https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.10.04.1 . A second vulnerability could be exploited remotely to cause a Denial of Service (DoS).
Contact vcemsdksupportteam@hp.com to request the HP Virtual Connect Enterprise Manager SDK v7.4.1 or later. The vulnerabilities may lead to remote disclosure of information.
The update is available from HPE Software Depot: https://h20392.www2.hpe.com/ portal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com
Note: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade to OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported through March 28, 2016.
SSLv3 is enabled by default in all version 5 HP Insight Remote Support Clients. HP recommends that customers, if possible, should migrate to Insight Remote Support Version 7.2 which has been updated with a preliminary resolution to the vulnerability. This bulletin will be revised when the final resolution update is available.
Please refer to the following Insight Remote Support Version 7.2 documents for recommendations on migrating to Insight Remote Support Version 7.2:
http://www.hp.com/go/insightremotesupport/docs
HP Insight Remote Support 7.2 Upgrade Guide
HP Insight Remote Support 7.2 Release Notes
HISTORY Version:1 (rev.1) - 5 December 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
============================================================================= FreeBSD-SA-14:23.openssl Security Advisory The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib Module: openssl Announced: 2014-10-21 Affects: All supported versions of FreeBSD. Corrected: 2014-10-15 19:59:43 UTC (stable/10, 10.1-PRERELEASE) 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC3) 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC2-p1) 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC1-p1) 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-BETA3-p1) 2014-10-21 20:21:10 UTC (releng/10.0, 10.0-RELEASE-p10) 2014-10-15 20:28:31 UTC (stable/9, 9.3-STABLE) 2014-10-21 20:21:10 UTC (releng/9.3, 9.3-RELEASE-p3) 2014-10-21 20:21:10 UTC (releng/9.2, 9.2-RELEASE-p13) 2014-10-21 20:21:10 UTC (releng/9.1, 9.1-RELEASE-p20) 2014-10-15 20:28:31 UTC (stable/8, 8.4-STABLE) 2014-10-21 20:21:27 UTC (releng/8.4, 8.4-RELEASE-p17) CVE Name: CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
II. Problem Description
A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. [CVE-2014-3513].
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. [CVE-2014-3567]. This protocol weakness makes it possible for an attacker to obtain clear text data through a padding-oracle attack.
Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE [CVE-2014-3566].
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade.
When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them. [CVE-2014-3568].
III. Impact
A remote attacker can cause Denial of Service with OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. [CVE-2014-3513]
By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack. [CVE-2014-3567].
An active man-in-the-middle attacker can force a protocol downgrade to SSLv3 and exploit the weakness of SSLv3 to obtain clear text data from the connection. [CVE-2014-3566] [CVE-2014-3568]
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.0]
fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-10.0.patch
fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-10.0.patch.asc
gpg --verify openssl-10.0.patch.asc
[FreeBSD 9.3]
fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-9.3.patch
fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-9.3.patch.asc
gpg --verify openssl-9.3.patch.asc
[FreeBSD 8.4, 9.1 and 9.2]
fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-8.4.patch
fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-8.4.patch.asc
gpg --verify openssl-8.4.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in
Restart all deamons using the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/8/ r273151 releng/8.4/ r273416 stable/9/ r273151 releng/9.1/ r273415 releng/9.2/ r273415 releng/9.3/ r273415 stable/10/ r273149 releng/10.0/ r273415 releng/10.1/ r273399
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at
iQIcBAEBAgAGBQJURsSwAAoJEO1n7NZdz2rn3ekQANG9DnAGJq/yAXXtX4wdeP08 Ep35L3dkxJsthoqJhn7fc/pra5SZ5iS7NCRHdh5Xn1dsxRiOsffYt9zanWyTOgj+ RQy9jiNp0oIWQEkxZVoHMIKn6VeQk1I2llSXyERANjeDtKX6GV2gV+Zd4tcExW4T Nn9jVHgkDL/doxJ3C1K0BrkdoEEwyPohAf8WLAg6ZKRm3Pys1Ewjm6fPBPtKUIEu zWFruP5xFz3rM6i/4zcihj7b4BuIKtUBgHf28rgf0I3TKZTr75Xr9h4q/8ZG4H0G Lk/1OoZTiMyjlBLufpTlCOdODjz7ORzDLif47Zyt52iZowq1hl4WO7Xo/C/kPUmG o631wsLmO9tPS2Z0TmIQm1fwjlTvIZefZAlMpa1lDwnwZx2hRsu9TzauACdSbuWx 9i+e8/CSMEsr0qJo8KXjltpV9siULhkvl9xr3PwxMfvHFjGUAuur2zHUoTQZTpy0 nKJJXSs3kIW/4ivLMDuDYijdVnf4hrih6GTKEND6aNXtyXitiFK8J4a/q0T4BBnh 89A2QUFVeeDPmf7jzMh824s8W2uoPFGJqHgdtqv1bLT29rqh5ya/5zi7sci6Q/Mk ov0U8X3Pwun7iwJDeYG6N38lUSdMqImHR12Ay7pOY04i4qau4Yf8B26lwcMk/HrU cZ84y1sCp0qHtTqKuak9 =ywze -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04720842
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04720842 Version: 1
HPSBPI03107 rev.1 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-06-26 Last Updated: 2015-06-26
Potential Security Impact: Remote disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP LaserJet Printers and MFPs, certain HP OfficeJet Printers and MFPs, and certain HP JetDirect Networking cards using OpenSSL. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information.
References:
CVE-2014-3566 (SSRT101114)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION below for a list of impacted products.
Note: all product versions are impacted prior to the fixed versions listed.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION HP has provided firmware updates for impacted printers as in the table below. To obtain the updated firmware, go to www.hp.com and follow these steps:
Select "Drivers & Software". Enter the appropriate product name listed in the table below into the search field. Click on "Search". Click on the appropriate product. Under "Select operating system" click on "Cross operating system (BIOS, Firmware, Diagnostics, etc.)" Note: If the "Cross operating system ..." link is not present, select applicable Windows operating system from the list. Select the appropriate firmware update under "Firmware".
