ID

VAR-200408-0145


CVE

CVE-2004-0230


TITLE

The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements

Trust: 0.8

sources: CERT/CC: VU#415294

DESCRIPTION

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. A vulnerability exists in the reliance of the Border Gateway Protocol (BGP) on the Transmission Control Protocol (TCP) to maintain persistent sessions. Sustained exploitation of this vulnerability could lead to a denial-of-service condition affecting a large segment of the Internet community. Normal operations would most likely resume shortly after the attack stopped. TCP Has a sequence number TCP There is a problem that it is justified if it is within the window. Therefore, there is a vulnerability that makes it easy to guess the external sequence number when establishing a long-term connection that increases the window size. Note that products affected by this vulnerability TCP Covers many products with implementation. For more information, NISCC-236929 (JVN) , NISCC Advisory 236929 (CPNI Advisory 00391) Please check also.A third party TCP By predicting the sequence number of a particular TCP Service operation interruption such as forcibly terminating a connection (DoS) There is a possibility of being attacked. A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequence numbers. This will permit a remote attacker to inject a SYN or RST packet into the session, causing it to be reset and effectively allowing denial-of-service attacks. An attacker would exploit this issue by sending a packet to a receiving implementation with an approximated sequence number and a forged source IP and TCP port. Few factors may present viable target implementations, such as imlementations that: - depend on long-lived TCP connections - have known or easily guessed IP address endpoints - have known or easily guessed TCP source ports. As a result, this issue is likely to affect a number of routing platforms. Note also that while a number of vendors have confirmed this issue in various products, investigations are ongoing and it is likely that many other vendors and products will turn out to be vulnerable as the issue is investigated further. Other consequences may also result from this issue, such as injecting specific data in TCP sessions, but this has not been confirmed. **Update: Microsoft platforms are also reported prone to this vulnerability. Vendor reports indicate that an attacker will require knowledge of the IP address and port numbers of the source and destination of an existent legitimate TCP connection in order to exploit this vulnerability on Microsoft platforms. The following products and versions are affected: Oracle Solaris 10, 11; Openpgp 2.6.2; Mcafee Network Data Loss Prevention 8.6 and earlier, 9.2.0, 9.2.1, 9.2.2; Netbsd 1.5, Version 1.5.1, Version 1.5.2, Version 1.5.3, Version 1.6, Version 1.6.1, Version 1.6.2, Version 2.0; Xinuos Openserver Version 5.0.6, Version 5.0.7; Juniper Networks Junos OS; Xinuos Unixware Version 7.1.1, Version 7.1.3. ---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Avaya Intuity Audix TCP Connection Reset Vulnerability SECUNIA ADVISORY ID: SA15263 VERIFY ADVISORY: http://secunia.com/advisories/15263/ CRITICAL: Less critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Avaya Intuity Audix R5 http://secunia.com/product/4586/ DESCRIPTION: Avaya has acknowledged a vulnerability in Intuity Audix, which can be exploited by malicious people to reset established TCP connections on a vulnerable system. For more information: SA11440 SOLUTION: A patch will reportedly be included in the next major release. ORIGINAL ADVISORY: Avaya: http://support.avaya.com/elmodocs2/security/ASA-2005-097_SCASA-2005-14.pdf OTHER REFERENCES: SA11440: http://secunia.com/advisories/11440/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Routing operations would recover quickly after such attacks ended. I. Description In 2001, the CERT Coordination Center released CA-2001-09, describing statistical weaknesses in various TCP/IP Initial Sequence generators. In that document (<http://www.cert.org/advisories/CA-2001-09.html>), it was noted by Tim Newsham: [I]f a sequence number within the receive window is known, an attacker can inject data into the session stream or terminate the connection. If the ISN value is known and the number of bytes sent already sent is known, an attacker can send a simple packet to inject data or kill the session. Paul Watson has performed the statistical analysis of this attack when the ISN is not known and has pointed out that such an attack could be viable when specifically taking into account the TCP Window size. He has also created a proof-of-concept tool demonstrating the practicality of the attack. The National Infrastructure Security Co-Ordination Centre (NISCC) has published an advisory summarizing Paul Watson's analysis in "NISCC Vulnerability Advisory 236929," available at <http://www.uniras.gov.uk/vuls/2004/236929/index.htm>. Since TCP is an insecure protocol, it is possible to inject transport-layer packets into sessions between hosts given the right preconditions. For detailed information about BGP and some tips for securing it, please see Cisco System's documentation (<http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm> or Team Cymru (<http://www.cymru.com/>). This may result in a brief loss of service until the fresh routing tables are created. When this is taken into account, instead of attempting to send a spoofed packet with all potential sequence numbers, the attacker would only need to calculate an valid sequence number that falls within the next expected ISN plus or minus half the window size. According to Paul Watson's report, with a typical xDSL data connection (80 Kbps, upstream) capable of sending of 250 packets per second (pps) to a session with a TCP Window size of 65,535 bytes, it would be possible to inject a TCP packet approximately every 5 minutes. It would take approximately 15 seconds with a T-1 (1.544 Mbps) connection. These numbers are significant when large numbers of compromised machines (often called "botnets" or "zombies") can be used to generate large amounts of packets that can be directed at a particular host. To protect against such injections, RFC 2385 provides a method of using MD5 signatures on the TCP Headers. If this form of verification is supported and enabled between two peers, then an attacker would have to obtain the key used to transmit the packet in order to successfully inject a packet into the TCP session. Another alternative would be to tunnel BGP over IPSec. Again, this would provide a form of authentication between the BGP peers and the data that they transmit. The lack of authentication when using TCP for BGP makes this type of attack more viable. US-CERT is tracking this issue as VU#415294. This reference number corresponds to CVE candidate CAN-2004-0230. NISCC is tracking this issue as Advisory 236929. II. Impacts could range from data corruption or session hijacking to a denial-of-service condition. III. Solution Apply a patch from your vendor Please see you vendor's statement regarding the availability of patches, updates and mitigation strategies. The lack of cryptographically-strong security options for the TCP header itself is a deficiency that technologies like IPSec try to address. It must be noted that in the final analysis that if an attacker has the ability to see unencrypted TCP traffic generated from a site, that site is vulnerable to various TCP attacks - not just those mentioned here. A stronger measure that would aid in protecting against such TCP attacks is end-to-end cryptographic solutions like those outlined in various IPSec documents. The key idea with an end-to-end cryptographic solution is that there is some secure verification that a given packet belongs in a particular stream. However, the communications layer at which this cryptography is implemented will determine its effectiveness in repelling ISN based attacks. Solutions that operate above the Transport Layer (OSI Layer 4), such as SSL/TLS and SSH1/SSH2, only prevent arbitrary packets from being inserted into a session. They are unable to prevent a connection reset (denial of service) since the connection handling will be done by a lower level protocol (i.e., TCP). On the other hand, Network Layer (OSI Layer 3) cryptographic solutions such as IPSec prevent both arbitrary packets entering a transport-layer stream and connection resets because connection management is directly integrated into the secure Network Layer security model. The solutions presented above have the desirable attribute of not requiring any changes to the TCP protocol or implementations to be made. RFC2385 ("Protection of BGP Sessions via the TCP MD5 Signature Option") and other technologies provide options for adding cryptographic protection within the TCP header at the cost of some potential denial of service, interoperability, and performance issues. Ingress filtering Ingress filtering manages the flow of traffic as it enters a network under your administrative control. You can configure your BGP routers to only accept packets on a specific network connection. Servers are typically the only machines that need to accept inbound connections from the public Internet. In the network usage policy of many sites, there are few reasons for external hosts to initiate inbound connections to machines that provide no public services. Thus, ingress filtering should be performed at the border to prohibit externally initiated inbound connections to non-authorized services. In this fashion, the effectiveness of many intruder scanning techniques can be dramatically reduced. Network Isolation Complex networks can benefit by separating data channels and control channels, such as BGP, into different logical or physical networks. Technologies such as VLANs, VPNs, leased links, NAT may all be able to contribute to separating the tranmission of control information from the transmission of the data stream. Egress filtering Egress filtering manages the flow of traffic as it leaves a network under your administrative control. There is typically limited need for machines providing public services to initiate outbound connections to the Internet. In the case of BGP, only your BGP routers should be establishing connections to your peers. Other BGP traffic generated on your network could be a sign of an attempted attack. Appendix A. As vendors report new information to US-CERT, we will update the vulnerability note. If a particular vendor is not listed in either the NISCC advisory, or the vulnerability, we recommend that you contact them for their comments. _________________________________________________________________ US-CERT thanks Paul Watson, Cisco Systems and NISCC for notifying us about this problem and for helping us to construct this advisory. _________________________________________________________________ Feedback can be directed to the US-CERT Technical Staff. _________________________________________________________________ Copyright 2004 Carnegie Mellon University. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory:\xa0TCP Vulnerabilities in Multiple IOS-Based Cisco Products Revision 1.0 For Public Release 2004 April 20 21:00 UTC (GMT) - ------------------------------------------------------------------------- Summary ======= A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer) and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, this attack vector does not directly compromise data integrity or confidentiality. This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml, and it describes this vulnerability as it applies to Cisco products that run Cisco IOS\xae software. A companion advisory that describes this vulnerability for products that do not run Cisco IOS software is available at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml. The severity of the exposure depends upon the protocols and applications that utilize TCP. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer), and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). Details ======= TCP is the transport layer protocol designed to provide connection-oriented reliable delivery of a data stream. To accomplish this, TCP uses a mixture of flags to indicate state and sequence numbers to identify the order in which the packets are to be reassembled. The acknowledgement number is not used in a packet with the reset (RST) flag set because a reset does not expect a packet in return. The full specification of the TCP protocol can be found at http://www.ietf.org/rfc/rfc0793.txt. According to the RFC793 specification, it is possible to reset an established TCP connection by sending a packet with the RST or synchronize (SYN) flag set. However, the sequence number does not have to be an exact match; it is sufficient to fall within the advertised window. This significantly decreases the effort required by an adversary: the larger the window, the easier it is to reset the connection. The destination TCP port is usually known for all standard services (for example, 23 for Telnet, 80 for HTTP). Cisco IOS software uses predictable ephemeral ports for known services with a predictable increment (the next port which will be used for a subsequent connection). These values, while constant for a particular Cisco IOS software version and protocol, can vary from one release to another. Here is an example of a normal termination of a TCP session: Host(1) Host(2) | | | | | ACK ack=1001, window=5000 | |<----------------------------| | | Host(1) is closing the session | RST seq=1001 | |---------------------------->| | | Host(2) is closing the session In addition, the following scenario is also permitted: Host(1) Host(2) | | | | | ACK ack=1001, window=5000 | |<----------------------------| | | Host(1) is closing the session | RST seq=4321 | |---------------------------->| | | Host(2) is closing the session Note how, in the second example, the RST packet was able to terminate the session although the sequence number was not the next expected one (which is 1001). As a general rule, all protocols where a TCP connection stays established for longer than one minute should be considered exposed. The exposure on this vulnerability can be described as follows: * Cisco IOS - All devices running Cisco IOS software are vulnerable. Sessions passing through the device are vulnerable only if the originating or receiving device is vulnerable, but they cannot be attacked on the router itself. This vulnerability does not compromise data integrity or confidentiality. It only affects availability. This vulnerability is documented in the Cisco Bug Toolkit as Bug IDs CSCed27956 ( registered customers only) and CSCed38527 ( registered customers only) . * Cisco IOS Firewall (IOS FW) - The Cisco IOS FW monitors packets passing throughout the router and maintains the session state internally. This way, it is possible to "open" required ports and allow traffic to pass and then close them after the session has finished. Since Cisco IOS FW intercepts and examines all packets passing through the device, all TCP sessions passing through the Cisco IOS FW are vulnerable to this attack. This is valid even if the originating and receiving devices themselves are not vulnerable. This vulnerability is documented in the Cisco Bug Toolkit as Bug ID CSCed93836 ( registered customers only) . * Network Address Translation (NAT) - This vulnerability does not have any effect on NAT. The NAT functionality simply rewrites ports and IP addresses. This feature does not interprete TCP flags and therefore is not vulnerable to this attack. However, the attacking packet will be passed through the router and the receiving device can be affected. Impact ====== The impact will be different for each specific protocol. While in the majority of cases a TCP connection will be automatically re-established, in some specific protocols a second order of consequences may have a larger impact than tearing down the connection itself. Both external and internal (eBGP and iBGP) sessions are equally vulnerable. If an adversary tears down a BGP session between two routers, then all routes which were advertised between these two peers will be withdrawn. This would occur immediately for the router which has been attacked and after the next update/keepalive packet is sent by the other router. The BGP peering session itself will be re-established within a minute after the attack. Depending upon the exact routing configuration, withdrawal of the routes may have any of the following consequences: * No adverse effects at all if an appropriate static route(s) has(have) been defined on both sides of the affected session. * The traffic will be rerouted along other paths. This may cause some congestion along these paths. * A portion of the network will be completely isolated and unreachable. If a BGP peering session is broken a few times within a short time interval, then BGP route dampening may be invoked. Dampening means that affected routes will be withdrawn from the Internet routing table for some period of time. By default that time is 45 minutes. During that time, all of the traffic whose route was advertised over the attacked BGP session will either be rerouted or a portion of the network will be unreachable. Route dampening is not enabled by default. Cisco IOS Firewall Feature Set - ------------------------------ It is possible to terminate an established TCP-based connection even if both endpoints are not vulnerable to this attack. Software Versions and Fixes =========================== Each row of the table describes a release train and the platforms or products for which it is intended. If a given release train is vulnerable, then the earliest possible releases that contain the fix and the anticipated date of availability for each are listed in the Rebuild, Interim, and Maintenance columns. In some cases, no rebuild of a particular release is planned; this is marked with the label "Not scheduled." A device running any release in the given train that is earlier than the release in a specific column (less than the earliest fixed release) is known to be vulnerable, and it should be upgraded at least to the indicated release or a later version (greater than the earliest fixed release label). When selecting a release, keep in mind the following definitions: * Maintenance Most heavily tested and highly recommended release of any label in a given row of the table. * Rebuild Constructed from the previous maintenance or major release in the same train, it contains the fix for a specific vulnerability. Although it receives less testing, it contains only the minimal changes necessary to effect the repair. Cisco has made available several rebuilds of mainline trains to address this vulnerability, but strongly recommends running only the latest maintenance release on mainline trains. * Interim Built at regular intervals between maintenance releases and receives less testing. Interims should be selected only if there is no other suitable release that addresses the vulnerability, and interim images should be upgraded to the next available maintenance release as soon as possible. Interim releases are not available through manufacturing, and usually they are not available for customer download from CCO without prior arrangement with the Cisco Technical Assistance Center (TAC). In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco TAC for assistance, as shown in the section following this table. Fixed Cisco IOS Software Images for Cisco IOS Firewall +------------+---------------------------------+ | Major | Availability of Repaired | | Release | Releases* | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.1-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.1 | 12.1 | | | | | (22c) | | | +------------+---------+---------+-------------+ | 12.1E | 12.1 | | | | | (19)E7 | | | | +---------+---------+-------------+ | | | | | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.2-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.2 | 12.2 | | | | | (21b) | | | | +---------+---------+-------------+ | | 12.2 | | | | | (23a) | | | +------------+---------+---------+-------------+ | 12.2T | 12.2 | | | | | (11)T11 | | | | +---------+---------+-------------+ | | 12.2 | | | | | (13)T12 | | | | +---------+---------+-------------+ | | 12.2 | | | | | (15)T12 | | | +------------+---------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.3-Based | | ** | | | Release | | | | +------------+---------+---------+-------------+ | 12.3 | 12.3 | | | | | (5c) | | | | +---------+---------+-------------+ | | 12.3 | | | | | (6a) | | | +------------+---------+---------+-------------+ | 12.3T | 12.3(4) | | | | | T4 | | | +------------+---------+---------+-------------+ Fixed Cisco IOS Software Releases and Migration Path +----------+-------------------------------------+ | Major | Availability of Repaired Releases* | | Release | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.1 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.1 | 11.1 Vulnerable. Migrate to 11.2 | +----------+-------------------------------------+ | 11.1AA | 11.1AA Vulnerable. Migrate to 11.2P | +----------+-------------------------------------+ | 11.1CC | 11.1CC Vulnerable. Migrate to 12.0 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.2 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.2 | 11.2(26f) | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 11.2P | 11.2(26)P6 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 11.2SA | 11.2(8)SA6 Vulnerable. Migrate to | | | 12.0 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 11.3 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 11.3 | 11.3 Vulnerable. Migrate to 12.0 | | +-------------+---------+-------------+ | | 11.3(11b)T4 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | | +-------------+---------+-------------+ | | 11.3(11e) | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.0 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.0 | 12.0(28) | | | +----------+-------------+---------+-------------+ | 12.0DA | 12.0DA Vulnerable. Migrate to | | | 12.2DA | +----------+-------------------------------------+ | 12.0DB | 12.0DB Vulnerable. Migrate to | | | 12.1DB | +----------+-------------------------------------+ | 12.0DC | 12.0DC Vulnerable. Migrate to | | | 12.1DC | +----------+-------------+---------+-------------+ | 12.0S | 12.0(27)S | | | | +-------------+---------+-------------+ | | 12.0(26)S2 | | | | +-------------+---------+-------------+ | | 12.0(16)S11 | | | | +-------------+---------+-------------+ | | 12.0(24)S5 | | | | +-------------+---------+-------------+ | | 12.0(25)S3 | | | | +-------------+---------+-------------+ | | 12.0(23)S6 | | | +----------+-------------+---------+-------------+ | 12.0SL | 12.0SL Vulnerable. Migrate to 12.0 | | | (23)S3 | +----------+-------------------------------------+ | 12.0ST | 12.0ST Vulnerable. Migrate to 12.0 | | | (26)S2 | +----------+-------------------------------------+ | 12.0SX | 12.0(25)SX4 Not built - contact TAC | +----------+-------------------------------------+ | 12.0SZ | 12.0SZ Vulnerable. Migrate to 12.0 | | | (26)S2 | +----------+-------------------------------------+ | 12.0T | 12.0T Vulnerable. Migrate to 12.1 | +----------+-------------+---------+-------------+ | 12.0W5 | 12.0(28)W5 | | | | | (30) | | | +----------+-------------+---------+-------------+ | 12.0WC | 12.0(5)WC9a | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 12.0WT | 12.0(13)WT Vulnerable. End of | | | Engineering | +----------+-------------------------------------+ | 12.0WX | 12.0(4)WX Vulnerable. Migrate to | | | 12.0W5 | +----------+-------------------------------------+ | 12.0XA | 12.0(1)XA Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XB | 12.0(1)XB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.0XC | 12.0(2)XC Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XD | 12.0(2)XD Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XE | 12.0(7)XE Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.0XG | 12.0(3)XG Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XH | 12.0(4)XH Vulnerable. Migrate to | | | 12.1 | +----------+-------------------------------------+ | 12.0XI | 12.0(4)XI Vulnerable. Migrate to | | | 12.1 | +----------+-------------------------------------+ | 12.0XJ | 12.0(4)XJ Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XK | 12.0(7)XK Vulnerable. Migrate to | | | 12.1T Latest | +----------+-------------------------------------+ | 12.0XL | 12.0(4)XL Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.0XM | 12.0(4)XM Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.0XN | 12.0(5)XN Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XP | 12.0(5.1)XP Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XQ | 12.0(5)XQ Vulnerable. Migrate to | | | 12.1 Latest | +----------+-------------------------------------+ | 12.0XR | 12.0(7)XR Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.0XS | 12.0(5)XS Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.0XU | 12.0(5)XU Vulnerable. Migrate to | | | 12.0(5)WC | +----------+-------------------------------------+ | 12.0XV | 12.0(7)XV Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.1 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.1 | 12.1(20a) | | | | +-------------+---------+-------------+ | | 12.1(4c) | | | | +-------------+---------+-------------+ | | 12.1(22a) | | | +----------+-------------+---------+-------------+ | 12.1AA | 12.1(10)AA Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------+---------+-------------+ | 12.1AX | 12.1(14)AX | | | +----------+-------------+---------+-------------+ | 12.1AY | 12.1(13)AY Vulnerable. Migrate to | | | 12.1(14)EA1 | +----------+-------------------------------------+ | 12.1DA | 12.2DA Vulnerable. Migrate to | | | 12.2DA | +----------+-------------------------------------+ | 12.1DB | 12.1(5)DB Vulnerable. Migrate to | | | 12.2B | +----------+-------------+---------+-------------+ | 12.1E | 12.1(19)E7 | | | | +-------------+---------+-------------+ | | 12.1(22)E1 | | | | +-------------+---------+-------------+ | | 12.1(11b) | | | | | E14 | | | | +-------------+---------+-------------+ | | 12.1(20)E2 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.1(19)E6 | | | | +-------------+---------+-------------+ | | 12.1(13)E13 | | | | +-------------+---------+-------------+ | | 12.1(8b)E18 | | | | +-------------+---------+-------------+ | | 12.1(14)E10 | | | | +-------------+---------+-------------+ | | 12.1(13)E14 | | | +----------+-------------+---------+-------------+ | 12.1EA | 12.1(20)EA1 | | | +----------+-------------+---------+-------------+ | 12.1EB | 12.1(20)EB | | | +----------+-------------+---------+-------------+ | 12.1EC | 12.1(20)EC | | | +----------+-------------+---------+-------------+ | 12.1EO | 12.1(20)EO | | | | +-------------+---------+-------------+ | | 12.1(19)EO2 | | | | | Available | | | | | on | | | | | 2004-Apr-25 | | | +----------+-------------+---------+-------------+ | 12.1EU | 12.1(20)EU | | | +----------+-------------+---------+-------------+ | 12.1EV | 12.1(12c)EV Vulnerable. Migrate to | | | 12.2(RLS4)S | +----------+-------------+---------+-------------+ | 12.1EW | 12.1(20)EW2 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | +----------+-------------+---------+-------------+ | 12.1EX | 12.1EX Vulnerable. Migrate to 12.1 | | | (14)E | +----------+-------------------------------------+ | 12.1EY | 12.1(10)EY Vulnerable. Migrate to | | | 12.1(14)E | +----------+-------------+---------+-------------+ | 12.1T | 12.1(5)T17 | | | +----------+-------------+---------+-------------+ | 12.1XA | 12.1(1)XA Vulnerable. Migrate to | | | 12.1(5)T18 | +----------+-------------------------------------+ | 12.1XB | 12.1(1)XB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XC | 12.1(1)XC Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XD | 12.1(1)XD Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XE | 12.1(1)XE Vulnerable. Migrate to | | | 12.1E Latest | +----------+-------------------------------------+ | 12.1XF | 12.1(2)XF Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XG | 12.1(3)XG Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XH | 12.1(2a)XH Vulnerable. Migrate to | | | 12.2 | +----------+-------------------------------------+ | 12.1XI | 12.1(3a)XI Vulnerable. Migrate to | | | 12.2 Latest | +----------+-------------------------------------+ | 12.1XJ | 12.1(3)XJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XL | 12.1(3)XL Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XM | 12.1(5)XM Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XP | 12.1(3)XP Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XQ | 12.1(3)XQ Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XR | 12.1(5)XR Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XT | 12.1(3)XT Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1XU | 12.1(5)XU Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.1XV | 12.1(5)XV Vulnerable. Migrate to | | | 12.2XB | +----------+-------------------------------------+ | 12.1YA | 12.1(5)YA Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.1YB | 12.1(5)YB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1YC | 12.1(5)YC Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.1YD | 12.1(5)YD Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.1YE | 12.1(5)YE5 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YF | 12.1(5)YF2 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YH | 12.1(5)YH2 Vulnerable. Migrate to | | | 12.2(13)T | +----------+-------------------------------------+ | 12.1YI | 12.1(5)YI2 Vulnerable. Migrate to | | | 12.2(2)YC | +----------+-------------------------------------+ | 12.1YJ | 12.1(11)YJ Vulnerable. Migrate to | | | 12.1EA Latest | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.2 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.2 | 12.2(19b) | | | | +-------------+---------+-------------+ | | 12.2(16f) | | | | +-------------+---------+-------------+ | | 12.2(21a) | | | | +-------------+---------+-------------+ | | 12.2(23) | | | | +-------------+---------+-------------+ | | 12.2(12i) | | | | +-------------+---------+-------------+ | | 12.2(10g) | | | | +-------------+---------+-------------+ | | 12.2(13e) | | | | +-------------+---------+-------------+ | | 12.2(17d) | | | | +-------------+---------+-------------+ | | 12.2(21b) | | | | +-------------+---------+-------------+ | | 12.2(23a) | | | +----------+-------------+---------+-------------+ | 12.2B | 12.2(2)B - 12.2(4)B7 Vulnerable. | | | Migrate to 12.2(13)T12 | | +-------------------------------------+ | | 12.2(4)B8 AND FWD Vulnerable. | | | Migrate to 12.3(5a)B1 | +----------+-------------+---------+-------------+ | 12.2BC | 12.2(15) | | | | | BC1C | | | +----------+-------------+---------+-------------+ | 12.2BW | 12.2(4)BW Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------+---------+-------------+ | 12.2BX | 12.2(16)BX2 | | | +----------+-------------+---------+-------------+ | 12.2BY | 12.2(4)BY Vulnerable. Migrate to | | | 12.2(15)B | | +-------------------------------------+ | | 12.2(8)BY Vulnerable. Migrate to | | | 12.2(8)ZB | | +-------------------------------------+ | | 12.2(2)BY Vulnerable. Migrate to | | | 12.2(8)BZ | +----------+-------------------------------------+ | 12.2BZ | 12.2(15)BZ Vulnerable. Migrate to | | | 12.2(16)BX | +----------+-------------------------------------+ | 12.2CX | 12.2(11)CX Vulnerable. Migrate to | | | 12.2(15)BC | +----------+-------------------------------------+ | 12.2CY | 12.2(11)CY Vulnerable. Migrate to | | | 12.2(13)BC1C | +----------+-------------------------------------+ | 12.2DD | 12.2DD Vulnerable. Migrate to 12.2 | | | (4)B1 | +----------+-------------------------------------+ | 12.2DX | 12.2(1)DX Vulnerable. Migrate to | | | 12.2DD | | +-------------------------------------+ | | 12.2(2)DX Vulnerable. Migrate to | | | 12.2B Latest | +----------+-------------+---------+-------------+ | 12.2EW | 12.2(18)EW | | | +----------+-------------+---------+-------------+ | 12.2JA | 12.2(13)JA4 | | | | +-------------+---------+-------------+ | | 12.2(13)JA2 | | | | +-------------+---------+-------------+ | | 12.2(11)JA3 | | | +----------+-------------+---------+-------------+ | 12.2MC | 12.2(15) | | | | | MC1B | | | +----------+-------------+---------+-------------+ | 12.2S | 12.2(22)S | | | | +-------------+---------+-------------+ | | 12.2(14)S7 | | | | +-------------+---------+-------------+ | | 12.2(20)S1 | | | | +-------------+---------+-------------+ | | 12.2(20)S3 | | | | | Available | | | | | on | | | | | 2004-Apr-21 | | | | +-------------+---------+-------------+ | | 12.2(18)S3 | | | +----------+-------------+---------+-------------+ | 12.2SE | 12.2(18)SE | | | +----------+-------------+---------+-------------+ | 12.2SW | 12.2(21)SW | | | +----------+-------------+---------+-------------+ | 12.2SX | 12.2(17a) | | | | | SX2 | | | +----------+-------------+---------+-------------+ | 12.2SXA | 12.2(17b) | | | | | SXA1 | | | +----------+-------------+---------+-------------+ | 12.2SXB | 12.2(17d)SXB1 Not built - contact | | | TAC | +----------+-------------+---------+-------------+ | 12.2SY | 12.2(14)SY3 | | | +----------+-------------+---------+-------------+ | 12.2SZ | 12.2(14)SZ6 | | | +----------+-------------+---------+-------------+ | 12.2T | 12.2(15)T11 | | | | +-------------+---------+-------------+ | | 12.2(13)T12 | | | | +-------------+---------+-------------+ | | 12.2(11)T11 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.2(13)T11 | | | +----------+-------------+---------+-------------+ | 12.2XA | 12.2(2)XA Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XB | 12.2(2)XB Vulnerable. Migrate to | | | 12.2(15)T | +----------+-------------------------------------+ | 12.2XC | 12.2(2)XC Vulnerable. Migrate to | | | 12.2(8)ZB | +----------+-------------------------------------+ | 12.2XD | 12.2(1)XD Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XE | 12.2(1)XE Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XF | 12.2(1)XF1 Vulnerable. Migrate to | | | 12.2(4)BC1C | +----------+-------------------------------------+ | 12.2XG | 12.2(2)XG Vulnerable. Migrate to | | | 12.2(8)T | +----------+-------------------------------------+ | 12.2XH | 12.2(2)XH Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XI | 12.2(2)XI2 Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XJ | 12.2(2)XJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XK | 12.2(2)XK Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XL | 12.2(4)XL Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XM | 12.2(4)XM Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XN | 12.2(2)XN Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XQ | 12.2(2)XQ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XS | 12.2(1)XS Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XT | 12.2(2)XT Vulnerable. Migrate to | | | 12.2(11)T | +----------+-------------------------------------+ | 12.2XU | 12.2(2)XU Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2XW | 12.2(4)XW Vulnerable. Migrate to | | | 12.2(13)T12 | +----------+-------------------------------------+ | 12.2YA | 12.2(4)YA Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YB | 12.2(4)YB Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YC | 12.2(2)YC Vulnerable. Migrate to | | | 12.2(11)T11 | +----------+-------------------------------------+ | 12.2YD | 12.2(8)YD Vulnerable. Migrate to | | | 12.2(8)YY | +----------+-------------------------------------+ | 12.2YE | 12.2(9)YE Vulnerable. Migrate to | | | 12.2S | +----------+-------------------------------------+ | 12.2YF | 12.2(4)YF Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YG | 12.2(4)YG Vulnerable. Migrate to | | | 12.2(13)T12 | +----------+-------------------------------------+ | 12.2YH | 12.2(4)YH Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YJ | 12.2(8)YJ Vulnerable. Migrate to | | | 12.2(15)T12 | +----------+-------------------------------------+ | 12.2YK | 12.2(2)YK Vulnerable. Migrate to | | | 12.2(13)ZC | +----------+-------------------------------------+ | 12.2YL | 12.2(8)YL Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YM | 12.2(8)YM Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YN | 12.2(8)YN Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YO | 12.2(9)YO Vulnerable. Migrate to | | | 12.2(14)SY | +----------+-------------------------------------+ | 12.2YP | 12.2(11)YP Vulnerable. Migrate to | | | 12.2T Latest | +----------+-------------------------------------+ | 12.2YQ | 12.2(11)YQ Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YR | 12.2(11)YR Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YS | 12.2(11)YS Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2YT | 12.2(11)YT Vulnerable. Migrate to | | | 12.2(15)T | +----------+-------------------------------------+ | 12.2YU | 12.2(11)YU Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YV | 12.2(11)YV Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2YW | 12.2(8)YW Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------------------------------+ | 12.2YX | 12.2(11)YX Vulnerable. Migrate to | | | 12.2(RLS3)S | +----------+-------------------------------------+ | 12.2YY | 12.2(8)YY Vulnerable. Migrate to | | | 12.3(1)T | +----------+-------------------------------------+ | 12.2YZ | 12.2(11)YZ Vulnerable. Migrate to | | | 12.2(14)SZ | +----------+-------------+---------+-------------+ | 12.2ZA | 12.2(14)ZA6 | | | +----------+-------------+---------+-------------+ | 12.2ZB | 12.2(8)ZB Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2ZC | 12.2(13)ZC Vulnerable. Migrate to | | | 12.3T | +----------+-------------+---------+-------------+ | 12.2ZD | 12.2(13)ZD1 | | | +----------+-------------+---------+-------------+ | 12.2ZE | 12.2(13)ZE Vulnerable. Migrate to | | | 12.3 | +----------+-------------------------------------+ | 12.2ZF | 12.2(13)ZF Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZG | 12.2(13)ZG Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZH | 12.2(13)ZH Vulnerable. Migrate to | | | 12.3(4)T | +----------+-------------------------------------+ | 12.2ZI | 12.2(11)ZI Vulnerable. Migrate to | | | 12.2(18)S | +----------+-------------+---------+-------------+ | 12.2ZJ | 12.2(15)ZJ5 | | | | +-------------+---------+-------------+ | | 12.2(15)ZJ4 | | | +----------+-------------+---------+-------------+ | 12.2ZK | 12.2(15)ZK Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.2ZL | 12.2(15)ZL Vulnerable. Migrate to | | | 12.3(7)T | +----------+-------------------------------------+ | 12.2ZN | 12.2(15)ZN Vulnerable. Migrate to | | | 12.3(2)T | +----------+-------------+---------+-------------+ | 12.2ZP | 12.2(13)ZP3 | | | +----------+-------------+---------+-------------+ | Affected | Rebuild | Interim | Maintenance | | 12.3 | | ** | | | -Based | | | | | Release | | | | +----------+-------------+---------+-------------+ | 12.3 | 12.3(3e) | | | | +-------------+---------+-------------+ | | 12.3(6) | | | | +-------------+---------+-------------+ | | 12.3(5b) | | | +----------+-------------+---------+-------------+ | 12.3B | 12.3(5a)B | | | | +-------------+---------+-------------+ | | 12.3(3)B1 | | | +----------+-------------+---------+-------------+ | 12.3BW | 12.3(1a)BW Vulnerable. Migrate to | | | 12.3B | +----------+-------------+---------+-------------+ | 12.3T | 12.3(2)T4 | | | | +-------------+---------+-------------+ | | 12.3(7)T1 Not built - contact TAC | | +-------------+---------+-------------+ | | 12.3(4)T3 | | | +----------+-------------+---------+-------------+ | 12.3XA | 12.3(2)XA Vulnerable. Contact TAC. | +----------+-------------+---------+-------------+ | 12.3XB | 12.3(2)XB2 | | | +----------+-------------+---------+-------------+ | 12.3XC | 12.3(2)XC2 | | | +----------+-------------+---------+-------------+ | 12.3XD | 12.3(4)XD1 | | | +----------+-------------+---------+-------------+ | 12.3XE | 12.3(2)XE Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.3XF | 12.3(2)XF Vulnerable. Contact TAC | | | if needed. | +----------+-------------+---------+-------------+ | 12.3XG | 12.3(4)XG | | | +----------+-------------+---------+-------------+ | 12.3XH | 12.3(4)XH | | | +----------+-------------+---------+-------------+ | 12.3XI | 12.3(7)XI Vulnerable. Migrate to | | | 12.3T | +----------+-------------------------------------+ | 12.3XJ | 12.3(7)XJ Vulnerable. Contact TAC | | | if needed | +----------+-------------+---------+-------------+ | 12.3XK | 12.3(4)XK | | | +----------+-------------+---------+-------------+ | 12.3XL | 12.3(7)XL Vulnerable. Contact Tac | | | if needed | +----------+-------------------------------------+ | 12.3XM | 12.3(9)XM Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | 12.3XN | 12.3(4)XN Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | 12.3XQ | 12.3(4)XQ Vulnerable. Contact TAC | | | if needed. | +----------+-------------------------------------+ | * All dates are estimated and subject to | | change. | | | | ** Interim releases are subjected to less | | rigorous testing than regular maintenance | | releases, and may have serious bugs. | +------------------------------------------------+ Obtaining Fixed Software ======================== Customers with Service Contracts Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third-party Support Organizations Customers whose Cisco products are provided or maintained through prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers should contact that support organization for assistance with the upgrade, which should be free of charge. Customers without Service Contracts Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com See http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including special localized telephone numbers and instructions and e-mail addresses for use in various languages. Please have your product serial number available and give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software upgrades. Workarounds =========== The effectiveness of any workaround is dependent on specific customer situations such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround is the most appropriate for use in the intended network before it is deployed. There are no workarounds available to mitigate the effects of this vulnerability on Cisco IOS Firewall. For BGP, we will present the workaround and only a few mitigation techniques. For additional information regarding BGP security risk assessment, mitigation techniques, and deployment best practices, please consult ftp://ftp-eng.cisco.com/cons/isp/security/ BGP-Risk-Assesment-v.pdf. * BGP MD5 secret The workaround for BGP is to configure MD5 secret for each session between peers. This can be configured as shown in the following example: router(config)#router bgp <AS-_number> router(config-router)#neighbor <IP_address> password <enter_your_secret_here> It is necessary to configure the same shared MD5 secret on both peers and at the same time. Failure to do so will break the existing BGP session and the new session will not get established until the exact same secret is configured on both devices. For a detailed discussion on how to configure BGP, refer to the following document http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/ products_configuration_guide_chapter09186a00800ca571.html . Once the secret is configured, it is prudent to change it periodically. The exact period must fit within your company security policy but it should not be longer than a few months. When changing the secret, again it must be done at the same time on both devices. Failure to do so will break your existing BGP session. The exception is if your Cisco IOS software release contains the integrated CSCdx23494 ( registered customers only) fix. With this fix, the BGP session will not be terminated when the MD5 secret is changed only on one side. The BGP updates, however, will not be processed until either the same secret is configured on both devices or the secret is removed from both devices. It is possible to mitigate the exposure for BGP on this vulnerability by applying one or more of the following measures which will lessen the potential for the necessary spoofing required to implement a successful attack: * Blocking access to the core infrastructure Although it is often difficult to block traffic transiting your network, it is possible to identify traffic which should never be allowed to target your infrastructure devices and block that traffic at the border of your network. Infrastructure access control lists (ACLs) are considered a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The white paper entitled "Protecting Your Core: Infrastructure Protection Access Control Lists", available at http://www.cisco.com/warp/public/707/ iacl.html, presents guidelines and recommended deployment techniques for infrastructure protection ACLs. Exceptions would include any devices which have a legitimate reason to access your infrastructure (for example, BGP peers, NTP sources, DNS serves, and so