Firmware Updates Table
Product Name Model Number Firmware Revision
HP Color LaserJet CP5525 CE707A,CE708A,CE709A 2305081_000127 (or higher)
HP Color LaserJet Enterprise M552 B5L23A 2305076_518484 (or higher)
HP Color LaserJet Enterprise M553 B5L24A, B5L25A, B5L26A 2305076_518484 (or higher)
HP Color LaserJet Enterprise M651 CZ255A, CZ256A, CZ257A, CZ258A 2305076_518492 (or higher)
HP Color LaserJet Enterprise M750 D3L08A, D3L09A, D3L10A 2305081_000144 (or higher)
HP Color LaserJet M680 CZ250A, CA251A 2305076_518489 (or higher)
HP LaserJet Enterprise 500 color MFP M575dn CD644A, CD645A 2305076_518499 (or higher)
HP LaserJet Enterprise 500 MFP M525f CF116A, CF117A 2305076_518487 (or higher)
HP LaserJet Enterprise 600 M601 CE989A, CE990A 2305083_000199 (or higher)
HP LaserJet Enterprise 600 M602 CE991A, CE992A, CE993A 2305083_000199 (or higher)
HP LaserJet Enterprise 600 M603xh CE994A, CE995A, CE996A 2305083_000199 (or higher)
HP LaserJet Enterprise 700 color MFP M775 series CC522A, CC523A, CC524A 2305076_518498 (or higher)
HP LaserJet Enterprise 700 M712xh CF235A, CF236A, CF238A 2305083_000196 (or higher)
HP LaserJet Enterprise 800 color M855 A2W77A, A2W78A, A2W79A 2305076_518493 (or higher)
HP LaserJet Enterprise 800 color MFP M880 A2W76A, A2W75A, D7P70A, D7P71A 2305076_518488 (or higher)
HP LaserJet Enterprise Color 500 M551 Series CF081A,CF082A,CF083A 2305083_000200 (or higher)
HP LaserJet Enterprise Color flow MFP M575c CD646A 2305076_518499 (or higher)
HP LaserJet Enterprise flow M830z MFP CF367A 2305076_518490 (or higher)
HP LaserJet Enterprise flow MFP M525c CF118A 2305076_518487 (or higher)
HP LaserJet Enterprise Flow MFP M630z B3G85A 2305076_518483 (or higher)
HP LaserJet Enterprise M4555 MFP CE503A, CE504A, CE738A 2305083_000222 (or higher)
HP Color LaserJet CM4540 MFP CC419A, CC420A, CC421A 2305083_000206 (or higher)
HP LaserJet Enterprise M604 E6B67A, E6B68A 2305076_518485 (or higher)
HP LaserJet Enterprise M605 E6B69A, E6B70A. E6B71A 2305076_518485 (or higher)
HP LaserJet Enterprise M606 E6B72A, E6B73A 2305076_518485 (or higher)
HP LaserJet Enterprise M806 CZ244A, CZ245A 2305081_000143 (or higher)
HP LaserJet Enterprise MFP M630 J7X28A 2305076_518483 (or higher)
HP LaserJet Enterprise MFP M725 CF066A, CF067A, CF068A, CF069A 2305076_518496 (or higher)
HP Scanjet Enterprise 8500FN1 Document Capture Workstation L2717A 2305076_518479 (or higher)
HP OfficeJet Enterprise Color X555 C2S11A, C2S12A 2305076_518491 (or higher)
HP OfficeJet Enterprise Color MFP X585 B5L04A, B5L05A,B5L07A 2305076_518486 (or higher)
HP LaserJet P3005 Q7812A 02.190.3 (or higher)
HP Color LaserJet CP3505 CB442A 03.160.2 (or higher)
HP LaserJet 5200L Q7543A 08.241.0 (or higher)
HP LaserJet 5200N Q7543A 08.241.0 (or higher)
HP LaserJet 4240 Q7785A 08.250.2 (or higher)
HP LaserJet 4250 Q5400A 08.250.2 (or higher)
HP LaserJet 4350 Q5407A 08.250.2 (or higher)
HP LaserJet 9040 Q7697A 08.260.3 (or higher)
HP LaserJet 9050 Q7697A 08.260.3 (or higher)
HP LaserJet 9040 Multifunction Printer Q3721A 08.290.2 (or higher)
HP LaserJet 9050 Multifunction Printer Q3721A 08.290.2 (or higher)
HP 9200c Digital Sender Q5916A 09.271.3 (or higher)
HP LaserJet 4345 Multifunction Printer Q3942A 09.310.2 (or higher)
HP LaserJet P2055 Printer CE456A, CE457A, CE459A, CE460A, 20141201 (or higher)
HP Color LaserJet 3000 Q7534A 46.080.2 (or higher)
HP Color LaserJet 3800 Q5981A 46.080.8 (or higher)
HP Color LaserJet 4700 Q7492A 46.230.6 (or higher)
HP Color LaserJet CP4005 CB503A 46.230.6 (or higher)
HP Color LaserJet 4730 Multifunction Printer Q7517A 46.380.3 (or higher)
HP LaserJet Pro 200 color Printer M251n, nw CF146A, CF147A 20150112 (or higher)
HP LaserJet Pro 500 color MFP M570dn, dw CZ271A, CZ272A 20150112 (or higher)
HP LaserJet Pro M521dn, dw MFP A8P79A, A8P80A 20150112 (or higher)
HP Color LaserJet Pro MFP M476dn, dw, nw CF385A, CF386A, CF387A 20150112 (or higher)
HP LaserJet Pro 400 MFP M425dn, dw CF286A, CF28A 20150112 (or higher)
HP LaserJet Pro 200 color MFP M276n, nw CF144A, CF145A 20150112 (or higher)
HP LaserJet Pro 400 M401a, d, dn, dne, dw, n CF270A, CF274A, CF278A, CF399A, CF285A, CZ195A 20150112 (or higher)
HP LaserJet Pro P1566 Printer CE663A, CE749A 20150116 (or higher)
HP LaserJet Pro 300 Color MFP M375nw CE903A 20150126 (or higher)
HP LaserJet Pro 400 Color MFP M475dn, dw CE863A, CE864A 20150126 (or higher)
HP TopShot LaserJet Pro M275 MFP CF040A 20150126 (or higher)
HP LaserJet 300 color M351a CE955A 20150126 (or higher)
HP LaserJet 400 color M451dn, dw, nw CE956A, CE957A, CE958A 20150126 (or higher)
HP LaserJet Pro MFP M125a CZ172A 20150214 (or higher)
HP LaserJet Pro MFP M126a CZ174A 20150215 (or higher)
HP LaserJet Pro MFP M125nw CZ173A 20150228 (or higher)
HP LaserJet Pro MFP M126nw CZ175A 20150228 (or higher)
HP LaserJet Pro MFP M127fn, fw CZ181A, CZ183A 20150228 (or higher)
HP LaserJet Pro MFP M128fn, fp, fw CZ184A, CZ185A, CZ186A 20150228 (or higher)
HP Color LaserJet Pro MFP M176n, fw CF547A, CZ165A 20150228 (or higher)
HP LaserJet Pro P1102, w CE651A, CE657A 20150313 (or higher)
HP LaserJet Pro P1106 CE653A 20150313 (or higher)
HP LaserJet Pro P1108 CE655A 20150313 (or higher)
LaserJet Pro M435nw MFP A3E42A 20150316 (or higher)
HP LaserJet Pro M701a, n B6S00A, B6S01A 20150316 (or higher)
HP LaserJet Pro M706n B6S02A 20150316 (or higher)
HP LaserJet Professional M1212nf MFP CE841A 20150405 (or higher)
HP LaserJet Professional M1213nf MFP CE845A 20150405 (or higher)
HP LaserJet Professional M1214nfh MFP CE843A 20150405 (or higher)
HP LaserJet Professional M1216nfh MFP CE842A 20150405 (or higher)
HP LaserJet Professional M1217nfw MFP CE844A 20150405 (or higher)
HP HotSpot LaserJet Pro M1218nfs MFP B4K88A 20150405 (or higher)
HP LaserJet Professional M1219nf MFP CE846A 20150405 (or higher)
HP LaserJet Pro CP1025, nw CE913A, CE914A, CF346A, CF346A 20150413 (or higher)
HP Officejet Pro X451dn Printer CN459A BNP1CN1502AR (or higher)
HP Officejet Pro X451dw Printer CN463A BWP1CN1502AR (or higher)
HP Officejet Pro X551dw Printer CV037A BZP1CN1502AR (or higher)
HP Officejet Pro X476dn MFP CN460A LNP1CN1502BR (or higher)
HP Officejet Pro X476dw MFP CN461A LWP1CN1502BR (or higher)
HP Officejet Pro X576dw MFP CN598A LZP1CN1502BR (or higher)
HP Officejet Pro 276dw MFP CR770A FRP1CN1517AR (or higher)
HP Officejet Pro 8610/15/16 e-All-in-One Printer A7F64A, D7Z36A, J5T77A FDP1CN1502AR (or higher)
HP Officejet Pro 8620/25 e-All-in-One Printer A7F65A, D7Z37A FDP1CN1502AR (or higher)
HP Officejet Pro 8630 e-All-in-One Printer A7F66A FDP1CN1502AR (or higher)
HP Jetdirect 620n EIO Card J7934G V29.26 (or higher)
HP Jetdirect ew2500 802.11b/g Wireless Print Server J8021A V41.16 (or higher)
HP Jetdirect 690n EIO Card J8007A V41.16 (or higher)
HP Jetdirect 635n EIO Card J7961G V41.16 (or higher)
HP Jetdirect 695n EIO Card J8024A V41.16 (or higher)
HP Jetdirect 640n EIO Card J8025A V45.35 (or higher)
HISTORY Version:1 (rev.1) - 26 June 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201410-1418", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.1.6" }, { "model": "enterprise linux server supplementary", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "database", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "11.2.0.4" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.2.5" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8q" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.2.4" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "7.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.3.2" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1h" }, { "model": "aix", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "6.1" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.3.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8f" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.0.10" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.0.12" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.3.3" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.0.5" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "20" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8l" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8w" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.1.7" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.1.5" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.0.2" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.1.3" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "5.1.3" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.1.8" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.1.9" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "5.1" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.0.6" }, { "model": "opensuse", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "12.3" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.1.3" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8s" }, { "model": "enterprise linux desktop supplementary", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "5.1.4" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.1.4" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "19" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0g" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8zb" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1e" }, { "model": "suse linux enterprise server", "scope": "eq", "trust": 1.0, "vendor": "novell", "version": "11.0" }, { "model": "mac os x", "scope": "lte", "trust": 1.0, "vendor": "apple", "version": "10.10.1" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8n" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.3.1" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "5.1.1" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1f" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "8.0" }, { "model": "suse linux enterprise server", "scope": "eq", "trust": 1.0, "vendor": "novell", "version": "12.0" }, { "model": "suse linux enterprise desktop", "scope": "eq", "trust": 1.0, "vendor": "novell", "version": "9.