on). All other traffic must be able to traverse your network without terminating on any of your devices. * Configure anti-spoofing measures on the network edge In order for an adversary to use the attack vector described in this advisory, it must send packets with the source IP address equal to one of the BGP peers. You can block spoofed packets either using the Unicast Reverse Path Forwarding (uRPF) feature or by using access control lists (ACLs). By enabling uRPF, all spoofed packets will be dropped at the first device. To enable uRPF, use the following commands: router(config)#ip cef router(config)#ip verify unicast reverse-path Please consult http://www.cisco.com/en/US/products/sw/iosswrel/ps1835 /products_configuration_guide_chapter09186a00800ca7d4.html and ftp:// ftp-eng.cisco.com/cons/isp/security/URPF-ISP.pdf for further details on how uRPF works and how to configure it in various scenarios. This is especially important if you are using asymmetric routing. ACLs should also be deployed as close to the edge as possible. Unlike uRPF, you must specify the exact IP range that is permitted. Specifying which addresses should be blocked is not the optimal solution because it tends to be harder to maintain. Caution: In order for anti-spoofing measures to be effective, they must be deployed at least one hop away from the devices which are being protected. Ideally, they will be deployed at the network edge facing your customers. * Packet rate limiting RST packets are rate-limited in Cisco IOS software by default. This feature is introduced in Cisco IOS Software Release 10.2. In the case of a storm of RST packets, they are effectively limited to one packet per second. In order to be successful, an attacker must terminate connection with the first few packets. Otherwise, the attack is deemed to be impracticably long. On the other hand, SYN packets are not rate-limited in any way. Rate limiting can be accomplished either by using Committed Access Rate (CAR) or by Control Plane Policing (CPP). While CPP is the recommended approach, it is available only for Cisco IOS Software Releases 12.2(18)S and 12.3(4)T. It is currently supported only on the following routers: 1751, 2600/2600-XM, 3700, 7200, and 7500 Series. CAR can be configured as follows: router(config)#access-list 103 deny tcp any host 10.1.1.1 established router(config)#access-list 103 permit tcp any host 10.0.0.1 router(config)#interface <interface> <interface #> router(config-if)#rate-limit input access-group 103 8000 8000 8000 conform-action transmit exceed-action drop For details on how to configure and deploy CPP, please consult the following document http://www.cisco.com/en/US/products/sw/iosswrel/ ps1838/products_white_paper09186a0080211f39.shtml Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. The exploitation of the vulnerability with packets having RST flag set (reset packets) was discovered by Paul (Tony) Watson of OSVDB.org. The extension of the attack vector to packets with SYN flag was discovered by the vendors cooperating on the resolution of this issue. Status of This Notice: INTERIM ============================== This is a INTERIM advisory. Although Cisco cannot guarantee the accuracy of all statements in this advisory, all of the facts have been checked to the best of our ability. Cisco does not anticipate issuing updated versions of this advisory unless there is some material change in the facts. Should there be a significant change in the facts, Cisco may update this advisory. A stand-alone copy or Paraphrase of the text of this Security Advisory that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory will be posted on Cisco's worldwide website at http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml. In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-teams@first.org (includes CERT/CC) * bugtraq@securityfocus.com * vulnwatch@wulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.netsys.com * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +----------+-------------+----------------+ | Revision | 2004-Apr-20 | Initial public | | 1.0 | | release. | +----------+-------------+----------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/warp/public/707/ sec_incident_response.shtml. This includes instructions for press inquiries regarding Cisco Security Notices. All Cisco Security Advisories are available at http://www.cisco.com/go/psirt. - ------------------------------------------------------------------------- All contents are Copyright \xa9 1992-2004 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (Cygwin) iD8DBQFAhZTpezGozzK2tZARAkKXAJ9BWwuytT7zwoOL+RkZJPebYN3W3ACfV/+K 0Fd3MvvRlKSETCrlMGL/dZg= =eDSn -----END PGP SIGNATURE----- . The nonexhaustive list of vulnerable non-IOS based Cisco products is as follows: * Access Registrar * BPX, IGX, MGX WAN switches, and the Service Expansion Shelf * BR340, WGB340, AP340, AP350, BR350 Cisco/Aironet wireless products * Cache Engine 505 and 570 * CallManager * Catalyst 1200, 1900, 28xx, 29xx, 3000, 3900, 4000, 5000, 6000 * Cisco 8110 Broadband Network Termination Unit * Cisco Element Management Framework * Cisco Info Center * Cisco Intelligent Contact Management * Cisco MDS 9000 * Cisco ONS 15190/15194 IP Transport Concentrator * Cisco ONS 15327 Metro Edge Optical Transport Platform * Cisco ONS 15454 Optical Transport Platform * Cisco ONS 15531/15532 T31 OMDS Metro WDM System * Cisco ONS 15800/15801/15808 Dense Wave Division Multiplexing Platform * Cisco ONS 15830 T30 Optical Amplification System * Cisco ONS 15831/15832 T31 DWDM System * Cisco ONS 15863 T31 Submarine WDM System * Content Router 4430 and Content Delivery Manager 4630 and 4650 * Cisco Secure Intrusion Detection System (NetRanger) appliance and IDS Module * Cisco Secure PIX firewall * Cisco ws-x6608 and ws-x6624 IP Telephony Modules * CiscoWorks Windows * Content Engine 507, 560, 590, and 7320 * CSS11000 (Arrowpoint) Content Services Switch * Hosting Solution Engine * User Registration Tool VLAN Policy Server * Cisco FastHub 300 and 400 * CR-4430-B * Device Fault Manager * Internet CDN Content Engine 590 and 7320, Content Distribution Manager 4670, and Content Router 4450 * IP Phone (all models including ATA and VG248) * IP/TV * LightStream 1010 * LightStream 100 ATM Switches * LocalDirector * ME1100 series * MicroHub 1500,MicroSwitch 1538/1548 * Voice Manager * RTM * SN5400 series storage routers * Switch Probe * Unity Server * VG248 Analog Phone Gateway * Traffic Director * WAN Manager Products Confirmed Not Vulnerable ================================= The following products are not vulnerable: * Cisco VPN 3000 Series Concentrators * Cisco Firewall Services Module for Cisco Catalyst 6500 Series and Cisco 7600 Series (FWSM) Details ====== TCP is the transport layer protocol designed to provide connection-oriented reliable delivery of a data stream. The Cisco PSIRT has analyzed multiple TCP-based protocols, as they are used within our offering, and we believe that this vulnerability does not have a significant impact on them. We will present our analysis for a few protocols which have the potential for higher impact due to the long lived connections. Voice signaling H.225, H.245 (part of H.323 suite) - -------------------------------------------------- H.225 and H.245 protocols are used in voice signaling. Their purpose is to negotiate parameters for content transfer (voice or video). The established sessions persist for the duration of a call. Any call in progress is terminated when the signaling session is broken. A new signaling session will be established immediately for the new call, but terminated calls cannot be re-established. Each call from an IP telephone or softphone will result in the creation of a single signaling session. It is possible that a single signaling session is responsible for multiple calls, but that setup is used deeper within the Service Provider's network. Determining all necessary parameters for mounting an attack is deemed a non-trivial task if the network is designed according to the current best practices. Network Storage (iSCSI, FCIP) - ----------------------------- Network Storage products use two TCP-based protocols: SCSI over IP (iSCSI) and Fiber Channel over IP (FCIP). * SCSI over IP (iSCSI) iSCSI is used in a client/server environment. The client is your computer and it is only the client that initiates a connection. This connection is not shared with any other users. Terminating the session will not have any adverse consequences if people are using current drivers from Microsoft for Windows and from Cisco for Linux. These drivers will re-establish the session and continue transfer from the point where it was disconnected. Drivers from other vendors may behave differently. The user may notice that access to a virtual device is slightly slower than usual. * Fiber Channel over IP (FCIP) FCIP is a peer-to-peer protocol. It is used for mirroring data between switches. Each peer can initiate the session. Switches can, and should be in practice, configured in a mesh. Bringing one link down will cause traffic to be re-routed over other link(s). If an adversary can manage to terminate the session multiple times in a row, the user's application may terminate with a "Device unreachable" or similar error message. This does not have any influence on the switch itself and the user can retry the operation. The user may notice that access to a virtual device is slightly slower than usual. An occasional error message is possible. SSL/TLS connections can be used to encapsulate various kinds of traffic and these sessions can be long lived. An encrypted session can be attacked either on the originating or terminating host or on the firewalls in front of them (if they exist). | | | | Customers | | | | are | | | | encouraged | | | | to migrate | | | | to IOS. <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>NISCC Vulnerability Advisory 236929</title> <style> <!-- body { font-family: Verdana } --> </style> </head> <body bgcolor="#FFFFCC"> <div class=Section1 style="width: 100%;"> <div align="center"><img src="http://www.niscc.gov.uk/images/newtitle.gif" width="766" height="80" alt="National Infrastructure Security Co-Ordination Centre"></div> <br> <font size="4"><b><font color="#FF0000">NISCC Vulnerability Advisory 236929</b></font><br> <br> <b>Vulnerability Issues in TCP</b></font><br> <br> <br> <b><font size="3">Version</font> Information</b> <br><br> <table border="1" width="61%"> <tr> <td width="58%">Advisory Reference</td> <td width="77%">236929</td> </tr> <tr> <td width="58%">Release Date</td> <td width="77%">20 April 2004</td> </tr> <tr> <td width="58%">Last Revision</td> <td width="77%">22 April 2004</td> </tr> <tr> <td width="58%">Version Number</td> <td width="77%">1.4</td> </tr> </table> &nbsp;<br><br> <b>What is Affected?</b><br> <br> The vulnerability described in this advisory affects implementations of the Transmission Control Protocol (TCP) that comply with the Internet Engineering Task Force\x92s (IETF\x92s) Requests For Comments (RFCs) for TCP, including <a href="http://www.ietf.org/rfc/rfc0793.txt">RFC 793</a>, the original specification, and <a href="http://www.ietf.org/rfc/rfc1323.txt">RFC 1323</a>, TCP Extensions for High Performance.<br> <br> TCP is a core network protocol used in the majority of networked computer systems today. Many vendors include support for this protocol in their products and may be impacted to varying degrees. <br> <br> <br> <b>Severity</b><br> <br> The impact of this vulnerability varies by vendor and application, but in some deployment scenarios it is rated critical. Alternatively contact your vendor for product specific information.<br> <br> If exploited, the vulnerability could allow an attacker to create a Denial of Service condition against existing TCP connections, resulting in premature session termination. The resulting session termination will affect the application layer, the nature and severity of the effects being dependent on the application layer protocol. The primary dependency is on the duration of the TCP connection, with a further dependency on knowledge of the network (IP) addresses of the end points of the TCP connection.<br> <br> The Border Gateway Protocol (BGP) is judged to be potentially most affected by this vulnerability.<br> <br> BGP relies on a persistent TCP session between BGP peers. Resetting the connection can result in medium term unavailability due to the need to rebuild routing tables and route flapping.&nbsp; Route flapping may result in route dampening (suppression) if the route flaps occur frequently within a short time interval.&nbsp; The overall impact on BGP is likely to be moderate based on the likelihood of successful attack. If the TCP MD5 Signature Option and anti-spoofing measures are used then the impact will be low as these measures will successfully mitigate the vulnerability.<br> <br> There is a potential impact on other application protocols such as DNS (Domain Name System) and SSL (Secure Sockets Layer) in the case of zone transfers and ecommerce transactions respectively, but the duration of the sessions is relatively short and the sessions can be restarted without medium term unavailability problems. In the case of SSL it may be difficult to guess the source IP address.<br> <br> Data injection may be possible. However, this has not been demonstrated and appears to be problematic. The reason for this is that the receiving TCP implementation checks the sequence number of the RST or SYN packet, which is a 32 bit number, giving a probability of 1/2<sup><font size="2">32</font></sup> of guessing the sequence number correctly (assuming a random distribution).<br> <br> The discoverer of the practicability of the RST attack was Paul A. Watson, who describes his research in his paper \x93Slipping In The Window: TCP Reset Attacks\x94, presented at the CanSecWest 2004 conference. In a RST/ACK packet an acknowledgement number is included in the packet, although it is not checked by the receiving TCP implementation.)<br> <br> <a href="http://www.ietf.org/rfc/rfc0793.txt">RFC 793</a>, p36, states the following:<br> <br> &quot;In all states except SYN-SENT, all reset (RST) segments are validated by checking their SEQ-fields [sequence numbers]. In the SYN-SENT state (a RST received in response to an initial SYN), the RST is acceptable if the ACK field acknowledges the SYN.&quot;<br> <br> Resets must be processed immediately. <a href="http://www.ietf.org/rfc/rfc0793.txt">RFC 793</a>, p25, says &quot;[\x85] [E]ven when the receive window is zero, a TCP must process the RST and URG fields of all incoming segments.&quot;<br> <br> It is also possible to perform the same attack with SYN (synchronise) packets. <a href="http://www.ietf.org/rfc/rfc0793.txt">RFC 793</a>, p31 states:<br> <br> \x93The principle reason for the three-way handshake is to prevent old duplicate connection initiations from causing confusion. To deal with this, a special control message, reset, has been devised. [\x85] If the TCP is in one of the synchronized states (ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, TIME-WAIT), it aborts the connection and informs its user.\x94<br> <br> TCP window sizes are negotiated in the initial 3-way handshake used to set up a TCP connection, with higher values serving to improve throughput in some circumstances. Vendor-chosen defaults also influence the selection. An attacker seeking to disrupt an existing TCP connection must supply the 4-tuple correctly. As the source port varies, additional work is generally called for on the part of the attacker. However, research (referenced below) has shown that the process of source port selection on many platforms includes predictable elements, so that the attack remains practicable. By weighting 'likely' source port values carefully, an attacker can disrupt TCP implementations that employ a range of window sizes.<br> <br> Application layer protocols that are critically affected are those that:<br> <br> <table border="0" cellpadding="4" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6"> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Depend on long lived TCP connections</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Have known or easy-to-guess IP address end points</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Have easy to an easy-to-guess source TCP port</td> </tr> </table> <p>As noted above BGP does use long lived TCP connections, and the IP addresses and source port (and destination port) are sometimes available through the use of BGP looking glasses (multi-source, multi-destination trace route tools) or DNS resource records. Using \x93trace route\x94 commands can provide information on peering point IP addresses. Thus BGP is likely to be critically affected by the TCP vulnerability.<br> <br> These denial of service attacks can be carried out by single machine, or by multiple co-operating systems (to form a distributed denial of service attack).<br> <br> It is also possible to inject packets, which will be processed if they are in the window. The difficulty with data injection attacks is that the receiving TCP implementation will reassemble the packets received according to sequence number, dropping any duplicate packets.<br> <br> <br> Vendor specific information will be released as it becomes available and if vendor permission has been received. Subscribers are advised to check the following URL regularly for updates:<br> <br> <a href="http://www.uniras.gov.uk/vuls/2004/236929/index.htm">http://www.uniras.gov.uk/vuls/2004/236929/index.htm</a><br> <br> <i>[Please note that updates to this advisory will not be notified by email.]</i><br> <br> This vulnerability has been assigned the <a href="http://cve.mitre.org/cve">CVE</a> name <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230">CAN-2004-0230</a>.<br> <br> The <a href="http://www.osvdb.org">Open Source Vulnerability Database</a> ID number for this vulnerability is <a href="http://www.osvdb.org/displayvuln.php?osvdb_id=4030">4030</a>.<br> <br> <br> <b>Mitigation</b><br> <br> The following mitigation steps are still being evaluated and may be incomplete. Customers should work with vendors for the workaround most appropriate for the product in question.<br> <br> In the absence of vendor patching of the TCP implementation, the following are general mitigating steps:<br> <br> <table border="0" cellpadding="4" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4"> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="97%">Implement IP Security (IPSEC) which will encrypt traffic at the network layer, so TCP information will not be visible</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="97%">Reduce the TCP window size (although this could increase traffic loss and subsequent retransmission)</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="97%">Do not publish TCP source port information</td> </tr> </table> <p>It should be noted that IPSEC provides confidentiality and authentication services at the network layer, and can provide a measure of trust in the authenticity of the end points as well as encryption of traffic between the end points.&nbsp; However, in the context of the current attack IPSEC will reject RST and SYN packets that are not part of a secure IP packet stream.<br> <br> To change the TCP window size, in some Unix variants you can set a value of the default TCP windows size by using the \x93sysctl\x94 program (\x93ndd -set\x94 in the case of Sun Solaris). In the case of Microsoft Windows NT/2000/XP/2003, the default window size can be changed by modifying the value of the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters key. As noted above, great care should be exercised when altering the default TCP window size as network performance could be adversely affected.<br> <br> In the case of BGP, the following may counter the problem:<br> <br> <table border="0" cellpadding="4" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber5"> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Implement ingress and egress filtering to check that the traffic entering or leaving the network has a source IP address that is expected on the router/firewall interface that receives the traffic</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Implement the TCP MD5 Signature Option to checksum the TCP packet carrying the BGP application data (see <a href="http://www.ietf.org/rfc/rfc2385.txt">RFC 2385</a>), being careful to set and maintain strong (i.e. difficult to guess) passwords to which the MD5 checksum is applied.&nbsp; Also see <a href="http://www.ietf.org/rfc/rfc3562.txt">RFC 3562</a> which discusses the security requirements of this keying material.</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="96%">Limit the amount of information available through looking glasses and DNS resource records, being careful not to expose TCP port information unnecessarily</td> </tr> </table> <p> The IETF ingress filtering standard is defined in <a href="http://www.ietf.org/rfc/rfc2827.txt">RFC 2827</a>. A discussion of egress filtering can be found at <a href="http://www.sans.org/y2k/egress.htm">http://www.sans.org/y2k/egress.htm</a>.<br> <br> The use of the TCP MD5 Signature Option will prevent the exploitation of this vulnerability. Router customers should implement this on all BGP peering points if it is supported by the router, upgrading the router firmware if necessary.<br> <br> <br> <b>Solution</b><br> <br> Please refer to the Vendor Information section of this advisory for implementation specific remediation.<br> <br> Some vendors will have reduced the likelihood of successful denial of service by amending the TCP implementation to issue a further acknowledgment packet challenge for RST and SYN packets that do not have exactly the expected sequence number.<br> <br> <a href="http://www.ietf.org">The Internet Engineering Task Force</a> (IETF) has published an Internet Draft to co-incide with the release of this advisory.