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1d" }, { "model": "mageia", "scope": "eq", "trust": 1.0, "vendor": "mageia", "version": "3.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8v" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8z" }, { "model": "aix", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "7.1" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.1.0" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.2.3" }, { "model": "enterprise linux server supplementary", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8b" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0k" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "opensuse", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "13.1" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0d" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0m" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.1.4" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.2.2" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "5.2.2" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1b" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.0.11" }, { "model": "aix", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "5.3" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8o" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8y" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8p" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.2.0" }, { "model": "suse linux enterprise desktop", "scope": "eq", "trust": 1.0, "vendor": "novell", "version": "11.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0i" }, { "model": "suse linux enterprise desktop", "scope": "eq", "trust": 1.0, "vendor": "novell", "version": "10.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8g" }, { "model": "suse linux enterprise desktop", "scope": "eq", "trust": 1.0, "vendor": "novell", "version": "12.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8c" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "21" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8u" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1" }, { "model": "suse linux enterprise software development kit", "scope": "eq", "trust": 1.0, "vendor": "novell", "version": "11.0" }, { "model": "enterprise linux workstation supplementary", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.1.5" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.0.1" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.0.4" }, { "model": "mageia", "scope": "eq", "trust": 1.0, "vendor": "mageia", "version": "4.0" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.0.3" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.1.1" }, { "model": "suse linux enterprise software development kit", "scope": "eq", "trust": 1.0, "vendor": "novell", "version": "12.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8r" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8k" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8x" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0n" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8a" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0h" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.1" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0j" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8m" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.0" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0b" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "6.1.2" }, { "model": "database", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "12.1.0.2" }, { "model": "enterprise linux server supplementary", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1a" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.0.13" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "5.2" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "5.1.2" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0c" }, { "model": "enterprise linux workstation supplementary", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "enterprise linux desktop supplementary", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.1.1" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.2.1" }, { "model": "vios", "scope": "eq", "trust": 1.0, "vendor": "ibm", "version": "2.2.3.4" }, { "model": "netbsd", "scope": "eq", "trust": 1.0, "vendor": "netbsd", "version": "5.2.1" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.1i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "1.0.0l" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8t" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8j" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.8za" } ], "sources": [ { "db": "NVD", "id": "CVE-2014-3566" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.10.1", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.1.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.1.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2014-3566" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "HP", "sources": [ { "db": "PACKETSTORM", "id": "129426" }, { "db": "PACKETSTORM", "id": "133368" }, { "db": "PACKETSTORM", "id": "130644" }, { "db": "PACKETSTORM", "id": "131011" }, { "db": "PACKETSTORM", "id": "130334" }, { "db": "PACKETSTORM", "id": "130817" }, { "db": "PACKETSTORM", "id": "136577" }, { "db": "PACKETSTORM", "id": "129401" }, { "db": "PACKETSTORM", "id": "132469" } ], "trust": 0.9 }, "cve": "CVE-2014-3566", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-71506", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 3.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "exploitabilityScore": 1.6, "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1" } ], "severity": [ { "author": "NVD", "id": "CVE-2014-3566", "trust": 1.0, "value": "LOW" }, { "author": "VULHUB", "id": "VHN-71506", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-71506" }, { "db": "NVD", "id": "CVE-2014-3566" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. There is a security vulnerability in the SSL protocol 3.0 version used in OpenSSL 1.0.1i and earlier versions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-10-16-4 OS X Server v3.2.2\n\nOS X Server v3.2.2 is now available and addresses the following:\n\nServer\nAvailable for: OS X Mavericks v10.9.5 or later\nImpact: An attacker may be able to decrypt data protected by SSL\nDescription: There are known attacks on the confidentiality of SSL\n3.0 when a cipher suite uses a block cipher in CBC mode. An attacker\ncould force the use of SSL 3.0, even when the server would support a\nbetter TLS version, by blocking TLS 1.0 and higher connection\nattempts. This issue was addressed by disabling SSL 3.0 support in\nWeb Server, Calendar \u0026 Contacts Server, and Remote Administration. \nCVE-ID\nCVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of\nGoogle Security Team\n\n\nOS X Server v3.2.2 may be obtained from the Mac App Store. \nHP Storage Data Protector Cell Manager v8 before v8.13_206 and v9 before\nv9.03MMR running on HP-UX 11i, Windows Server 2008/2008R2/2012/2012R2,\nRedhat, CentOS, Oracle Linux, and SUSE Linux_x64. ============================================================================\nUbuntu Security Notice USN-2486-1\nJanuary 27, 2015\n\nopenjdk-6 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK 6. \n\nSoftware Description:\n- openjdk-6: Open Source Java implementation\n\nDetails:\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure, data integrity and availability. An attacker could exploit these to expose sensitive\ndata over the network. An attacker could exploit this to\nexpose sensitive data over the network. (CVE-2014-6593)\n\nA vulnerability was discovered in the OpenJDK JRE related to integrity and\navailability. \n(CVE-2015-0383)\n\nA vulnerability was discovered in the OpenJDK JRE related to availability. \n(CVE-2015-0410)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.12.04.1\n icedtea-6-jre-jamvm 6b34-1.13.6-1ubuntu0.12.04.1\n openjdk-6-jre 6b34-1.13.6-1ubuntu0.12.04.1\n openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.12.04.1\n openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.12.04.1\n openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.12.04.1\n\nUbuntu 10.04 LTS:\n icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.10.04.1\n openjdk-6-jre 6b34-1.13.6-1ubuntu0.10.04.1\n openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.10.04.1\n openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.10.04.1\n openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.10.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. After a standard system update you need to restart any Java\napplications or applets to make all the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2486-1\n CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591,\n CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395,\n CVE-2015-0400, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410,\n CVE-2015-0412\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.12.04.1\n https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.10.04.1\n. A second vulnerability could be exploited remotely\nto cause a Denial of Service (DoS). \n\nContact vcemsdksupportteam@hp.com to request the HP Virtual Connect\nEnterprise Manager SDK v7.4.1 or later. The\nvulnerabilities may lead to remote disclosure of information. \n\nThe update is available from HPE Software Depot: https://h20392.www2.hpe.com/\nportal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com\n\nNote: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade\nto OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported\nthrough March 28, 2016. \n\nSSLv3 is enabled by default in all version 5 HP Insight Remote Support\nClients. HP recommends that customers, if possible, should\nmigrate to Insight Remote Support Version 7.2 which has been updated with a\npreliminary resolution to the vulnerability. This bulletin will be revised\nwhen the final resolution update is available. \n\n Please refer to the following Insight Remote Support Version 7.2 documents\nfor recommendations on migrating to Insight Remote Support Version 7.2:\n\n http://www.hp.com/go/insightremotesupport/docs\n\n HP Insight Remote Support 7.2 Upgrade Guide\n HP Insight Remote Support 7.2 Release Notes\n\nHISTORY\nVersion:1 (rev.1) - 5 December 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-14:23.openssl Security Advisory\n The FreeBSD Project\n\nTopic: OpenSSL multiple vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2014-10-21\nAffects: All supported versions of FreeBSD. \nCorrected: 2014-10-15 19:59:43 UTC (stable/10, 10.1-PRERELEASE)\n 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC3)\n 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC2-p1)\n 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-RC1-p1)\n 2014-10-21 19:00:32 UTC (releng/10.1, 10.1-BETA3-p1)\n 2014-10-21 20:21:10 UTC (releng/10.0, 10.0-RELEASE-p10)\n 2014-10-15 20:28:31 UTC (stable/9, 9.3-STABLE)\n 2014-10-21 20:21:10 UTC (releng/9.3, 9.3-RELEASE-p3)\n 2014-10-21 20:21:10 UTC (releng/9.2, 9.2-RELEASE-p13)\n 2014-10-21 20:21:10 UTC (releng/9.1, 9.1-RELEASE-p20)\n 2014-10-15 20:28:31 UTC (stable/8, 8.4-STABLE)\n 2014-10-21 20:21:27 UTC (releng/8.4, 8.4-RELEASE-p17)\nCVE Name: CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nI. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. Problem Description\n\nA flaw in the DTLS SRTP extension parsing code allows an attacker, who\nsends a carefully crafted handshake message, to cause OpenSSL to fail\nto free up to 64k of memory causing a memory leak. [CVE-2014-3513]. \n\nWhen an OpenSSL SSL/TLS/DTLS server receives a session ticket the\nintegrity of that ticket is first verified. In the event of a session\nticket integrity check failing, OpenSSL will fail to free memory\ncausing a memory leak. [CVE-2014-3567]. This\nprotocol weakness makes it possible for an attacker to obtain clear text\ndata through a padding-oracle attack. \n\nSome client applications (such as browsers) will reconnect using a\ndowngraded protocol to work around interoperability bugs in older\nservers. This could be exploited by an active man-in-the-middle to\ndowngrade connections to SSL 3.0 even if both sides of the connection\nsupport higher protocols. SSL 3.0 contains a number of weaknesses\nincluding POODLE [CVE-2014-3566]. \n\nOpenSSL has added support for TLS_FALLBACK_SCSV to allow applications\nto block the ability for a MITM attacker to force a protocol downgrade. \n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers\ncould accept and complete a SSL 3.0 handshake, and clients could be\nconfigured to send them. [CVE-2014-3568]. \n\nIII. Impact\n\nA remote attacker can cause Denial of Service with OpenSSL 1.0.1\nserver implementations for both SSL/TLS and DTLS regardless of\nwhether SRTP is used or configured. [CVE-2014-3513]\n\nBy sending a large number of invalid session tickets an attacker\ncould exploit this issue in a Denial Of Service attack. \n[CVE-2014-3567]. \n\nAn active man-in-the-middle attacker can force a protocol downgrade\nto SSLv3 and exploit the weakness of SSLv3 to obtain clear text data\nfrom the connection. [CVE-2014-3566] [CVE-2014-3568]\n\nIV. Workaround\n\nNo workaround is available. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.0]\n# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-10.0.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-10.0.patch.asc\n# gpg --verify openssl-10.0.patch.asc\n\n[FreeBSD 9.3]\n# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-9.3.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-9.3.patch.asc\n# gpg --verify openssl-9.3.patch.asc\n\n[FreeBSD 8.4, 9.1 and 9.2]\n# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-8.4.patch\n# fetch http://security.FreeBSD.org/patches/SA-14:23/openssl-8.4.patch.asc\n# gpg --verify openssl-8.4.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:http://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart all deamons using the library, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r273151\nreleng/8.4/ r273416\nstable/9/ r273151\nreleng/9.1/ r273415\nreleng/9.2/ r273415\nreleng/9.3/ r273415\nstable/10/ r273149\nreleng/10.0/ r273415\nreleng/10.1/ r273399\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:http://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\u003e\n\n\u003cURL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\u003e\n\n\u003cURL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\u003e\n\n\u003cURL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:http://security.FreeBSD.org/advisories/FreeBSD-SA-14:23.openssl.asc\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIcBAEBAgAGBQJURsSwAAoJEO1n7NZdz2rn3ekQANG9DnAGJq/yAXXtX4wdeP08\nEp35L3dkxJsthoqJhn7fc/pra5SZ5iS7NCRHdh5Xn1dsxRiOsffYt9zanWyTOgj+\nRQy9jiNp0oIWQEkxZVoHMIKn6VeQk1I2llSXyERANjeDtKX6GV2gV+Zd4tcExW4T\nNn9jVHgkDL/doxJ3C1K0BrkdoEEwyPohAf8WLAg6ZKRm3Pys1Ewjm6fPBPtKUIEu\nzWFruP5xFz3rM6i/4zcihj7b4BuIKtUBgHf28rgf0I3TKZTr75Xr9h4q/8ZG4H0G\nLk/1OoZTiMyjlBLufpTlCOdODjz7ORzDLif47Zyt52iZowq1hl4WO7Xo/C/kPUmG\no631wsLmO9tPS2Z0TmIQm1fwjlTvIZefZAlMpa1lDwnwZx2hRsu9TzauACdSbuWx\n9i+e8/CSMEsr0qJo8KXjltpV9siULhkvl9xr3PwxMfvHFjGUAuur2zHUoTQZTpy0\nnKJJXSs3kIW/4ivLMDuDYijdVnf4hrih6GTKEND6aNXtyXitiFK8J4a/q0T4BBnh\n89A2QUFVeeDPmf7jzMh824s8W2uoPFGJqHgdtqv1bLT29rqh5ya/5zi7sci6Q/Mk\nov0U8X3Pwun7iwJDeYG6N38lUSdMqImHR12Ay7pOY04i4qau4Yf8B26lwcMk/HrU\ncZ84y1sCp0qHtTqKuak9\n=ywze\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04720842\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04720842\nVersion: 1\n\nHPSBPI03107 rev.1 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and\nMFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of\nInformation\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-06-26\nLast Updated: 2015-06-26\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with certain HP\nLaserJet Printers and MFPs, certain HP OfficeJet Printers and MFPs, and\ncertain HP JetDirect Networking cards using OpenSSL. This is the SSLv3\nvulnerability known as \"Padding Oracle on Downgraded Legacy Encryption\" or\n\"POODLE\", which could be exploited remotely to allow disclosure of\ninformation. \n\nReferences:\n\nCVE-2014-3566 (SSRT101114)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nPlease refer to the RESOLUTION\n below for a list of impacted products. \n\nNote: all product versions are impacted prior to the fixed versions listed. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nHP has provided firmware updates for impacted printers as in the table below. \nTo obtain the updated firmware, go to www.hp.com and follow these steps:\n\nSelect \"Drivers \u0026 Software\". \nEnter the appropriate product name listed in the table below into the search\nfield. \nClick on \"Search\". \nClick on the appropriate product. \nUnder \"Select operating system\" click on \"Cross operating system (BIOS,\nFirmware, Diagnostics, etc.)\"\nNote: If the \"Cross operating system ...