&nbsp; The text of this draft is available from the IETF web site:<br> <a href="http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt">http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt</a><br> <br> NISCC has produced best practice guidelines for BGP available at<br> <a href="http://www.niscc.gov.uk/BGP%20Filtering%20Guide.pdf">http://www.niscc.gov.uk/BGP Filtering Guide.pdf</a><br> <br> Secure configuration templates for BGP implementations on Cisco IOS and Juniper JUNOS can be found at:<br> <br> <table border="0" cellpadding="4" cellspacing="1" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2"> <tr> <td width="3%">\x95 </td> <td width="11%">Cisco </td> <td width="99%"><a href="http://www.cymru.com/Documents/secure-bgp-template.html">http://www.cymru.com/Documents/secure-bgp-template.html </a></td> </tr> <tr> <td width="3%">\x95 </td> <td width="11%">Juniper </td> <td width="99%"> <a href="http://www.qorbit.net/documents/junos-bgp-template.pdf">http://www.qorbit.net/documents/junos-bgp-template.pdf </a> </td> </tr> </table> <p> Guidance on tuning of the IP stack for a number of different UNIX operating systems is available at <a href="http://www.cymru.com/Documents/ip-stack-tuning.html">http://www.cymru.com/Documents/ip-stack-tuning.html </a> <br> <br> <br> <B>Vendor Information</B> <br> <br> The following vendors have provided information about how their products are affected by these vulnerabilities.<br> <br> <i><font size="2">Please note that <a href="http://www.jpcert.or.jp">JPCERT/CC</a> have released a Japanese language advisory for this vulnerability which contains additional information regarding Japanese vendors. This advisory is available at <a href="http://www.jpcert.or.jp/at/2004/at040003.txt">http://www.jpcert.or.jp/at/2004/at040003.txt</a>.</font></i><br> <br> </p> </p> </p> <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1"> <tr> <td width="33%"><font size="2"><a href="#certicom">Certicom</a></font></td> <td width="33%"><font size="2"><a href="#iij">Internet Initiative Japan, Inc</a></font></td> <td width="34%"><font size="2"><a href="#nec">NEC</a></font></td> </tr> <tr> <td width="33%"><font size="2"><a href="#checkpoint">Check Point</a></font></td> <td width="33%"><font size="2"><a href="#interniche">InterNiche</a></font></td> <td width="34%"><font size="2"><a href="#nortel">Nortel</a></font></td> </tr> <tr> <td width="33%"><font size="2"><a href="#cisco">Cisco</a></font></td> <td width="33%"><font size="2"><a href="#juniper">Juniper Networks</a></font></td> <td width="34%"><font size="2"><a href="#polycom">Polycom</a></font></td> </tr> <tr> <td width="33%"><font size="2"><a href="#cray">Cray Inc</a></font></td> <td width="33%"><font size="2"><a href="#lucent">Lucent Technologies</a></font></td> <td width="34%"><font size="2"><a href="#seccomp">Secure Computing Corporation</a></font></td> </tr> <tr> <td width="33%"><font size="2"><a href="#hitachi">Hitachi</a></font></td> <td width="33%"><font size="2"><a href="#mitel">Mitel Networks</a></font></td> <td width="34%"><font size="2"><a href="#yamaha">Yamaha</a></font></td> </tr> <tr> <td width="33%"><font size="2"><a href="#innovaphone">Innovaphone</a></font></td> <td width="33%"><font size="2"><a href="#mrlg">MRLG</a></font></td> <td width="34%">&nbsp;</td> </tr> </table> </p> <br> <table border="0" width="100%" cellpadding="8" cellspacing="0"> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <u><a name="certicom"></a>Certicom</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe"> &nbsp;</td> <td width="97%" bgcolor="#FFFFbe"> Certicom has examined the National Infrastructure Security Coordination Centre (NISCC) advisory and determined it is not vulnerable.<br> <br>Certicom Developer Toolkits for SSL (SSL Plus, SSL Plus for Java, Security Builder SSL-C and Security Builder SSL-J) do not provide a TCP/IP transport mechanism, but rather utilize the supported operating system's TCP/IP stack. The vulnerability is against the TCP/IP stack itself, and not directly against the functionality offered by Certicom toolkits. Therefore, there is no patch or workaround that can be implemented within Certicom products. The patch or workaround must be provided by the operating system vendor.<br> <br> Customers are urged to contact their operating system vendors to determine if they have provided a workaround to this advisory. If you have any further questions please do not hesitate to contact <a href="mailto:support@certicom.com">support@certicom.com</a>.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"><u><a name="checkpoint"></a> Check Point</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf">&nbsp;</td> <td width="97%" bgcolor="#FFFFaf">The latest release for VPN-1/FireWall-1 (R55 HFA-03) contains a protection against this vulnerability.&nbsp; The protection applies to both the firewall device and to hosts behind the firewall.<br> <br> Please refer to the Check Point web site for further information at:<br> <a HREF="http://www.checkpoint.com/techsupport/alerts/tcp_dos.html"> http://www.checkpoint.com/techsupport/alerts/tcp_dos.html</a>.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <u><a name="cisco"></a>Cisco</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe"> &nbsp;</td> <td width="97%" bgcolor="#FFFFbe"> Cisco Systems is addressing the vulnerabilities identified by NISCC Vulnerability Advisory 236929 across its entire product line.&nbsp; Cisco has released two related advisories:<br> <br> TCP Vulnerabilities in Multiple IOS-Based Cisco Products<br> <a href="http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml">http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml</a><br> <br> TCP Vulnerabilities in Multiple Non-IOS Cisco Products<br> <a href="http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml">http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml</a></td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <u><a name="cray"></a>Cray Inc</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf">&nbsp;</td> <td width="97%" bgcolor="#FFFFaf">Cray Inc. is vulnerable on their UNICOS, UNICOS/mk and UNICOS/mp systems.&nbsp; Spr's have been opened to track this issue.&nbsp; Please contact your local Cray Service Representative for more information.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <u><a name="hitachi"></a>Hitachi</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe"> &nbsp;</td> <td width="97%" bgcolor="#FFFFbe"> Hitachi is investigating the potential impact to Hitachi's products.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <u><a name="innovaphone"></a>Innovaphone</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf">&nbsp;</td> <td width="97%" bgcolor="#FFFFaf"> Not vulnerable.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <u><a name="iij"></a>Internet Initiative Japan, Inc (IIJ)</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe"> &nbsp;</td> <td width="97%" bgcolor="#FFFFbe"> IIJ will release a new firmware to fix this vulnerability.&nbsp; Details are available on their web site at <a href="http://www.seil.jp/en/ann/announce_en_20040421_01.txt"> http://www.seil.jp/en/ann/announce_en_20040421_01.txt</a>.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <u><a name="interniche"></a>InterNiche</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf">&nbsp;</td> <td width="97%" bgcolor="#FFFFaf">=== NicheStack v2.0 TCP/IP ===<br> <br> InterNiche Technologies has updated its NicheStack v2.0 TCP/IP product to handle the scenarios described in NISCC Vulnerability Notice #236929.&nbsp; The patch is available to all InterNiche customers in accordance with the terms of their current support agreements.<br> <br> More information can be found on <a href="http://www.iNiche.com">www.iNiche.com</a> or through <a href="mailto:support@iNiche.com">support@iNiche.com</a> <br><br><br> === NicheLite v2.0 TCP/IP ===<br> <br> InterNiche Technologies has updated its NicheLite v2.0 TCP/IP product to handle the scenarios described in NISCC Vulnerability Notice #236929.&nbsp; The patch is available to all InterNiche customers in accordance with the terms of their current support agreements. <br> <br> More information can be found on <a href="http://www.iNiche.com">www.iNiche.com</a> or through <a href="mailto:support@iNiche.com">support@iNiche.com</a> </td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <u><a name="juniper"></a> Juniper Networks</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe"> &nbsp;</td> <td width="97%" bgcolor="#FFFFbe"> Juniper Networks products are susceptible to this vulnerability. Customers should contact Juniper Networks Technical Assistance Center for availability and download instructions.<br> <br>Additional information is posted on our web site at <a href="https://www.juniper.net/support">https://www.juniper.net/support</a>. </td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <u><a name="lucent"></a>Lucent Technologies</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf">&nbsp;</td> <td width="97%" bgcolor="#FFFFaf">Lucent Technologies is aware of this vulnerability advisory and is investigating any potential impact to its product portfolio. As further information becomes available, Lucent will provide information directly to its customers, if appropriate.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <u><a name="mitel"></a>Mitel Networks</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe"> &nbsp;</td> <td width="97%" bgcolor="#FFFFbe"> Mitel is aware of the vulnerability and is working with the vendors of our underlying networking software to assess the impact and, if necessary, determine potential solutions. When more information becomes available, an advisory will be issued. Please contact '<a href="mailto:security@mitel.com">security@mitel.com</a>' if you have specific questions.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <u><a name="mrlg"></a>MRLG</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf">&nbsp;</td> <td width="97%" bgcolor="#FFFFaf">A new version of the Multi-Router Looking Glass tool (4.3.0) has been released.&nbsp; This includes a patch that prevents a remote user from utilising the &quot;sh ip bgp neighbors&quot; functionality.&nbsp; This new version is available from <a href="ftp://ftp.enterzone.net/looking-glass/CURRENT/"> ftp://ftp.enterzone.net/looking-glass/CURRENT/</a>. </td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <u><a name="nec"></a>NEC</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe"> &nbsp;</td> <td width="97%" bgcolor="#FFFFbe"> NEC is aware of this vulnerability and is trying to determine potential impacts on our products.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <u><a name="nortel"></a>Nortel Networks</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf">&nbsp;</td> <td width="97%" bgcolor="#FFFFaf">Nortel Networks has evaluated this issue and testing has confirmed that it is possible to successfully exploit this vulnerability. However, the preconditions for a successful exploitation require levels of access to the network that are unlikely to be achieved in a normal network operating environment; furthermore, such levels of access would enable other forms of attack with much greater impact than that achievable by exploiting this vulnerability.<br> <br> Nortel Networks is continuing to validate that this vulnerability has no serious consequences for Nortel equipment, and will update this statement periodically.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <u><a name="polycom"></a>Polycom</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe"> &nbsp;</td> <td width="97%" bgcolor="#FFFFbe"> Polycom has investigated the potential impact to our products for NISCC Advisory 236929.<br> <br> Specific product information will be provided at <a HREF="http://www.polycom.com/securitycenter"> http://www.polycom.com/securitycenter</a>.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFaf"> <u><a name="seccomp"></a>Secure Computing Corporation</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFaf">&nbsp;</td> <td width="97%" bgcolor="#FFFFaf">The Sidewinder and Sidewinder G2 firewalls offer protection against this attack at all releases. As application-layer firewalls, Sidewinder and Sidewinder G2 offer protection to systems behind the firewall as well as protecting management connections to the firewall.</td> </tr> <tr> <td width="100%" colspan="2" bgcolor="#FFFFbe"> <u><a name="yamaha"></a>Yamaha</u></td> </tr> <tr> <td width="3%" bgcolor="#FFFFbe"> &nbsp;</td> <td width="97%" bgcolor="#FFFFbe"> Pending.</td> </tr> </table> <br> <br> <b>Acknowledgements</b><br> <br> NISCC wishes to thank the following:<br> <br> <table border="0" cellpadding="6" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3"> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="197%">Steve Bellovin, Rob Thomas and Paul Watson for their contributions to this advisory.</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="197%">Cisco Systems Inc. and Juniper Networks Inc. for their help with the content of this advisory and for their support during the disclosure process.</td> </tr> <tr> <td width="3%" align="left" valign="top">\x95 </td> <td width="197%">JPCERT/CC for their assistance in co-ordinating this disclosure in Japan.</td> </tr> </table> <br> <br> <b>References</b> <br> <table border="0" cellpadding="4" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7"> <tr> <td width="2%">&nbsp;</td> <td width="98%" colspan="3"><b>Internet Engineering Task Force</b></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">RFC 793 Transmission Control Protocol</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc793.txt"> http://www.ietf.org/rfc/rfc793.txt</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">RFC 1323 TCP Extensions for High Performance</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%"><a href="http://www.ietf.org/rfc/rfc1323.txt"> http://www.ietf.org/rfc/rfc1323.txt</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">RFC 1771 A Border Gateway Protocol 4 (BGP-4)</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc1771.txt"> http://www.ietf.org/rfc/rfc1771.txt</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">RFC 2385 Protection of BGP Sessions via the TCP MD5 Signature Option</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc2385.txt"> http://www.ietf.org/rfc/rfc2385.txt</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">RFC 2827 Network Ingress Filtering</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc2827.txt"> http://www.ietf.org/rfc/rfc2827.txt</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">RFC 3562 Considerations for the TCP MD5 Signature Option</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc3562.txt"> http://www.ietf.org/rfc/rfc3562.txt</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">RFC 3682 Generalized TTL Security Mechanism</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"><a href="http://www.ietf.org/rfc/rfc3682.txt"> http://www.ietf.org/rfc/rfc3682.txt</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">Internet Draft - Transmission Control Protocol security considerations</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"> <a href="http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt"> http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="98%" colspan="3"><b>NISCC</b></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">Best Practice Guidelines - Border Gateway Protocol</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"> <a href="http://www.niscc.gov.uk/BGP%20Filtering%20Guide.pdf"> http://www.niscc.gov.uk/BGP Filtering Guide.pdf</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="98%" colspan="3"><b>Configuration and Tuning Guides</b></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">Secure BGP Template for Cisco IOS</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"> <a href="http://www.cymru.com/Documents/secure-bgp-template.html"> http://www.cymru.com/Documents/secure-bgp-template.html</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">JUNOS Secure BGP Template</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"> <a href="http://www.qorbit.net/documents/junos-bgp-template.pdf"> http://www.qorbit.net/documents/junos-bgp-template.pdf</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">UNIX IP Stack Tuning Guide</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"> <a href="http://www.cymru.com/Documents/ip-stack-tuning.html"> http://www.cymru.com/Documents/ip-stack-tuning.html</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="98%" colspan="3"><b>Other Documents</b></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">SANS discussion on egress filtering</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"><a href="http://www.sans.org/y2k/egress.htm"> http://www.sans.org/y2k/egress.htm</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="98%" colspan="3"><b>Vulnerability Databases</b></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">Common Vulnerabilities and Exposures (CVE)</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230"> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0230</a></td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="96%" colspan="2">Open Source Vulnerability Database (OSVDB)</td> </tr> <tr> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="2%">&nbsp;</td> <td width="94%"> <a href="http://www.osvdb.org/displayvuln.php?osvdb_id=4030"> http://www.osvdb.org/displayvuln.php?osvdb_id=4030</a></td> </tr> </table> <p> <br> <br> <b>Contact Information</b><br> <br> The NISCC Vulnerability Management Team can be contacted as follows:<br> </p> </p> <table border="1" width="87%" cellspacing="3" cellpadding="5"> <tr> <td width="30%" valign="top">Email</td> <td width="70%"><a href="mailto:vulteam@niscc.gov.uk">vulteam@niscc.gov.uk</a> <br><i>(Please quote the advisory reference in the subject line.)</i></td> </tr> <tr> <td width="30%" valign="top">Telephone</td> <td width="70%"> +44 (0)20 7821 1330 Extension 4511 <br><i>(Monday to Friday 08:30 - 17:00)</i></td> </tr> <tr> <td width="30%" valign="top">Fax</td> <td width="70%"> +44 (0)20 7821 1686</td> </tr> <tr> <td width="30%" valign="top">Post</td> <td width="70%"> Vulnerability Management Team<br> NISCC<br> PO Box 832<br> London<br> SW1P 1BG</td> </tr> </table> <br> We encourage those who wish to communicate via email to make use of our PGP key. This is available from <a href="http://www.uniras.gov.uk/UNIRAS.asc">http://www.uniras.gov.uk/UNIRAS.asc</a>.<br> <br> Please note that UK government protectively marked material should not be sent to the email address above.<br> <br> If you wish to be added to our email distribution list, please email your request to <a href="mailto:uniras@niscc.gov.uk">uniras@niscc.gov.uk</a>.<br> <br> <br> <b> What is NISCC?</b><br> <br> For further information regarding the UK National Infrastructure Security Co-Ordination Centre, please visit the NISCC web site at: <br> <a href="http://www.niscc.gov.uk/aboutniscc/index.htm">http://www.niscc.gov.uk/aboutniscc/index.htm</a><br> <br> Reference to any specific commercial product, process or service by trade name, trademark manufacturer or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by NISCC. The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes.<br> <br> Neither shall NISCC accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this notice.<br> <br> \xa9 2004 Crown Copyright<br> <br> Revision History<br> <br> <table border="0" width="100%"> <tr> <td width="23%"> <font size="2">April 20</font><SMALL>, 2004: </SMALL> </td> <td width="77%"> <SMALL> Initial release (1.0)</SMALL></td> </tr> <tr> <td width="23%"> <font size="2">April 21, 2004:</font></td> <td width="77%"> <font size="2">Corrected hyperlinks (1.1)</font></td> </tr> <tr> <td width="23%"> &nbsp;</td> <td width="77%"> <font size="2">Inserted impact statement for Cisco (1.1)</font></td> </tr> <tr> <td width="23%"> &nbsp;</td> <td width="77%"> <font size="2">Inserted impact statement for Mitel (1.1)</font></td> </tr> <tr> <td width="23%"> &nbsp;</td> <td width="77%"> <font size="2">Inserted MRLG patch reference (1.2)</font></td> </tr> <tr> <td width="23%"> <font size="2">April 22, 2004:</font></td> <td width="77%"> <font size="2">Revised impact statement for Certicom (1.3)</font></td> </tr> <tr> <td width="23%"> &nbsp;</td> <td width="77%"> <font size="2">Inserted impact statement for Nortel Networks (1.3)</font></td> </tr> <tr> <td width="23%"> &nbsp;</td> <td width="77%"> <font size="2">Inserted impact statement for Secure Computing Corporation (1.3)</font></td> </tr> <tr> <td width="23%"> &nbsp;</td> <td width="77%"> <font size="2">Inserted references section (1.4)</font></td> </tr> <tr> <td width="23%"> &nbsp;</td> <td width="77%"> <font size="2">Inserted impact statement for Lucent Technologies (1.4)</font></td> </tr> </table> <br> &lt;End of NISCC Vulnerability Advisory><br> </div> </body> </html>. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:19.tcp Security Advisory The FreeBSD Project Topic: Denial of Service in TCP packet processing Category: core Module: inet Announced: 2014-09-16 Credits: Jonathan Looney (Juniper SIRT) Affects: All supported versions of FreeBSD. Corrected: 2014-09-16 09:48:35UTC (stable/10, 10.1-PRERELEASE) 2014-09-16 09:48:35 UTC (stable/10, 10.1-BETA1-p1) 2014-09-16 09:50:19 UTC (releng/10.0, 10.0-RELEASE-p9) 2014-09-16 09:49:11 UTC (stable/9, 9.3-STABLE) 2014-09-16 09:50:19 UTC (releng/9.3, 9.3-RELEASE-p2) 2014-09-16 09:50:19 UTC (releng/9.2, 9.2-RELEASE-p12) 2014-09-16 09:50:19 UTC (releng/9.1, 9.1-RELEASE-p19) 2014-09-16 09:49:11 UTC (stable/8, 8.4-STABLE) 2014-09-16 09:50:19 UTC (releng/8.4, 8.4-RELEASE-p16) CVE Name: CVE-2004-0230 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://security.FreeBSD.org/>. New TCP connections are initiated using special SYN flag in a datagram. Sequencing of data is controlled by 32-bit sequence numbers, that start with a random value and are increased using modulo 2**32 arithmetic. In case one of the two port numbers is unknown, a successful attack requires less than 2**17 packets spoofed, which can be generated within less than a second on a decent connection to the Internet. Workaround It is possible to defend against these attacks with stateful traffic inspection using a firewall. This can be done by enabling pf(4) on the system and creating states for every connection. Even a default ruleset to allow all traffic would be sufficient to mitigate this issue. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch # fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch.asc # gpg --verify tcp.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in <URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the system. 3) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r271668 releng/8.4/ r271669 stable/9/ r271668 releng/9.1/ r271669 releng/9.2/ r271669 releng/9.3/ r271669 stable/10/ r271667 releng/10.0/ r271669 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII

Trust: 3.33

sources: NVD: CVE-2004-0230 // CERT/CC: VU#415294 // JVNDB: JVNDB-2004-000150 // BID: 10183 // VULHUB: VHN-8660 // VULMON: CVE-2004-0230 // PACKETSTORM: 37558 // PACKETSTORM: 33143 // PACKETSTORM: 33160 // PACKETSTORM: 33159 // PACKETSTORM: 33152 // PACKETSTORM: 128284

AFFECTED PRODUCTS

vendor:ciscomodel:catalyst csxscope:eqversion:60005.3

Trust: 2.4

vendor:oraclemodel:solarisscope:eqversion:11

Trust: 2.1

vendor:oraclemodel:solarisscope:eqversion:10

Trust: 2.1

vendor:netbsdmodel:netbsdscope:eqversion:2.0

Trust: 2.1

vendor:netbsdmodel:netbsdscope:eqversion:1.6.2

Trust: 2.1

vendor:netbsdmodel:netbsdscope:eqversion:1.6.1

Trust: 2.1

vendor:netbsdmodel:netbsdscope:eqversion:1.6

Trust: 2.1

vendor:netbsdmodel:netbsdscope:eqversion:1.5.3

Trust: 2.1

vendor:netbsdmodel:netbsdscope:eqversion:1.5.2

Trust: 2.1

vendor:netbsdmodel:netbsdscope:eqversion:1.5.1

Trust: 2.1

vendor:netbsdmodel:netbsdscope:eqversion:1.5

Trust: 2.1

vendor:xinuosmodel:unixwarescope:eqversion:7.1.1

Trust: 1.6

vendor:xinuosmodel:unixwarescope:eqversion:7.1.3

Trust: 1.6

vendor:ciscomodel:vpn concentratorscope:neversion:30002.5.2

Trust: 1.5

vendor:symantecmodel:nexland isb soho firewall appliancescope: - version: -

Trust: 1.1

vendor:ibmmodel:aixscope:eqversion:5.3

Trust: 1.1

vendor:ibmmodel:aixscope:eqversion:5.2

Trust: 1.1

vendor:ibmmodel:aixscope:eqversion:5.1

Trust: 1.1

vendor:ciscomodel:wan managerscope: - version: -

Trust: 1.1

vendor:ciscomodel:vg248 analog phone gatewayscope: - version: -

Trust: 1.1

vendor:ciscomodel:traffic directorscope: - version: -

Trust: 1.1

vendor:ciscomodel:rtmscope: - version: -

Trust: 1.1

vendor:ciscomodel:pix firewallscope:eqversion:6.3

Trust: 1.1

vendor:ciscomodel:pix firewallscope:eqversion:6.2

Trust: 1.1

vendor:ciscomodel:pix firewallscope:eqversion:6.1

Trust: 1.1

vendor:ciscomodel:pix firewallscope:eqversion:6.0

Trust: 1.1

vendor:ciscomodel:lightstreamscope:eqversion:1010

Trust: 1.1

vendor:ciscomodel:iosscope:eqversion:12.3

Trust: 1.1

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 1.1

vendor:ciscomodel:iosscope:eqversion:12.1

Trust: 1.1

vendor:ciscomodel:iosscope:eqversion:12.0

Trust: 1.1

vendor:ciscomodel:iosscope:eqversion:11.3

Trust: 1.1

vendor:ciscomodel:iosscope:eqversion:11.2

Trust: 1.1

vendor:ciscomodel:iosscope:eqversion:11.1

Trust: 1.1

vendor:ciscomodel:element management frameworkscope: - version: -

Trust: 1.1

vendor:ciscomodel:content routerscope:eqversion:4450

Trust: 1.1

vendor:ciscomodel:content routerscope:eqversion:4430

Trust: 1.1

vendor:ciscomodel:content enginescope:eqversion:560

Trust: 1.1

vendor:ciscomodel:content enginescope:eqversion:507

Trust: 1.1

vendor:ciscomodel:channel port adapterscope: - version: -

Trust: 1.1

vendor:ciscomodel:channel interface processorscope: - version: -

Trust: 1.1

vendor:ciscomodel:call managerscope: - version: -

Trust: 1.1

vendor:ciscomodel:access registrarscope: - version: -

Trust: 1.1

vendor:mcafeemodel:network data loss preventionscope:lteversion:8.6

Trust: 1.0

vendor:mcafeemodel:network data loss preventionscope:eqversion:9.2.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:*

Trust: 1.0

vendor:openpgpmodel:openpgpscope:eqversion:2.6.2

Trust: 1.0

vendor:mcafeemodel:network data loss preventionscope:eqversion:9.2.2

Trust: 1.0

vendor:xinuosmodel:openserverscope:eqversion:5.0.6

Trust: 1.0

vendor:mcafeemodel:network data loss preventionscope:eqversion:9.2.0

Trust: 1.0

vendor:xinuosmodel:openserverscope:eqversion:5.0.7

Trust: 1.0

vendor:ciscomodel:catalystscope:eqversion:60006.1

Trust: 0.9

vendor:ciscomodel:catalystscope:eqversion:60005.5

Trust: 0.9

vendor:ciscomodel:catalystscope:eqversion:50006.1

Trust: 0.9

vendor:ciscomodel:catalystscope:eqversion:40006.1

Trust: 0.9

vendor:ciscomodel:catalystscope:eqversion:40005.1

Trust: 0.9

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:nortelmodel: - scope: - version: -

Trust: 0.8

vendor:redbackmodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel:ciscoworks voice managerscope: - version: -

Trust: 0.8

vendor:internet initiativemodel:seil/turboscope:ltversion:ver.1.19 earlier firmware

Trust: 0.8

vendor:ciscomodel:firewall services modulescope:eqversion:cisco 7600 for series )

Trust: 0.8

vendor:ciscomodel:systems parallel channel port adapterscope: - version: -

Trust: 0.8

vendor:internet initiativemodel:seil/neuscope:ltversion:t1 ver.1.90 earlier ver.1.x firmware

Trust: 0.8

vendor:hitachimodel:sanrisescope:eqversion:9500v series

Trust: 0.8

vendor:ciscomodel:catalyst 2900 seriesscope:eqversion:2948g-ge-tx

Trust: 0.8

vendor:symantecmodel:gateway security 300 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:ws-x6624-fxsscope: - version: -

Trust: 0.8

vendor:ciscomodel:mgx 8230 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:ons 15500 seriesscope:eqversion:ons 15531/15532 t31

Trust: 0.8

vendor:symantecmodel:enterprise firewallscope:eqversion:7.0

Trust: 0.8

vendor:fujitsumodel:interstage application serverscope:eqversion:5.0/5.1/6.0

Trust: 0.8

vendor:symantecmodel:gateway security 400 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:content routerscope:eqversion:cr-4430-b

Trust: 0.8

vendor:ciscomodel:mgx 8250 seriesscope: - version: -

Trust: 0.8

vendor:symantecmodel:gateway security 5300 seriesscope:eqversion:v1.0

Trust: 0.8

vendor:ciscomodel:fasthub 400 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:ons 15800 series dwdm platformsscope:eqversion:ons 15800/15801/15808

Trust: 0.8

vendor:check pointmodel:provider-1scope:eqversion:ng with application intelligence (r55)

Trust: 0.8

vendor:hewlett packardmodel:hp ethertwist switchscope: - version: -

Trust: 0.8

vendor:ciscomodel:8110 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:ciscoworks for windowsscope: - version: -

Trust: 0.8

vendor:ciscomodel:microswitchscope:eqversion:1538/1548

Trust: 0.8

vendor:ciscomodel:ws-x6608-e1scope: - version: -

Trust: 0.8

vendor:ciscomodel:ons 15830scope:eqversion:t30 optical amplification system

Trust: 0.8

vendor:microsoftmodel:windows xpscope:eqversion:sp3

Trust: 0.8

vendor:microsoftmodel:windows server 2003scope: - version: -

Trust: 0.8

vendor:check pointmodel:provider-1scope:eqversion:ng fp3

Trust: 0.8

vendor:ciscomodel:switchprobescope: - version: -

Trust: 0.8

vendor:necmodel:ix3000 seriesscope: - version: -

Trust: 0.8

vendor:symantecmodel:gateway security 5400 seriesscope:eqversion:v2.x

Trust: 0.8

vendor:ciscomodel:catalyst 2800 seriesscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage security directorscope:eqversion:v5.0l10/v5.0l20/v6.0l10

Trust: 0.8

vendor:ciscomodel:bpx 8600 seriesscope:eqversion:broadb network termination unit

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r55)

Trust: 0.8

vendor:yamahamodel:rt seriesscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp procurve routing switchscope:eqversion:9300m series

Trust: 0.8

vendor:ciscomodel:ip/tvscope: - version: -

Trust: 0.8

vendor:fujitsumodel:safegatescope:eqversion:2.2.1

Trust: 0.8

vendor:ciscomodel:me1100 seriesscope: - version: -

Trust: 0.8

vendor:necmodel:ix5000 seriesscope: - version: -

Trust: 0.8

vendor:hitachimodel:gs4000scope: - version: -

Trust: 0.8

vendor:ciscomodel:ciscoworks host solution enginescope: - version: -

Trust: 0.8

vendor:ciscomodel:catalyst 3000 seriesscope: - version: -

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng fp3

Trust: 0.8

vendor:ciscomodel:catalyst 3900 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:ws-x6608-t1scope: - version: -

Trust: 0.8

vendor:hitachimodel:gr4000scope: - version: -

Trust: 0.8

vendor:check pointmodel:provider-1scope:eqversion:ng with application intelligence (r54)

Trust: 0.8

vendor:ciscomodel:ata 180 seriesscope: - version: -

Trust: 0.8

vendor:necmodel:cx3200scope: - version: -

Trust: 0.8

vendor:ciscomodel:mgx 8950 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:secure idsscope:eqversion:(netranger) ids module