\" link is not present, select\napplicable Windows operating system from the list. \nSelect the appropriate firmware update under \"Firmware\". \n\nFirmware Updates Table\n\nProduct Name\n Model Number\n Firmware Revision\n\nHP Color LaserJet CP5525\n CE707A,CE708A,CE709A\n 2305081_000127 (or higher)\n\nHP Color LaserJet Enterprise M552\n B5L23A\n 2305076_518484 (or higher)\n\nHP Color LaserJet Enterprise M553\n B5L24A, B5L25A, B5L26A\n 2305076_518484 (or higher)\n\nHP Color LaserJet Enterprise M651\n CZ255A, CZ256A, CZ257A, CZ258A\n 2305076_518492 (or higher)\n\nHP Color LaserJet Enterprise M750\n D3L08A, D3L09A, D3L10A\n 2305081_000144 (or higher)\n\nHP Color LaserJet M680\n CZ250A, CA251A\n 2305076_518489 (or higher)\n\nHP LaserJet Enterprise 500 color MFP M575dn\n CD644A, CD645A\n 2305076_518499 (or higher)\n\nHP LaserJet Enterprise 500 MFP M525f\n CF116A, CF117A\n 2305076_518487 (or higher)\n\nHP LaserJet Enterprise 600 M601\n CE989A, CE990A\n 2305083_000199 (or higher)\n\nHP LaserJet Enterprise 600 M602\n CE991A, CE992A, CE993A\n 2305083_000199 (or higher)\n\nHP LaserJet Enterprise 600 M603xh\n CE994A, CE995A, CE996A\n 2305083_000199 (or higher)\n\nHP LaserJet Enterprise 700 color MFP M775 series\n CC522A, CC523A, CC524A\n 2305076_518498 (or higher)\n\nHP LaserJet Enterprise 700 M712xh\n CF235A, CF236A, CF238A\n 2305083_000196 (or higher)\n\nHP LaserJet Enterprise 800 color M855\n A2W77A, A2W78A, A2W79A\n 2305076_518493 (or higher)\n\nHP LaserJet Enterprise 800 color MFP M880\n A2W76A, A2W75A, D7P70A, D7P71A\n 2305076_518488 (or higher)\n\nHP LaserJet Enterprise Color 500 M551 Series\n CF081A,CF082A,CF083A\n 2305083_000200 (or higher)\n\nHP LaserJet Enterprise Color flow MFP M575c\n CD646A\n 2305076_518499 (or higher)\n\nHP LaserJet Enterprise flow M830z MFP\n CF367A\n 2305076_518490 (or higher)\n\nHP LaserJet Enterprise flow MFP M525c\n CF118A\n 2305076_518487 (or higher)\n\nHP LaserJet Enterprise Flow MFP M630z\n B3G85A\n 2305076_518483 (or higher)\n\nHP LaserJet Enterprise M4555 MFP\n CE503A, CE504A, CE738A\n 2305083_000222 (or higher)\n\nHP Color LaserJet CM4540 MFP\n CC419A, CC420A, CC421A\n 2305083_000206 (or higher)\n\nHP LaserJet Enterprise M604\n E6B67A, E6B68A\n 2305076_518485 (or higher)\n\nHP LaserJet Enterprise M605\n E6B69A, E6B70A. E6B71A\n 2305076_518485 (or higher)\n\nHP LaserJet Enterprise M606\n E6B72A, E6B73A\n 2305076_518485 (or higher)\n\nHP LaserJet Enterprise M806\n CZ244A, CZ245A\n 2305081_000143 (or higher)\n\nHP LaserJet Enterprise MFP M630\n J7X28A\n 2305076_518483 (or higher)\n\nHP LaserJet Enterprise MFP M725\n CF066A, CF067A, CF068A, CF069A\n 2305076_518496 (or higher)\n\nHP Scanjet Enterprise 8500FN1 Document Capture Workstation\n L2717A\n 2305076_518479 (or higher)\n\nHP OfficeJet Enterprise Color X555\n C2S11A, C2S12A\n 2305076_518491 (or higher)\n\nHP OfficeJet Enterprise Color MFP X585\n B5L04A, B5L05A,B5L07A\n 2305076_518486 (or higher)\n\nHP LaserJet P3005\n Q7812A\n 02.190.3 (or higher)\n\nHP Color LaserJet CP3505\n CB442A\n 03.160.2 (or higher)\n\nHP LaserJet 5200L\n Q7543A\n 08.241.0 (or higher)\n\nHP LaserJet 5200N\n Q7543A\n 08.241.0 (or higher)\n\nHP LaserJet 4240\n Q7785A\n 08.250.2 (or higher)\n\nHP LaserJet 4250\n Q5400A\n 08.250.2 (or higher)\n\nHP LaserJet 4350\n Q5407A\n 08.250.2 (or higher)\n\nHP LaserJet 9040\n Q7697A\n 08.260.3 (or higher)\n\nHP LaserJet 9050\n Q7697A\n 08.260.3 (or higher)\n\nHP LaserJet 9040 Multifunction Printer\n Q3721A\n 08.290.2 (or higher)\n\nHP LaserJet 9050 Multifunction Printer\n Q3721A\n 08.290.2 (or higher)\n\nHP 9200c Digital Sender\n Q5916A\n 09.271.3 (or higher)\n\nHP LaserJet 4345 Multifunction Printer\n Q3942A\n 09.310.2 (or higher)\n\nHP LaserJet P2055 Printer\n CE456A, CE457A, CE459A, CE460A,\n 20141201 (or higher)\n\nHP Color LaserJet 3000\n Q7534A\n 46.080.2 (or higher)\n\nHP Color LaserJet 3800\n Q5981A\n 46.080.8 (or higher)\n\nHP Color LaserJet 4700\n Q7492A\n 46.230.6 (or higher)\n\nHP Color LaserJet CP4005\n CB503A\n 46.230.6 (or higher)\n\nHP Color LaserJet 4730 Multifunction Printer\n Q7517A\n 46.380.3 (or higher)\n\nHP LaserJet Pro 200 color Printer M251n, nw\n CF146A, CF147A\n 20150112 (or higher)\n\nHP LaserJet Pro 500 color MFP M570dn, dw\n CZ271A, CZ272A\n 20150112 (or higher)\n\nHP LaserJet Pro M521dn, dw MFP\n A8P79A, A8P80A\n 20150112 (or higher)\n\nHP Color LaserJet Pro MFP M476dn, dw, nw\n CF385A, CF386A, CF387A\n 20150112 (or higher)\n\nHP LaserJet Pro 400 MFP M425dn, dw\n CF286A, CF28A\n 20150112 (or higher)\n\nHP LaserJet Pro 200 color MFP M276n, nw\n CF144A, CF145A\n 20150112 (or higher)\n\nHP LaserJet Pro 400 M401a, d, dn, dne, dw, n\n CF270A, CF274A, CF278A, CF399A, CF285A, CZ195A\n 20150112 (or higher)\n\nHP LaserJet Pro P1566 Printer\n CE663A, CE749A\n 20150116 (or higher)\n\nHP LaserJet Pro 300 Color MFP M375nw\n CE903A\n 20150126 (or higher)\n\nHP LaserJet Pro 400 Color MFP M475dn, dw\n CE863A, CE864A\n 20150126 (or higher)\n\nHP TopShot LaserJet Pro M275 MFP\n CF040A\n 20150126 (or higher)\n\nHP LaserJet 300 color M351a\n CE955A\n 20150126 (or higher)\n\nHP LaserJet 400 color M451dn, dw, nw\n CE956A, CE957A, CE958A\n 20150126 (or higher)\n\nHP LaserJet Pro MFP M125a\n CZ172A\n 20150214 (or higher)\n\nHP LaserJet Pro MFP M126a\n CZ174A\n 20150215 (or higher)\n\nHP LaserJet Pro MFP M125nw\n CZ173A\n 20150228 (or higher)\n\nHP LaserJet Pro MFP M126nw\n CZ175A\n 20150228 (or higher)\n\nHP LaserJet Pro MFP M127fn, fw\n CZ181A, CZ183A\n 20150228 (or higher)\n\nHP LaserJet Pro MFP M128fn, fp, fw\n CZ184A, CZ185A, CZ186A\n 20150228 (or higher)\n\nHP Color LaserJet Pro MFP M176n, fw\n CF547A, CZ165A\n 20150228 (or higher)\n\nHP LaserJet Pro P1102, w\n CE651A, CE657A\n 20150313 (or higher)\n\nHP LaserJet Pro P1106\n CE653A\n 20150313 (or higher)\n\nHP LaserJet Pro P1108\n CE655A\n 20150313 (or higher)\n\nLaserJet Pro M435nw MFP\n A3E42A\n 20150316 (or higher)\n\nHP LaserJet Pro M701a, n\n B6S00A, B6S01A\n 20150316 (or higher)\n\nHP LaserJet Pro M706n\n B6S02A\n 20150316 (or higher)\n\nHP LaserJet Professional M1212nf MFP\n CE841A\n 20150405 (or higher)\n\nHP LaserJet Professional M1213nf MFP\n CE845A\n 20150405 (or higher)\n\nHP LaserJet Professional M1214nfh MFP\n CE843A\n 20150405 (or higher)\n\nHP LaserJet Professional M1216nfh MFP\n CE842A\n 20150405 (or higher)\n\nHP LaserJet Professional M1217nfw MFP\n CE844A\n 20150405 (or higher)\n\nHP HotSpot LaserJet Pro M1218nfs MFP\n B4K88A\n 20150405 (or higher)\n\nHP LaserJet Professional M1219nf MFP\n CE846A\n 20150405 (or higher)\n\nHP LaserJet Pro CP1025, nw\n CE913A, CE914A, CF346A, CF346A\n 20150413 (or higher)\n\nHP Officejet Pro X451dn Printer\n CN459A\n BNP1CN1502AR (or higher)\n\nHP Officejet Pro X451dw Printer\n CN463A\n BWP1CN1502AR (or higher)\n\nHP Officejet Pro X551dw Printer\n CV037A\n BZP1CN1502AR (or higher)\n\nHP Officejet Pro X476dn MFP\n CN460A\n LNP1CN1502BR (or higher)\n\nHP Officejet Pro X476dw MFP\n CN461A\n LWP1CN1502BR (or higher)\n\nHP Officejet Pro X576dw MFP\n CN598A\n LZP1CN1502BR (or higher)\n\nHP Officejet Pro 276dw MFP\n CR770A\n FRP1CN1517AR (or higher)\n\nHP Officejet Pro 8610/15/16 e-All-in-One Printer\n A7F64A, D7Z36A, J5T77A\n FDP1CN1502AR (or higher)\n\nHP Officejet Pro 8620/25 e-All-in-One Printer\n A7F65A, D7Z37A\n FDP1CN1502AR (or higher)\n\nHP Officejet Pro 8630 e-All-in-One Printer\n A7F66A\n FDP1CN1502AR (or higher)\n\nHP Jetdirect 620n EIO Card\n J7934G\n V29.26 (or higher)\n\nHP Jetdirect ew2500 802.11b/g Wireless Print Server\n J8021A\n V41.16 (or higher)\n\nHP Jetdirect 690n EIO Card\n J8007A\n V41.16 (or higher)\n\nHP Jetdirect 635n EIO Card\n J7961G\n V41.16 (or higher)\n\nHP Jetdirect 695n EIO Card\n J8024A\n V41.16 (or higher)\n\nHP Jetdirect 640n EIO Card\n J8025A\n V45.35 (or higher)\n\nHISTORY\nVersion:1 (rev.1) - 26 June 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners", "sources": [ { "db": "NVD", "id": "CVE-2014-3566" }, { "db": "VULHUB", "id": "VHN-71506" }, { "db": "PACKETSTORM", "id": "128732" }, { "db": "PACKETSTORM", "id": "129426" }, { "db": "PACKETSTORM", "id": "133368" }, { "db": "PACKETSTORM", "id": "130644" }, { "db": "PACKETSTORM", "id": "131011" }, { "db": "PACKETSTORM", "id": "130125" }, { "db": "PACKETSTORM", "id": "130334" }, { "db": "PACKETSTORM", "id": "130817" }, { "db": "PACKETSTORM", "id": "136577" }, { "db": "PACKETSTORM", "id": "129401" }, { "db": "PACKETSTORM", "id": "128808" }, { "db": "PACKETSTORM", "id": "132469" } ], "trust": 2.07 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-71506", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-71506" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-3566", "trust": 2.3 }, { "db": "ICS CERT", "id": "ICSMA-18-058-02", "trust": 1.1 }, { "db": "SECUNIA", "id": "61130", "trust": 1.1 }, { "db": "SECUNIA", "id": "61995", "trust": 1.1 }, { "db": "SECUNIA", "id": "60792", "trust": 1.1 }, { "db": "SECUNIA", "id": "61019", "trust": 1.1 }, { "db": "SECUNIA", "id": "61316", "trust": 1.1 }, { "db": "SECUNIA", "id": "61827", "trust": 1.1 }, { "db": "SECUNIA", "id": "61782", "trust": 1.1 }, { "db": "SECUNIA", "id": "60056", "trust": 1.1 }, { "db": "SECUNIA", "id": "61810", "trust": 1.1 }, { "db": "SECUNIA", "id": "61819", "trust": 1.1 }, { "db": "SECUNIA", "id": "61825", "trust": 1.1 }, { "db": "SECUNIA", "id": "60206", "trust": 1.1 }, { "db": "SECUNIA", "id": "61303", "trust": 1.1 }, { "db": "SECUNIA", "id": "61359", "trust": 1.1 }, { "db": "SECUNIA", "id": "61345", "trust": 1.1 }, { "db": "SECUNIA", "id": "59627", "trust": 1.1 }, { "db": "SECUNIA", "id": "60859", "trust": 1.1 }, { "db": "SECUNIA", "id": "61926", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031120", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031106", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031124", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031091", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031095", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031088", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031093", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031105", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031094", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031087", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031090", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031107", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031132", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031085", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031039", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031096", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031131", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031029", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031123", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031086", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031130", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031092", "trust": 1.1 }, { "db": "SECTRACK", "id": "1031089", "trust": 1.1 }, { "db": "USCERT", "id": "TA14-290A", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10091", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10104", "trust": 1.1 }, { "db": "MCAFEE", "id": "SB10090", "trust": 1.1 }, { "db": "CERT/CC", "id": "VU#577193", "trust": 1.1 }, { "db": "JUNIPER", "id": "JSA10705", "trust": 1.1 }, { "db": "BID", "id": "70574", "trust": 1.1 }, { "db": "PACKETSTORM", "id": "132469", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "131011", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "130125", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "128732", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "136577", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "129401", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "130334", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "133368", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "130817", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "129426", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "131009", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130184", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "131051", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128838", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130217", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130296", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129150", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132084", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132573", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "131354", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128969", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128669", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128866", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129265", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129217", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "136599", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133640", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129263", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128921", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129614", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130759", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129065", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "139063", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129266", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128863", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130332", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128730", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130298", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "131690", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128770", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132641", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128733", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130816", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129528", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130052", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129294", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132470", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133836", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129242", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130304", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130549", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129427", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130085", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "131008", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "137652", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129071", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130046", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "135908", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130086", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128769", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130141", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "131535", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130181", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132942", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130070", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129318", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "132965", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "131790", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130818", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128771", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130050", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133600", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130072", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129120", "trust": 0.1 }, { "db": "CNNVD", "id": "CNNVD-201410-267", "trust": 0.1 }, { "db": "SEEBUG", "id": "SSVID-92692", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-71506", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130644", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "128808", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-71506" }, { "db": "PACKETSTORM", "id": "128732" }, { "db": "PACKETSTORM", "id": "129426" }, { "db": "PACKETSTORM", "id": "133368" }, { "db": "PACKETSTORM", "id": "130644" }, { "db": "PACKETSTORM", "id": "131011" }, { "db": "PACKETSTORM", "id": "130125" }, { "db": "PACKETSTORM", "id": "130334" }, { "db": "PACKETSTORM", "id": "130817" }, { "db": "PACKETSTORM", "id": "136577" }, { "db": "PACKETSTORM", "id": "129401" }, { "db": "PACKETSTORM", "id": "128808" }, { "db": "PACKETSTORM", "id": "132469" }, { "db": "NVD", "id": "CVE-2014-3566" } ] }, "id": "VAR-201410-1418", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-71506" } ], "trust": 0.01 }, "last_update_date": "2024-07-23T20:21:29.859000Z", "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-310", "trust": 1.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-71506" }, { "db": "NVD", "id": "CVE-2014-3566" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.2, "url": "http://www.ubuntu.com/usn/usn-2486-1" }, { "trust": 1.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031029" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031039" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031085" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031086" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031087" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031088" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031089" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031090" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031091" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031092" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031093" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031094" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031095" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031096" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031105" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031106" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031107" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031120" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031123" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031124" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031130" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031131" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1031132" }, { "trust": 1.1, "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141015-poodle" }, { "trust": 1.1, "url": "http://secunia.com/advisories/59627" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60056" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60206" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60792" }, { "trust": 1.1, "url": "http://secunia.com/advisories/60859" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61019" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61130" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61303" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61316" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61345" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61359" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61782" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61810" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61819" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61825" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61827" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61926" }, { "trust": 