Trust: 0.8

vendor:ciscomodel:ons 15400 seriesscope:eqversion:ons 15454

Trust: 0.8

vendor:ciscomodel:ons 15300 seriesscope:eqversion:ons 15327

Trust: 0.8

vendor:ciscomodel:ciscoworks wireless lan solution enginescope: - version: -

Trust: 0.8

vendor:ciscomodel:fasthub 300 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:11.0

Trust: 0.8

vendor:ciscomodel:secure user registration toolscope: - version: -

Trust: 0.8

vendor:internet initiativemodel:seil/neuscope:eqversion:2fe

Trust: 0.8

vendor:ciscomodel:content switching modulescope: - version: -

Trust: 0.8

vendor:hitachimodel:gr2000scope: - version: -

Trust: 0.8

vendor:necmodel:qx seriesscope: - version: -

Trust: 0.8

vendor:internet initiativemodel:seil/neuscope:ltversion:2fe plus ver.1.10 earlier firmware

Trust: 0.8

vendor:ciscomodel:localdirectorscope: - version: -

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r54)

Trust: 0.8

vendor:microsoftmodel:windows 9xscope:eqversion:98

Trust: 0.8

vendor:ciscomodel:ons 15831scope:eqversion:t31 dwdm system

Trust: 0.8

vendor:ciscomodel:microhubscope: - version: -

Trust: 0.8

vendor:microsoftmodel:windows 9xscope:eqversion:me

Trust: 0.8

vendor:ciscomodel:sn 5400 seriesscope: - version: -

Trust: 0.8

vendor:allied telesismodel:routerscope:eqversion:( includes products other than routers tcp all products that implement )

Trust: 0.8

vendor:internet initiativemodel:seil/neuscope:eqversion:128

Trust: 0.8

vendor:microsoftmodel:windows 2000scope: - version: -

Trust: 0.8

vendor:fujitsumodel:safegatescope:eqversion:v2.0l20a

Trust: 0.8

vendor:fujitsumodel:interstage security directorscope:eqversion:v3.0l20/v4.0l10/v4.0l20

Trust: 0.8

vendor:ciscomodel:catalyst 1900 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:ciscoworks device fault managerscope: - version: -

Trust: 0.8

vendor:ciscomodel:mgx 8220 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:igx 8400 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:content enginescope:eqversion:590 7320

Trust: 0.8

vendor:ciscomodel:aironet 350 seriesscope: - version: -

Trust: 0.8

vendor:internet initiativemodel:seil/neuscope:ltversion:t1 ver.2.22 earlier ver.2.x firmware

Trust: 0.8

vendor:ciscomodel:ons 15100 seriesscope:eqversion:ons 15190/15194

Trust: 0.8

vendor:ciscomodel:internet cdn solutionscope: - version: -

Trust: 0.8

vendor:necmodel:univerge ip8800/s,/r seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:systems escon channel port adapterscope: - version: -

Trust: 0.8

vendor:symantecmodel:firewall/vpn appliancescope:eqversion:100/200/200r

Trust: 0.8

vendor:hewlett packardmodel:hp advancestack switchscope: - version: -

Trust: 0.8

vendor:ciscomodel:catalyst 4000 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:catalyst 2820 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:firewall services modulescope:eqversion:(catalyst 6500

Trust: 0.8

vendor:ciscomodel:aironet ap340 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:css 11000 seriesscope:eqversion:css 11150

Trust: 0.8

vendor:necmodel:ix5500 seriesscope: - version: -

Trust: 0.8

vendor:hitachimodel:gs3000scope: - version: -

Trust: 0.8

vendor:symantecmodel:nexland pro series firewall appliancescope: - version: -

Trust: 0.8

vendor:symantecmodel:velociraptorscope:eqversion:1.5 model 1100/1200/1300

Trust: 0.8

vendor:fujitsumodel:interstage security directorscope:eqversion:4.0/4.1

Trust: 0.8

vendor:ciscomodel:application and content networking systemscope: - version: -

Trust: 0.8

vendor:ciscomodel:secure access control server softwarescope:eqversion:for windows unix

Trust: 0.8

vendor:ciscomodel:vg248scope: - version: -

Trust: 0.8

vendor:symantecmodel:enterprise firewallscope:eqversion:8.0

Trust: 0.8

vendor:ciscomodel:catalyst 1200 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:global site selectorscope: - version: -

Trust: 0.8

vendor:ciscomodel:mds 9000 seriesscope: - version: -

Trust: 0.8

vendor:necmodel:ix2000 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:catalyst 5000 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:info centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:css 11000 seriesscope:eqversion:(arrowpoint)

Trust: 0.8

vendor:symantecmodel:enterprise firewallscope:eqversion:7.0.4

Trust: 0.8

vendor:ciscomodel:content distribution managerscope: - version: -

Trust: 0.8

vendor:ciscomodel:catalyst 6000 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:content delivery managerscope:eqversion:4630 4650

Trust: 0.8

vendor:ciscomodel:css 11500 seriesscope: - version: -

Trust: 0.8

vendor:internet initiativemodel:seil/neuscope:ltversion:atm ver.1.36 earlier firmware

Trust: 0.8

vendor:ciscomodel:css 11000 seriesscope:eqversion:css 11050

Trust: 0.8

vendor:necmodel:ix1000 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:cache enginescope:eqversion:505 570

Trust: 0.8

vendor:ciscomodel:ons 15832scope:eqversion:t31 dwdm system

Trust: 0.8

vendor:microsoftmodel:windows 9xscope:eqversion:98 scd

Trust: 0.8

vendor:ciscomodel:intelligent contact managementscope: - version: -

Trust: 0.8

vendor:ciscomodel:unityscope:eqversion:server

Trust: 0.8

vendor:ciscomodel:vpn 3000 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:css 11000 seriesscope:eqversion:css 11800

Trust: 0.8

vendor:ciscomodel:mgx 8850 seriesscope: - version: -

Trust: 0.8

vendor:hewlett packardmodel:hp procurve switchscope: - version: -

Trust: 0.8

vendor:fujitsumodel:interstage security directorscope:eqversion:v6.0l10

Trust: 0.8

vendor:hpmodel:tru64 f pk8scope:eqversion:4.0

Trust: 0.6

vendor:ciscomodel:catalystscope:eqversion:50005.1

Trust: 0.6

vendor:ciscomodel:catalystscope:eqversion:50004.5

Trust: 0.6

vendor:ciscomodel:catalystscope:eqversion:40005.5

Trust: 0.6

vendor:ciscomodel:catalystscope:eqversion:40005.2

Trust: 0.6

vendor:ciscomodel:call managerscope:eqversion:3.1

Trust: 0.6

vendor:ciscomodel:vpn concentratorscope:neversion:30003.1

Trust: 0.6

vendor:ciscomodel:vpn concentratorscope:neversion:30003.0.3

Trust: 0.6

vendor:ciscomodel:css11500 content services switch sscope:neversion:7.30

Trust: 0.6

vendor:ciscomodel:css11500 content services switch sscope:neversion:7.20

Trust: 0.6

vendor:symantecmodel:velociraptorscope:eqversion:13001.5

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:12001.5

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:11001.5

Trust: 0.3

vendor:symantecmodel:nexland pro800turbo firewall appliancescope: - version: -

Trust: 0.3

vendor:symantecmodel:nexland pro800 firewall appliancescope: - version: -

Trust: 0.3

vendor:symantecmodel:nexland pro400 firewall appliancescope: - version: -

Trust: 0.3

vendor:symantecmodel:nexland pro100 firewall appliancescope: - version: -

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:54002.0.1

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:54002.0

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:53101.0

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:53001.0

Trust: 0.3

vendor:symantecmodel:gateway security 460rscope: - version: -

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:460

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:440

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:4200

Trust: 0.3

vendor:symantecmodel:gateway security 360r buildscope:eqversion:2.1415

Trust: 0.3

vendor:symantecmodel:gateway security 360r buildscope:eqversion:2.1300

Trust: 0.3

vendor:symantecmodel:gateway security 360rscope: - version: -

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:360

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:320

Trust: 0.3

vendor:symantecmodel:firewall/vpn appliance 200rscope: - version: -

Trust: 0.3

vendor:symantecmodel:firewall/vpn appliancescope:eqversion:200

Trust: 0.3

vendor:symantecmodel:firewall/vpn appliancescope:eqversion:100

Trust: 0.3

vendor:symantecmodel:enterprise firewall solarisscope:eqversion:8.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall nt/2000scope:eqversion:8.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall solarisscope:eqversion:7.0.4

Trust: 0.3

vendor:symantecmodel:enterprise firewall nt/2000scope:eqversion:7.0.4

Trust: 0.3

vendor:symantecmodel:enterprise firewall solarisscope:eqversion:7.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall nt/2000scope:eqversion:7.0

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.25

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.24

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.23

Trust: 0.3

vendor:sgimodel:irixscope:eqversion:6.5.22

Trust: 0.3

vendor:seilmodel:turboscope:eqversion:1.18

Trust: 0.3

vendor:seilmodel:neu t1scope:eqversion:2.21

Trust: 0.3

vendor:seilmodel:neu t1scope:eqversion:1.89

Trust: 0.3

vendor:seilmodel:neu atmscope:eqversion:1.35

Trust: 0.3

vendor:seilmodel:neu 2fe plusscope:eqversion:1.9

Trust: 0.3

vendor:seilmodel:neu 2fescope:eqversion:2.21

Trust: 0.3

vendor:seilmodel:neu 2fescope:eqversion:1.89

Trust: 0.3

vendor:seilmodel:neuscope:eqversion:1282.21

Trust: 0.3

vendor:seilmodel:neuscope:eqversion:1281.89

Trust: 0.3

vendor:scomodel:unixwarescope:eqversion:7.1.3

Trust: 0.3

vendor:scomodel:unixwarescope:eqversion:7.1.1

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.7

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.6

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:5.0

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:4.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:4.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:4.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:4.0.3

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:4.0.3

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:4.0.2

Trust: 0.3

vendor:netscreenmodel:screenos r9scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r8scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r7scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r6scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r5scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r10scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:4.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r9scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r8scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r7scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r6scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r5scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r12scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r11scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r10scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos -dialscope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:4.0

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:3.1.1

Trust: 0.3

vendor:netscreenmodel:screenos r9scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r8scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r7scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r6scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r5scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r12scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r11scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r10scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:screenos r8scope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r7scope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r6scope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r5scope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r1.1scope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:3.0.3

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:3.0.2

Trust: 0.3

vendor:netscreenmodel:screenos r7scope:eqversion:3.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r6scope:eqversion:3.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r5scope:eqversion:3.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:3.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:3.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:3.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:3.0.1

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:3.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:2.10

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:2.10

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:2.8

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:2.8

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:2.7.1

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:2.7.1

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:2.7.1

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:2.7.1

Trust: 0.3

vendor:netscreenmodel:screenos r9scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r8scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r7scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r6scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r5scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r12scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r11scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r10scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:2.6

Trust: 0.3

vendor:netscreenmodel:screenos r6scope:eqversion:2.5

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:2.5

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:2.5

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:2.5

Trust: 0.3

vendor:netscreenmodel:screenos r7scope:eqversion:2.1

Trust: 0.3

vendor:netscreenmodel:screenos r6scope:eqversion:2.1

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:2.1

Trust: 0.3

vendor:netscreenmodel:screenos r8scope:eqversion:2.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:1.73

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:1.73

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:1.66

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:1.66

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:1.64

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:1.7

Trust: 0.3

vendor:netbsdmodel:betascope:eqversion:1.6

Trust: 0.3

vendor:microsoftmodel:windows xp tablet pc edition sp2scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp tablet pc edition sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp tablet pc editionscope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp professional editionscope:eqversion:x64

Trust: 0.3

vendor:microsoftmodel:windows xp professional sp2scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp professional sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp professionalscope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp media center edition sp2scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp media center edition sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp media center editionscope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp home sp2scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp home sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp homescope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp embedded sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp embeddedscope: - version: -

Trust: 0.3

vendor:microsoftmodel:windows xp 64-bit edition versionscope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows xpscope:eqversion:0

Trust: 0.3

vendor:microsoftmodel:windows server web edition sp1scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server web editionscope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server standard editionscope:eqversion:2003x64

Trust: 0.3

vendor:microsoftmodel:windows server standard edition sp1scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server standard editionscope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server enterprise editionscope:eqversion:2003x64

Trust: 0.3

vendor:microsoftmodel:windows server enterprise edition itanium sp1scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server enterprise edition itaniumscope:eqversion:20030

Trust: 0.3

vendor:microsoftmodel:windows server enterprise edition sp1scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server enterprise editionscope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server datacenter editionscope:eqversion:2003x64

Trust: 0.3

vendor:microsoftmodel:windows server datacenter edition itanium sp1scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server datacenter edition itaniumscope:eqversion:20030

Trust: 0.3

vendor:microsoftmodel:windows server datacenter edition sp1scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server datacenter editionscope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:windows server sp4scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows server sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows serverscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp4scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professional sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows professionalscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp4scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter server sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows datacenter serverscope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp4scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp2scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced server sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:windows advanced serverscope:eqversion:2000

Trust: 0.3

vendor:mcafeemodel:data loss preventionscope:eqversion:9.2.2

Trust: 0.3

vendor:mcafeemodel:data loss preventionscope:eqversion:9.2.1

Trust: 0.3

vendor:mcafeemodel:data loss preventionscope:eqversion:9.2.0

Trust: 0.3

vendor:mcafeemodel:data loss preventionscope:eqversion:8.6

Trust: 0.3

vendor:junipermodel:t-series router t640scope: - version: -

Trust: 0.3

vendor:junipermodel:t-series router t320scope: - version: -

Trust: 0.3

vendor:junipermodel:m-series router m5scope: - version: -

Trust: 0.3

vendor:junipermodel:m-series router m40escope: - version: -

Trust: 0.3

vendor:junipermodel:m-series router m40scope: - version: -

Trust: 0.3

vendor:junipermodel:m-series router m20scope: - version: -

Trust: 0.3

vendor:junipermodel:m-series router m160scope: - version: -

Trust: 0.3

vendor:junipermodel:m-series router m10scope: - version: -

Trust: 0.3

vendor:junipermodel:e-series routerscope: - version: -

Trust: 0.3

vendor:internichemodel:nichestackscope:eqversion:2.0

Trust: 0.3

vendor:internichemodel:nichelitescope:eqversion:2.0

Trust: 0.3

vendor:ietfmodel:rfc tcpscope:eqversion:793:

Trust: 0.3

vendor:ietfmodel:rfc tcp extensions for high performancescope:eqversion:1323:

Trust: 0.3

vendor:ibmmodel:aix lscope:eqversion:5.3

Trust: 0.3

vendor:ibmmodel:aix lscope:eqversion:5.2

Trust: 0.3

vendor:ibmmodel:aix lscope:eqversion:5.1

Trust: 0.3

vendor:hpmodel:tru64 b-2 pk4scope:eqversion:5.1

Trust: 0.3

vendor:hpmodel:tru64 b pk4scope:eqversion:5.1

Trust: 0.3

vendor:hpmodel:tru64 b pk3scope:eqversion:5.1

Trust: 0.3

vendor:hpmodel:tru64 a pk6scope:eqversion:5.1

Trust: 0.3

vendor:hpmodel:tru64 g pk4scope:eqversion:4.0

Trust: 0.3

vendor:hpmodel:procurve switch 9315mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 9308mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 9304mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 8000mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 5372xl j4848ascope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 5348xl j4849ascope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 5308xl j4819ascope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 5304xl j4850ascope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 4108gl-bundlescope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 4108gl j4865ascope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 4108glscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 4000m j4121ascope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 4000mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switchscope:eqversion:2525

Trust: 0.3

vendor:hpmodel:procurve switch j4813ascope:eqversion:2524

Trust: 0.3

vendor:hpmodel:procurve switchscope:eqversion:2524

Trust: 0.3

vendor:hpmodel:procurve switchscope:eqversion:2512

Trust: 0.3

vendor:hpmodel:procurve switch 2424m j4093ascope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 2424mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 2400m j4122ascope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 2400mscope: - version: -

Trust: 0.3

vendor:hpmodel:procurve switch 1600mscope: - version: -

Trust: 0.3

vendor:hpmodel:ethertwistscope: - version: -

Trust: 0.3

vendor:hpmodel:advancestack switch 800t j3245ascope: - version: -

Trust: 0.3

vendor:hpmodel:advancestack 10base-t switching hub j3210a a.03.07scope: - version: -

Trust: 0.3

vendor:hpmodel:advancestack 10base-t switching hub j3205a a.03.07scope: - version: -

Trust: 0.3

vendor:hpmodel:advancestack 10base-t switching hub j3204a a.03.07scope: - version: -

Trust: 0.3

vendor:hpmodel:advancestack 10base-t switching hub j3203a a.03.07scope: - version: -

Trust: 0.3

vendor:hpmodel:advancestack 10base-t switching hub j3202a a.03.07scope: - version: -

Trust: 0.3

vendor:hpmodel:advancestack 10base-t switching hub j3201a a.03.07scope: - version: -

Trust: 0.3

vendor:hpmodel:advancestack 10base-t switching hub j3200a a.03.07scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rc3-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rc2-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rc2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rc1-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-rcscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-prereleasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-beta3-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-beta1-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-beta1-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-beta1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.3