1.1, "url": "http://secunia.com/advisories/61995" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/70574" }, { "trust": 1.1, "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" }, { "trust": 1.1, "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/533747" }, { "trust": 1.1, "url": "http://www.securityfocus.com/archive/1/533746" }, { "trust": 1.1, "url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00003.html" }, { "trust": 1.1, "url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html" }, { "trust": 1.1, "url": "http://www.debian.org/security/2014/dsa-3053" }, { "trust": 1.1, "url": "http://www.debian.org/security/2015/dsa-3144" }, { "trust": 1.1, "url": "http://www.debian.org/security/2015/dsa-3147" }, { "trust": 1.1, "url": "http://www.debian.org/security/2015/dsa-3253" }, { "trust": 1.1, "url": "http://www.debian.org/security/2016/dsa-3489" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-november/142330.html" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141158.html" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141114.html" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169374.html" }, { "trust": 1.1, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169361.html" }, { "trust": 1.1, "url": "https://security.gentoo.org/glsa/201507-14" }, { "trust": 1.1, "url": "https://security.gentoo.org/glsa/201606-11" }, { "trust": 1.1, "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04583581" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:203" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062" }, { "trust": 1.1, "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-015.txt.asc" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1652.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1653.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1692.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1876.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1877.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1880.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1881.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1882.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1920.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2014-1948.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-0068.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-0079.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-0080.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-0085.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-0086.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-0264.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-0698.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-1545.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2015-1546.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html" }, { "trust": 1.1, "url": "http://www.us-cert.gov/ncas/alerts/ta14-290a" }, { "trust": 1.1, "url": "http://www.ubuntu.com/usn/usn-2487-1" }, { "trust": 1.1, "url": "http://www.kb.cert.org/vuls/id/577193" }, { "trust": 1.1, "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3ccommits.cxf.apache.org%3e" }, { "trust": 1.1, "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3ccommits.cxf.apache.org%3e" }, { "trust": 1.1, "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3ccommits.cxf.apache.org%3e" }, { "trust": 1.1, "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3ccommits.cxf.apache.org%3e" }, { "trust": 1.1, "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3ccommits.cxf.apache.org%3e" }, { "trust": 1.1, "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3ccommits.cxf.apache.org%3e" }, { "trust": 1.1, "url": "http://advisories.mageia.org/mgasa-2014-0416.html" }, { "trust": 1.1, "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc" }, { "trust": 1.1, "url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566" }, { "trust": 1.1, "url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html" }, { "trust": 1.1, "url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/" }, { "trust": 1.1, "url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx" }, { "trust": 1.1, "url": "http://docs.ipswitch.com/moveit/dmz82/releasenotes/moveitreleasenotes82.pdf" }, { "trust": 1.1, "url": "http://downloads.asterisk.org/pub/security/ast-2014-011.html" }, { "trust": 1.1, "url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html" }, { "trust": 1.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04779034" }, { "trust": 1.1, "url": "http://people.canonical.com/~ubuntu-security/cve/2014/cve-2014-3566.html" }, { "trust": 1.1, "url": "http://support.apple.com/ht204244" }, { "trust": 1.1, "url": "http://support.citrix.com/article/ctx200238" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021431" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021439" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283" }, { "trust": 1.1, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "trust": 1.1, "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" }, { "trust": 1.1, "url": "http://www.vmware.com/security/advisories/vmsa-2015-0003.html" }, { "trust": 1.1, "url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0" }, { "trust": 1.1, "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm" }, { "trust": 1.1, "url": "https://access.redhat.com/articles/1232123" }, { "trust": 1.1, "url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/" }, { "trust": 1.1, "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6" }, { "trust": 1.1, "url": "https://bto.bluecoat.com/security-advisory/sa83" }, { "trust": 1.1, "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983" }, { "trust": 1.1, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789" }, { "trust": 1.1, "url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip" }, { "trust": 1.1, "url": "https://github.com/mpgn/poodle-poc" }, { "trust": 1.1, "url": "https://groups.google.com/forum/#%21topic/docker-user/oym0i3xshju" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05068681" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05157667" }, { "trust": 1.1, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-058-02" }, { "trust": 1.1, "url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability" }, { "trust": 1.1, "url": "https://security.netapp.com/advisory/ntap-20141015-0001/" }, { "trust": 1.1, "url": "https://support.apple.com/ht205217" }, { "trust": 1.1, "url": "https://support.apple.com/kb/ht6527" }, { "trust": 1.1, "url": "https://support.apple.com/kb/ht6529" }, { "trust": 1.1, "url": "https://support.apple.com/kb/ht6531" }, { "trust": 1.1, "url": "https://support.apple.com/kb/ht6535" }, { "trust": 1.1, "url": "https://support.apple.com/kb/ht6536" }, { "trust": 1.1, "url": "https://support.apple.com/kb/ht6541" }, { "trust": 1.1, "url": "https://support.apple.com/kb/ht6542" }, { "trust": 1.1, "url": "https://support.citrix.com/article/ctx216642" }, { "trust": 1.1, "url": "https://support.lenovo.com/product_security/poodle" }, { "trust": 1.1, "url": "https://support.lenovo.com/us/en/product_security/poodle" }, { "trust": 1.1, "url": "https://technet.microsoft.com/library/security/3009008.aspx" }, { "trust": 1.1, "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165" }, { "trust": 1.1, "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7" }, { "trust": 1.1, "url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html" }, { "trust": 1.1, "url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html" }, { "trust": 1.1, "url": "https://www.elastic.co/blog/logstash-1-4-3-released" }, { "trust": 1.1, "url": "https://www.imperialviolet.org/2014/10/14/poodle.html" }, { "trust": 1.1, "url": "https://www.openssl.org/news/secadv_20141015.txt" }, { "trust": 1.1, "url": "https://www.openssl.org/~bodo/ssl-poodle.pdf" }, { "trust": 1.1, "url": "https://www.suse.com/support/kb/doc.php?id=7015773" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" }, { "trust": 1.0, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2" }, { "trust": 1.0, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10090" }, { "trust": 1.0, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10091" }, { "trust": 1.0, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10104" }, { "trust": 