Trust: 0.3

vendor:freebsdmodel:9.2-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p9scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p8scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p7scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p5scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p4scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p3scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p11scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p10scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc3-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc2-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc1-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.2-rc1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:rc2scope:eqversion:9.2

Trust: 0.3

vendor:freebsdmodel:rc1scope:eqversion:9.2

Trust: 0.3

vendor:freebsdmodel:prereleasescope:eqversion:9.2

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.2-

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.2

Trust: 0.3

vendor:freebsdmodel:9.1-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p7scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p3scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p18scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p17scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p16scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p15scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p14scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p12scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p11scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p10scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-rc2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-rc1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1--relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:release-p5scope:eqversion:9.1

Trust: 0.3

vendor:freebsdmodel:release-p4scope:eqversion:9.1

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.1

Trust: 0.3

vendor:freebsdmodel:9.0-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-release-p6scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-releasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-rc3scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-rc1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0--relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.0

Trust: 0.3

vendor:freebsdmodel:8.4-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p9scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p8scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p7scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p4scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p15scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p14scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p13scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p12scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p11scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-rc2-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-rc1-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-prereleasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.4-beta1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.4

Trust: 0.3

vendor:freebsdmodel:8.3-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p8scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p6scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p16scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p15scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p14scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.3-release-p11scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.3

Trust: 0.3

vendor:freebsdmodel:8.2-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.2-release-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.2-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.2-releasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:release -p3scope:eqversion:8.2-

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.2

Trust: 0.3

vendor:freebsdmodel:8.1-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-release-p5scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-release-p4scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-releasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.1-prereleasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.1

Trust: 0.3

vendor:freebsdmodel:8.0-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.0-releasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8.0-rc1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:-release-p5scope:eqversion:8.0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.0

Trust: 0.3

vendor:freebsdmodel:8-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:8-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-release-p8scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-release-p7scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-release-p6scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-release-p5scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-release-p4scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-release-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-rc3-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-rc2-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-rc1-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.0-betascope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10

Trust: 0.3

vendor:craymodel:unicos/mpscope:eqversion:2.3

Trust: 0.3

vendor:craymodel:unicos/mpscope: - version: -

Trust: 0.3

vendor:craymodel:unicos/mkscope:eqversion:2.0.5.54

Trust: 0.3

vendor:craymodel:unicos/mkscope:eqversion:1.5.1

Trust: 0.3

vendor:craymodel:unicos/mkscope:eqversion:1.5

Trust: 0.3

vendor:craymodel:unicos maxscope:eqversion:1.3.5

Trust: 0.3

vendor:craymodel:unicos maxscope:eqversion:1.3

Trust: 0.3

vendor:craymodel:unicosscope:eqversion:9.2.4

Trust: 0.3

vendor:craymodel:unicosscope:eqversion:9.2

Trust: 0.3

vendor:craymodel:unicosscope:eqversion:9.0.2.5

Trust: 0.3

vendor:craymodel:unicosscope:eqversion:9.0

Trust: 0.3

vendor:craymodel:unicosscope:eqversion:8.3

Trust: 0.3

vendor:craymodel:unicosscope:eqversion:8.0

Trust: 0.3

vendor:craymodel:unicosscope:eqversion:7.0

Trust: 0.3

vendor:craymodel:unicosscope:eqversion:6.1

Trust: 0.3

vendor:craymodel:unicos escope:eqversion:6.0

Trust: 0.3

vendor:craymodel:unicosscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:ws-x6624scope: - version: -

Trust: 0.3

vendor:ciscomodel:ws-x6608scope: - version: -

Trust: 0.3

vendor:ciscomodel:wireless lan solution enginescope: - version: -

Trust: 0.3

vendor:ciscomodel:wireless lan solution appliancescope: - version: -

Trust: 0.3

vendor:ciscomodel:wgb340scope: - version: -

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:eqversion:5008

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:eqversion:5002

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:eqversion:5001

Trust: 0.3

vendor:ciscomodel:voice managerscope: - version: -

Trust: 0.3

vendor:ciscomodel:user registration tool vlan policy serverscope: - version: -

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:3.3

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:3.2

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:3.1

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:3.0

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.46

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.4

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.3

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.2

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.1

Trust: 0.3

vendor:ciscomodel:unity serverscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:unity serverscope: - version: -

Trust: 0.3

vendor:ciscomodel:switchprobescope:eqversion:5.1

Trust: 0.3

vendor:ciscomodel:switchprobescope:eqversion:4.7

Trust: 0.3

vendor:ciscomodel:switchprobescope:eqversion:4.6

Trust: 0.3

vendor:ciscomodel:switchprobescope:eqversion:4.5

Trust: 0.3

vendor:ciscomodel:switchprobescope:eqversion:4.2

Trust: 0.3

vendor:ciscomodel:switchprobescope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:switchprobescope:eqversion:3.1

Trust: 0.3

vendor:ciscomodel:sn5400 series storage routersscope: - version: -

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.3.2-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.3.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.2.2-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-3.2.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-2.5.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-2-3.3.2-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage router sn5428-2-3.3.1-k9scope:eqversion:5428

Trust: 0.3

vendor:ciscomodel:sn storage routerscope:eqversion:54201.1.3

Trust: 0.3

vendor:ciscomodel:sn storage routerscope:eqversion:54201.1(7)

Trust: 0.3

vendor:ciscomodel:sn storage routerscope:eqversion:54201.1(5)

Trust: 0.3

vendor:ciscomodel:sn storage routerscope:eqversion:54201.1(4)

Trust: 0.3

vendor:ciscomodel:sn storage routerscope:eqversion:54201.1(3)

Trust: 0.3

vendor:ciscomodel:sn storage routerscope:eqversion:54201.1(2)

Trust: 0.3

vendor:ciscomodel:secure pix firewallscope: - version: -

Trust: 0.3

vendor:ciscomodel:secure intrusion detection systemscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3(3.109)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3(3.102)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3(1)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2.3

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2.2.111

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2.2

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2(3.100)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2(3)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2(2)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2(1)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1.5

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1.4

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1.3

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(5)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(4)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(3)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(2)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(1)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0.4

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0.3

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0(4.101)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0(4)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0(2)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0(1)

Trust: 0.3

vendor:ciscomodel:parallel channel port adapterscope: - version: -

Trust: 0.3

vendor:ciscomodel:ons t31 submarine wdm systemscope:eqversion:15863

Trust: 0.3

vendor:ciscomodel:ons t31 dwdm systemscope:eqversion:15832

Trust: 0.3

vendor:ciscomodel:ons t31 dwdm systemscope:eqversion:15831

Trust: 0.3

vendor:ciscomodel:ons t30 optical amplification systemscope:eqversion:15830

Trust: 0.3

vendor:ciscomodel:ons dense wave division mux platformscope:eqversion:15808

Trust: 0.3

vendor:ciscomodel:ons dense wave division mux platformscope:eqversion:15801

Trust: 0.3

vendor:ciscomodel:ons dense wave division mux platformscope:eqversion:15800

Trust: 0.3

vendor:ciscomodel:ons t31 omds metro wdm systemscope:eqversion:15532

Trust: 0.3

vendor:ciscomodel:ons t31 omds metro wdm systemscope:eqversion:15531

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1(3)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1(2)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1(1)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1(0)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.1

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.0(2)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.0(1)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154544.0

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.4

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.3

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.2.0

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.1.0

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:eqversion:154543.0

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(3)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(2)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.1(0)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.0(2)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.0(1)

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153274.0

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.4

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.3

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.2

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.1

Trust: 0.3

vendor:ciscomodel:onsscope:eqversion:153273.0

Trust: 0.3

vendor:ciscomodel:ons ip transport concentratorscope:eqversion:15194

Trust: 0.3

vendor:ciscomodel:ons ip transport concentratorscope:eqversion:15190

Trust: 0.3

vendor:ciscomodel:microswitchscope:eqversion:1548

Trust: 0.3

vendor:ciscomodel:microswitchscope:eqversion:1538

Trust: 0.3

vendor:ciscomodel:microhubscope:eqversion:1500

Trust: 0.3

vendor:ciscomodel:mgx-8850 r2scope: - version: -

Trust: 0.3

vendor:ciscomodel:mgx-8850 r1scope: - version: -

Trust: 0.3

vendor:ciscomodel:mgx-8260scope: - version: -

Trust: 0.3

vendor:ciscomodel:mgx-8240scope: - version: -

Trust: 0.3

vendor:ciscomodel:mgx-8220scope: - version: -

Trust: 0.3

vendor:ciscomodel:mgx pxm1scope:eqversion:8850-1.2.11

Trust: 0.3

vendor:ciscomodel:mgx pxm1scope:eqversion:8850-1.2.10

Trust: 0.3

vendor:ciscomodel:mgxscope:eqversion:8850

Trust: 0.3

vendor:ciscomodel:mgxscope:eqversion:8830

Trust: 0.3

vendor:ciscomodel:mgxscope:eqversion:82501.2.11

Trust: 0.3

vendor:ciscomodel:mgxscope:eqversion:82501.2.10

Trust: 0.3

vendor:ciscomodel:mgxscope:eqversion:82301.2.11

Trust: 0.3

vendor:ciscomodel:mgxscope:eqversion:82301.2.10

Trust: 0.3

vendor:ciscomodel:mgxscope: - version: -

Trust: 0.3

vendor:ciscomodel:me1100scope: - version: -

Trust: 0.3

vendor:ciscomodel:mdsscope:eqversion:90002.0(0.86)

Trust: 0.3

vendor:ciscomodel:mdsscope:eqversion:90001.3(3.33)

Trust: 0.3

vendor:ciscomodel:mdsscope:eqversion:9000

Trust: 0.3

vendor:ciscomodel:local directorscope: - version: -

Trust: 0.3

vendor:ciscomodel:lightstream atm switchesscope:eqversion:100

Trust: 0.3

vendor:ciscomodel:ip/tv serverscope: - version: -

Trust: 0.3

vendor:ciscomodel:ip phonescope:eqversion:7960

Trust: 0.3

vendor:ciscomodel:ip phonescope:eqversion:7940

Trust: 0.3

vendor:ciscomodel:ip phonescope:eqversion:7905

Trust: 0.3

vendor:ciscomodel:ios 12.3xqscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xnscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xmscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xlscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xkscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xjscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xiscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xhscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xgscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xfscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xdscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xbscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3xascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3tscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3bwscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.3bscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zpscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2znscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zlscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zkscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zjscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ziscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zhscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zgscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zfscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zdscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zbscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2zascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yzscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yyscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yxscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ywscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yvscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yuscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ytscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ysscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yrscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yqscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ypscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yoscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ynscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ymscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ylscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ykscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yjscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yhscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ygscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yfscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ydscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ycscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ybscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2yascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xwscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xuscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xtscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xsscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xqscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xnscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xmscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xlscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xkscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xjscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xiscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xhscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xgscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xfscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xdscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xbscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2xascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2tscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2szscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2syscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2sxbscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2sxascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2sxscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2swscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2sescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2sscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2mcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2jascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ewscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2dxscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ddscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2cxscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2bzscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2byscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2bxscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2bwscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2bcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2bscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1yjscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1yiscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1yhscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1yfscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1yescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ydscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ycscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ybscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1yascope: - version: -

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.1xv

Trust: 0.3

vendor:ciscomodel:ios 12.1xuscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xtscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xrscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xqscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xpscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xmscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xlscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xjscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xiscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xhscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xgscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xfscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xdscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xbscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1xascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1tscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1eyscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1exscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ewscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1evscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1euscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1eoscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ecscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ebscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1eascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1escope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1dbscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1dascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1ayscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1axscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1aascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1 e2scope: - version: -

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:12.0xv

Trust: 0.3

vendor:ciscomodel:ios 12.0xuscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xsscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xrscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xqscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xpscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xnscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xmscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xlscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xkscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xjscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xiscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xhscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xgscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xdscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xbscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0xascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0wxscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0wtscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0wcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0w5scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0tscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0szscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0sxscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0stscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0slscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0sscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0dcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0dbscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.0dascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 11.2sascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 11.2pscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 11.1ccscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 11.1aascope: - version: -

Trust: 0.3

vendor:ciscomodel:internet cdn content enginescope:eqversion:7320

Trust: 0.3

vendor:ciscomodel:internet cdn content enginescope:eqversion:590

Trust: 0.3

vendor:ciscomodel:intelligent contact managerscope:eqversion:5.0

Trust: 0.3

vendor:ciscomodel:intelligent contact managerscope: - version: -

Trust: 0.3

vendor:ciscomodel:infocenterscope: - version: -

Trust: 0.3

vendor:ciscomodel:igxscope:eqversion:8400

Trust: 0.3

vendor:ciscomodel:hosting solution enginescope:eqversion:1.3

Trust: 0.3

vendor:ciscomodel:hosting solution enginescope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:gss global site selectorscope:eqversion:44900

Trust: 0.3

vendor:ciscomodel:gss global site selectorscope:eqversion:4480

Trust: 0.3

vendor:ciscomodel:fasthubscope:eqversion:4001.0

Trust: 0.3

vendor:ciscomodel:fasthubscope:eqversion:300

Trust: 0.3

vendor:ciscomodel:escon channel port adapterscope: - version: -

Trust: 0.3

vendor:ciscomodel:device fault managerscope: - version: -

Trust: 0.3

vendor:ciscomodel:css11800 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css11500 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css11150 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css11050 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css11000 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:csmscope: - version: -

Trust: 0.3

vendor:ciscomodel:cr-4430-bscope: - version: -

Trust: 0.3

vendor:ciscomodel:content routerscope:eqversion:44304.1

Trust: 0.3

vendor:ciscomodel:content routerscope:eqversion:44304.0

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:73204.1

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:73204.0

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:73203.1

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:73202.2.0

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:7320

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5904.1

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5904.0

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5903.1

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5902.2.0

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:590

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5604.1

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5604.0

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5603.1

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5602.2.0

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5074.1

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5074.0

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5073.1

Trust: 0.3

vendor:ciscomodel:content enginescope:eqversion:5072.2.0

Trust: 0.3

vendor:ciscomodel:content distribution managerscope:eqversion:4670

Trust: 0.3

vendor:ciscomodel:content distribution managerscope:eqversion:46504.1

Trust: 0.3

vendor:ciscomodel:content distribution managerscope:eqversion:46504.0

Trust: 0.3

vendor:ciscomodel:content distribution managerscope:eqversion:4650

Trust: 0.3

vendor:ciscomodel:content distribution managerscope:eqversion:46304.1

Trust: 0.3

vendor:ciscomodel:content distribution managerscope:eqversion:46304.0

Trust: 0.3

vendor:ciscomodel:content distribution managerscope:eqversion:4630

Trust: 0.3

vendor:ciscomodel:content delivery managerscope:eqversion:4650

Trust: 0.3

vendor:ciscomodel:content delivery managerscope:eqversion:4630

Trust: 0.3

vendor:ciscomodel:ciscoworks windowsscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ciscosecure acs for windows and unixscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ciscosecure acs appliancescope:eqversion:1111

Trust: 0.3

vendor:ciscomodel:catalyst series ssl services modulescope:eqversion:6500

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60007.6(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60007.5(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60007.1(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60007.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60006.3(4)

Trust: 0.3

vendor:ciscomodel:catalyst panscope:eqversion:60006.3

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60006.2(0.111)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60006.2(0.110)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60006.1(2.13)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60006.1(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.5(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.5(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.5(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.5(13)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.5(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.4.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.4(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.4(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.4(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.4(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:60005.4

Trust: 0.3

vendor:ciscomodel:catalyst ws-x6380-namscope:eqversion:60003.1

Trust: 0.3

vendor:ciscomodel:catalyst ws-svc-nam-2scope:eqversion:60003.1

Trust: 0.3

vendor:ciscomodel:catalyst ws-svc-nam-1scope:eqversion:60003.1

Trust: 0.3

vendor:ciscomodel:catalyst ws-svc-nam-2scope:eqversion:60002.2

Trust: 0.3

vendor:ciscomodel:catalyst ws-svc-nam-1scope:eqversion:60002.2

Trust: 0.3

vendor:ciscomodel:catalyst ws-x6380-namscope:eqversion:60002.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50006.3(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50006.1(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50006.1(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50006.1(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.5(7)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.5(6)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.5

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.5(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.5(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.5(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.5(13)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.5(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.4.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.4(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.4(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.4(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.4(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.2(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.2(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.2(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.2(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.2

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50005.1(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(9)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(8)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(7)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(6)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(5)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(12)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(11)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:50004.5(10)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:5000

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40007.6(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40007.5(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40007.1.2

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40007.1(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40007.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40006.3.5

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40006.3(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40006.1(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.5.5

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.5(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.5(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.5(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.5(13)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.5(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.4.1

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.4(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.4(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.4(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.4

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.2(7)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.2(6)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.2(5)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.2(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.2(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.2(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40005.1(1)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5(9)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5(8)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5(7)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5(6)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5(5)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5(4)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:40004.5(10)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:4000