0.8, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.8, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.7, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.2, "url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-5139" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141577350823734\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141576815022399\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141620103726640\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141697638231025\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141703183219781\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141697676231104\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141775427104070\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141814011518700\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141715130023061\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141813976718456\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142118135300698\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142296755107581\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142354438527235\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142350743917559\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142350196615714\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142350298616097\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142357976805598\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142962817202793\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=143290371927178\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=144294141001552\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=145983526810210\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141450973807288\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142721887231400\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142660345230545\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142804214608580\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141450452204552\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141628688425177\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141577087123040\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141694355519663\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141879378918327\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=143290583027876\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=143628269912142\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=143039249603103\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142495837901899\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=143290522027658\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624719706349\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=143290437727362\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624590206005\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624679706236\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142740155824959\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142721830231196\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142791032306609\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=144101915224472\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142103967620673\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=143558137709884\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=143558192010071\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142805027510172\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142546741516006\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=144251162130364\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=141477196830952\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=143101048219218\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142496355704097\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=142607790919348\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=openssl-dev\u0026amp;m=141333049205629\u0026amp;w=2" }, { "trust": 0.1, "url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705" }, { "trust": 0.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10090" }, { "trust": 0.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10091" }, { "trust": 0.1, "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10104" }, { "trust": 0.1, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.1, "url": "http://gpgtools.org" }, { "trust": 0.1, "url": "http://support.apple.com/kb/ht1222" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "http://h20564.www2.hp.com/hpsc/swd/public/readindex?sp4ts.oid=5263732\u0026swlango" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6271" }, { "trust": 0.1, "url": "http://h20564.www2.hp.com/hpsc/swd/public/readindex?sp4ts.oid=5331223\u0026swlango" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-57ab6bb78b6e47a18718f44133" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-2557aa7dc1654cf6b547c1a9e4" }, { "trust": 0.1, "url": "http://www.hp.com/swpublishing/mtx-7b23e47d5d9b420b94bd1323eb" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6585" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.10.04.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0407" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6587" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0412" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6591" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0408" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0400" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.12.04.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0383" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6593" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6601" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0395" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0410" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n" }, { "trust": 0.1, "url": "http://www.hpe.com/support/security_bulletin_archive" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705" }, { "trust": 0.1, "url": "https://www.hpe.com" }, { "trust": 0.1, "url": "https://h20392.www2.hpe.com/" }, { "trust": 0.1, "url": "http://www.hpe.com/support/subscriber_choice" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799" }, { "trust": 0.1, "url": "http://www.hp.com/go/insightremotesupport/docs" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:23/openssl-8.4.patch" }, { "trust": 0.1, "url": "http://www.freebsd.org/handbook/makeworld.html\u003e." }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:23/openssl-9.3.patch.asc" }, { "trust": 0.1, "url": "http://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3513\u003e" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:23/openssl-10.0.patch.asc" }, { "trust": 0.1, "url": "http://security.freebsd.org/\u003e." }, { "trust": 0.1, "url": "http://security.freebsd.org/advisories/freebsd-sa-14:23.openssl.asc\u003e" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3566\u003e" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:23/openssl-9.3.patch" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:23/openssl-10.0.patch" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3568\u003e" }, { "trust": 0.1, "url": "http://security.freebsd.org/patches/sa-14:23/openssl-8.4.patch.asc" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3567\u003e" }, { "trust": 0.1, "url": "https://www.hp.com" } ], "sources": [ { "db": "VULHUB", "id": "VHN-71506" }, { "db": "PACKETSTORM", "id": "128732" }, { "db": "PACKETSTORM", "id": "129426" }, { "db": "PACKETSTORM", "id": "133368" }, { "db": "PACKETSTORM", "id": "130644" }, { "db": "PACKETSTORM", "id": "131011" }, { "db": "PACKETSTORM", "id": "130125" }, { "db": "PACKETSTORM", "id": "130334" }, { "db": "PACKETSTORM", "id": "130817" }, { "db": "PACKETSTORM", "id": "136577" }, { "db": "PACKETSTORM", "id": "129401" }, { "db": "PACKETSTORM", "id": "128808" }, { "db": "PACKETSTORM", "id": "132469" }, { "db": "NVD", "id": "CVE-2014-3566" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-71506" }, { "db": "PACKETSTORM", "id": "128732" }, { "db": "PACKETSTORM", "id": "129426" }, { "db": "PACKETSTORM", "id": "133368" }, { "db": "PACKETSTORM", "id": "130644" }, { "db": "PACKETSTORM", "id": "131011" }, { "db": "PACKETSTORM", "id": "130125" }, { "db": "PACKETSTORM", "id": "130334" }, { "db": "PACKETSTORM", "id": "130817" }, { "db": "PACKETSTORM", "id": "136577" }, { "db": "PACKETSTORM", "id": "129401" }, { "db": "PACKETSTORM", "id": "128808" }, { "db": "PACKETSTORM", "id": "132469" }, { "db": "NVD", "id": "CVE-2014-3566" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-10-15T00:00:00", "db": "VULHUB", "id": "VHN-71506" }, { "date": "2014-10-17T15:10:30", "db": "PACKETSTORM", "id": "128732" }, { "date": "2014-12-09T23:13:22", "db": "PACKETSTORM", "id": "129426" }, { "date": "2015-08-28T19:02:22", "db": "PACKETSTORM", "id": "133368" }, { "date": "2015-03-05T14:44:00", "db": "PACKETSTORM", "id": "130644" }, { "date": "2015-03-25T00:41:42", "db": "PACKETSTORM", "id": "131011" }, { "date": "2015-01-28T00:26:54", "db": "PACKETSTORM", "id": "130125" }, { "date": "2015-02-10T17:43:07", "db": "PACKETSTORM", "id": "130334" }, { "date": "2015-03-13T17:11:14", "db": "PACKETSTORM", "id": "130817" }, { "date": "2016-04-06T13:28:14", "db": "PACKETSTORM", "id": "136577" }, { "date": "2014-12-05T15:08:08", "db": "PACKETSTORM", "id": "129401" }, { "date": "2014-10-22T19:54:29", "db": "PACKETSTORM", "id": "128808" }, { "date": "2015-06-29T15:36:03", "db": "PACKETSTORM", "id": "132469" }, { "date": "2014-10-15T00:55:02.137000", "db": "NVD", "id": "CVE-2014-3566" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-13T00:00:00", "db": "VULHUB", "id": "VHN-71506" }, { "date": "2023-09-12T14:55:31.563000", "db": "NVD", "id": "CVE-2014-3566" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "136577" }, { "db": "PACKETSTORM", "id": "129401" } ], "trust": 0.2 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apple Security Advisory 2014-10-16-4", "sources": [ { "db": "PACKETSTORM", "id": "128732" } ], "trust": 0.1 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "info disclosure", "sources": [ { "db": "PACKETSTORM", "id": "130125" } ], "trust": 0.1 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.