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:3900

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:3000

Trust: 0.3

vendor:ciscomodel:catalyst supervisor softwarescope:eqversion:29xx2.4.401

Trust: 0.3

vendor:ciscomodel:catalyst supervisor softwarescope:eqversion:29xx2.1.1102

Trust: 0.3

vendor:ciscomodel:catalyst supervisor softwarescope:eqversion:29xx2.1.6

Trust: 0.3

vendor:ciscomodel:catalyst supervisor softwarescope:eqversion:29xx2.1.502

Trust: 0.3

vendor:ciscomodel:catalyst supervisor softwarescope:eqversion:29xx2.1.501

Trust: 0.3

vendor:ciscomodel:catalyst supervisor softwarescope:eqversion:29xx2.1.5

Trust: 0.3

vendor:ciscomodel:catalyst supervisor softwarescope:eqversion:29xx1.0

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:2950

Trust: 0.3

vendor:ciscomodel:catalyst 2948g-l3scope: - version: -

Trust: 0.3

vendor:ciscomodel:catalyst 2948g-ge-txscope: - version: -

Trust: 0.3

vendor:ciscomodel:catalyst 2948gscope: - version: -

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:2920

Trust: 0.3

vendor:ciscomodel:catalyst xlscope:eqversion:2900

Trust: 0.3

vendor:ciscomodel:catalyst lre xlscope:eqversion:2900

Trust: 0.3

vendor:ciscomodel:catalyst xuscope:eqversion:290012.0

Trust: 0.3

vendor:ciscomodel:catalyst sa6scope:eqversion:290011.2

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:29006.1(3)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:29006.1(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:29005.5(7)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:29005.5(6)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:29004.5(12)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:29004.5(11)

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:2900

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:2820

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:2800

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:1900

Trust: 0.3

vendor:ciscomodel:catalystscope:eqversion:1200

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.3(3)

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.3

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.2

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.1(2)

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:3.0

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:call managerscope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:5704.1

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:5704.0

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:5703.0

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:5702.2.0

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:570

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:5054.1

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:5054.0

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:5053.0

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:5052.2.0

Trust: 0.3

vendor:ciscomodel:cache enginescope:eqversion:505

Trust: 0.3

vendor:ciscomodel:br350scope: - version: -

Trust: 0.3

vendor:ciscomodel:br340scope: - version: -

Trust: 0.3

vendor:ciscomodel:bpx/igxscope: - version: -

Trust: 0.3

vendor:ciscomodel:bpxscope:eqversion:8600

Trust: 0.3

vendor:ciscomodel:bpxscope: - version: -

Trust: 0.3

vendor:ciscomodel:application & content networking softwarescope: - version: -

Trust: 0.3

vendor:ciscomodel:ap350scope: - version: -

Trust: 0.3

vendor:ciscomodel:ap340scope: - version: -

Trust: 0.3

vendor:ciscomodel:wan switchscope:eqversion:8950

Trust: 0.3

vendor:ciscomodel:broadband network termination unitscope:eqversion:8110

Trust: 0.3

vendor:checkmodel:point software vpn-1 vsx ng with application intelligencescope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 next generation fp2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 next generation fp1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 next generation fp0scope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp6scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp5ascope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp5scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 fp1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software secureplatform ng fp2 editionscope:eqversion:2

Trust: 0.3

vendor:checkmodel:point software secureplatform ng fp2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software secureplatform ng fp1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software secureplatform ngscope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 vsx ng with application intelligencescope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 next generation fp2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 next generation fp1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 next generation fp0scope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 gxscope:eqversion:2.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 [ vpn des ]scope:eqversion:+4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 [ vpn des strong ] sp2 buildscope:eqversion:++4.141716

Trust: 0.3

vendor:checkmodel:point software firewall-1 [ vpn des strong ] buildscope:eqversion:++4.141439

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp6scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5ascope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp8scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp7scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp6scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp4scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:3.0

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:3.1.2

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:3.1

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:3.0

Trust: 0.3

vendor:bluemodel:coat systems security gateway os sp1scope:eqversion:2.1.5001

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:2.1.10

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:2.1.9

Trust: 0.3

vendor:bluemodel:coat systems security gateway osscope:eqversion:2.0

Trust: 0.3

vendor:bluemodel:coat systems cacheos ca/sascope:eqversion:4.1.12

Trust: 0.3

vendor:bluemodel:coat systems cacheos ca/sascope:eqversion:4.1.10

Trust: 0.3

vendor:avayamodel:modular messagingscope:eqversion:3.0

Trust: 0.3

vendor:avayamodel:intuity audix r5scope:eqversion:0

Trust: 0.3

vendor:avayamodel:cms r17 r3scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r17scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r16 r6scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r16 r5scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r16scope: - version: -

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:5.0.4

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:5.0

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.15.2

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.15.1

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.15

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.14

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.13

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.12.1

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:eqversion:4.12

Trust: 0.3

vendor:mcafeemodel:network data loss preventionscope:neversion:9.3

Trust: 0.3

vendor:freebsdmodel:9.3-stablescope:neversion: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p2scope:neversion: -

Trust: 0.3

vendor:freebsdmodel:9.2-release-p12scope:neversion: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p19scope:neversion: -

Trust: 0.3

vendor:freebsdmodel:8.4-stablescope:neversion: -

Trust: 0.3

vendor:freebsdmodel:8.4-release-p16scope:neversion: -

Trust: 0.3

vendor:freebsdmodel:10.1-prereleasescope:neversion: -

Trust: 0.3

vendor:freebsdmodel:10.1-beta1-p1scope:neversion: -

Trust: 0.3

vendor:freebsdmodel:10.0-release-p9scope:neversion: -

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:3080

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:3060

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:3030

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:3015

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30054.0.1

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30054.0

Trust: 0.3

vendor:ciscomodel:vpn concentrator fscope:neversion:30053.6.7

Trust: 0.3

vendor:ciscomodel:vpn concentrator dscope:neversion:30053.6.7

Trust: 0.3

vendor:ciscomodel:vpn concentrator cscope:neversion:30053.6.7

Trust: 0.3

vendor:ciscomodel:vpn concentrator bscope:neversion:30053.6.7

Trust: 0.3

vendor:ciscomodel:vpn concentrator ascope:neversion:30053.6.7

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30053.6.7

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30053.6.5

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30053.6.3

Trust: 0.3

vendor:ciscomodel:vpn hardware clientscope:neversion:3002

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30004.0.1

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30004.0.x

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30004.0

Trust: 0.3

vendor:ciscomodel:vpn concentrator dscope:neversion:30003.6.7

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.6.7

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.6.1

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.6

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.5.5

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.5.4

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.5.3

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.5.2

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.5.1

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.5

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.1.4

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.1.2

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.1.1

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.0.4

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30003.0

Trust: 0.3

vendor:ciscomodel:vpn concentratorscope:neversion:30002.0

Trust: 0.3

vendor:ciscomodel:pix firewallscope:neversion:6.3.3(133)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:neversion:6.2.3(110)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:neversion:6.1.5(104)

Trust: 0.3

vendor:ciscomodel:ons optical transport platformscope:neversion:154544.14

Trust: 0.3

vendor:ciscomodel:onsscope:neversion:153274.14

Trust: 0.3

vendor:ciscomodel:mdsscope:neversion:90001.3

Trust: 0.3

vendor:ciscomodel:local directorscope:neversion:4.2(6)

Trust: 0.3

vendor:ciscomodel:local directorscope:neversion:4.2(5)

Trust: 0.3

vendor:ciscomodel:local directorscope:neversion:4.2(4)

Trust: 0.3

vendor:ciscomodel:local directorscope:neversion:4.2(3)

Trust: 0.3

vendor:ciscomodel:local directorscope:neversion:4.2(2)

Trust: 0.3

vendor:ciscomodel:local directorscope:neversion:4.2(1)

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:12.3(6)

Trust: 0.3

vendor:ciscomodel:ios 12.2jascope:neversion: -

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:12.2(23)

Trust: 0.3

vendor:ciscomodel:ios 12.2 sscope:neversion: -

Trust: 0.3

vendor:ciscomodel:ios 12.0 xn1scope:neversion: -

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:12.0(28)

Trust: 0.3

vendor:ciscomodel:ios 12.0 sscope:neversion: -

Trust: 0.3

vendor:ciscomodel:fwsm for cisco catalyst seriesscope:neversion:6500/76001.1(3.17)

Trust: 0.3

vendor:ciscomodel:fwsm for cisco catalyst seriesscope:neversion:6500/7600

Trust: 0.3

vendor:ciscomodel:css11500 content services switch sscope:neversion:7.10

Trust: 0.3

vendor:ciscomodel:catalyst series ssl services modulescope:neversion:65002.1(2)

Trust: 0.3

vendor:ciscomodel:catalystscope:neversion:28209.00.07

Trust: 0.3

vendor:ciscomodel:catalystscope:neversion:19009.00.07

Trust: 0.3

vendor:avayamodel:cms r17 r4scope:neversion: -

Trust: 0.3

vendor:avayamodel:cms r16.3 r7scope:neversion: -

Trust: 0.3

vendor:alienvaultmodel:alienvaultscope:neversion:5.1

Trust: 0.3

sources: CERT/CC: VU#415294 // BID: 10183 // JVNDB: JVNDB-2004-000150 // CNNVD: CNNVD-200408-159 // NVD: CVE-2004-0230

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-0230
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#415294
value: 12.90

Trust: 0.8

NVD: CVE-2004-0230
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200408-159
value: MEDIUM

Trust: 0.6

VULHUB: VHN-8660
value: MEDIUM

Trust: 0.1

VULMON: CVE-2004-0230
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2004-0230
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-8660
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#415294 // VULHUB: VHN-8660 // VULMON: CVE-2004-0230 // JVNDB: JVNDB-2004-000150 // CNNVD: CNNVD-200408-159 // NVD: CVE-2004-0230

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-0230

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 33143 // CNNVD: CNNVD-200408-159

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200408-159

CONFIGURATIONS

sources: JVNDB: JVNDB-2004-000150

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-8660 // VULMON: CVE-2004-0230

PATCH

title:TCP RFC Alerturl:http://www.checkpoint.com/services/techsupport/alerts/tcp_dos.html

Trust: 0.8

title:cisco-sa-20040420-tcp-noniosurl:http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml

Trust: 0.8

title:cisco-sa-20040420-tcp-iosurl:http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml

Trust: 0.8

title:HPSBGN01041url:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBGN01041

Trust: 0.8

title:IY62006url:http://www-1.ibm.com/support/docview.wss?uid=isg1IY62006

Trust: 0.8

title:IY55950url:http://www-1.ibm.com/support/docview.wss?uid=isg1IY55950

Trust: 0.8

title:IY55949url:http://www-1.ibm.com/support/docview.wss?uid=isg1IY55949

Trust: 0.8

title:TCP プロトコルの脆弱性による SEIL シリーズへの影響についてurl:http://www.seil.jp/ann/announce_20040421_01.txt

Trust: 0.8

title:58784url:http://www.juniper.net/support/security/alerts/niscc-236929.txt

Trust: 0.8

title:MS06-064url:http://www.microsoft.com/technet/security/bulletin/MS06-064.mspx

Trust: 0.8

title:MS05-019url:http://www.microsoft.com/technet/security/bulletin/MS05-019.mspx

Trust: 0.8

title:NV04-001url:http://www.nec.co.jp/security-info/secinfo/nv04-001.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - January 2015url:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Trust: 0.8

title:Text Form of Oracle Critical Patch Update - January 2015 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html

Trust: 0.8

title:RTシリーズのTCPに関する脆弱性についてurl:http://www.rtpro.yamaha.co.jp/RT/FAQ/TCPIP/cert-ta04-111a.html

Trust: 0.8

title:セキュリティ情報(2004年7月20日)url:http://www.hitachi.co.jp/Prod/comp/storage/diskarray/techsupport/sec_info/sec_20040423-1.html

Trust: 0.8

title:セキュリティ情報(2004年4月28日)url:http://www.hitachi.co.jp/Prod/comp/storage/diskarray/techsupport/sec_info/sec_20040423-2.html

Trust: 0.8

title:January 2015 Critical Patch Update Releasedurl:https://blogs.oracle.com/security/entry/january_2015_critical_patch_update

Trust: 0.8

title:TCPに潜在する脆弱性 (2004年10月7日)url:http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_sd_200402.html

Trust: 0.8

title:SYM05-008url:http://securityresponse.symantec.com/avcenter/security/Content/2005.05.02.html

Trust: 0.8

title:cisco-sa-20040420-tcp-noniosurl:http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20040420-tcp-nonios-j.shtml

Trust: 0.8

title:cisco-sa-20040420-tcp-iosurl:http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20040420-tcp-ios-j.shtml

Trust: 0.8

title:SYM05-008url:http://www.symantec.com/region/jp/avcenter/security/content/2005.05.02.html

Trust: 0.8

title:TCP RFCに関するAlerturl:http://www.checkpoint.co.jp/techsupport/alerts/tcp_rfc_alert.html

Trust: 0.8

title:TCP の脆弱性についてurl:http://www.allied-telesis.co.jp/support/list/faq/vuls/20040421.html

Trust: 0.8

title:「TCP プロトコルに潜在する信頼性の問題」に関する製品の対応についてurl:http://www.hitachi.co.jp/Prod/comp/Secureplaza/html/hirt/20040422.html

Trust: 0.8

title:MS06-064url:http://www.microsoft.com/japan/technet/security/bulletin/MS06-064.mspx

Trust: 0.8

title:MS05-019url:http://www.microsoft.com/japan/technet/security/bulletin/MS05-019.mspx

Trust: 0.8

title:[お知らせ] TCPに潜在する脆弱性への対応についてurl:http://software.fujitsu.com/jp/security/vulnerabilities/cert/236929_tcp.html

Trust: 0.8

title:Cisco: TCP Vulnerabilities in Multiple Non-IOS Cisco Productsurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20040420-tcp-nonios

Trust: 0.1

title:Cisco: TCP Vulnerabilities in Multiple IOS-Based Cisco Productsurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20040420-tcp-ios

Trust: 0.1

title:Fortinet Security Advisories: CVE-2004-0230 Blind Reset Attack Using the RST/SYN Biturl:https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=FG-IR-16-039

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - January 2015url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=4a692d6d60aa31507cb101702b494c51

Trust: 0.1

title:ips-assessment-reportsurl:https://github.com/gabrieljcs/ips-assessment-reports

Trust: 0.1

title:dsm_ipsurl:https://github.com/biswajitde/dsm_ips

Trust: 0.1

title:rhsecapiurl:https://github.com/RedHatOfficial/rhsecapi

Trust: 0.1

title:cve-pyliburl:https://github.com/RedHatProductSecurity/cve-pylib

Trust: 0.1

sources: VULMON: CVE-2004-0230 // JVNDB: JVNDB-2004-000150

EXTERNAL IDS

db:NVDid:CVE-2004-0230

Trust: 3.4

db:CERT/CCid:VU#415294

Trust: 2.9

db:BIDid:10183

Trust: 2.9

db:USCERTid:TA04-111A

Trust: 2.3

db:OSVDBid:4030

Trust: 2.1

db:MCAFEEid:SB10053

Trust: 1.5

db:SECUNIAid:11458

Trust: 1.2

db:SECUNIAid:11440

Trust: 1.2

db:SECUNIAid:22341

Trust: 1.2

db:JUNIPERid:JSA10638

Trust: 1.2

db:VUPENid:ADV-2006-3983

Trust: 1.2

db:XFid:15886

Trust: 0.8

db:JVNDBid:JVNDB-2004-000150

Trust: 0.8

db:CNNVDid:CNNVD-200408-159

Trust: 0.7

db:NSFOCUSid:7605

Trust: 0.6

db:AUSCERTid:ESB-2020.1795

Trust: 0.6

db:PACKETSTORMid:33159

Trust: 0.2

db:PACKETSTORMid:33152

Trust: 0.2

db:PACKETSTORMid:33160

Trust: 0.2

db:PACKETSTORMid:33143

Trust: 0.2

db:EXPLOIT-DBid:24033

Trust: 0.2

db:PACKETSTORMid:33202

Trust: 0.1

db:PACKETSTORMid:33185

Trust: 0.1

db:PACKETSTORMid:33153

Trust: 0.1

db:PACKETSTORMid:33172

Trust: 0.1

db:PACKETSTORMid:33174

Trust: 0.1

db:PACKETSTORMid:33171

Trust: 0.1

db:PACKETSTORMid:33243

Trust: 0.1

db:PACKETSTORMid:33182

Trust: 0.1

db:EXPLOIT-DBid:942

Trust: 0.1

db:EXPLOIT-DBid:276

Trust: 0.1

db:EXPLOIT-DBid:24031

Trust: 0.1

db:EXPLOIT-DBid:24032

Trust: 0.1

db:EXPLOIT-DBid:24030

Trust: 0.1

db:EXPLOIT-DBid:291

Trust: 0.1

db:SEEBUGid:SSVID-77770

Trust: 0.1

db:SEEBUGid:SSVID-77769

Trust: 0.1

db:SEEBUGid:SSVID-77768

Trust: 0.1

db:SEEBUGid:SSVID-77771

Trust: 0.1

db:SEEBUGid:SSVID-18409

Trust: 0.1

db:VULHUBid:VHN-8660

Trust: 0.1

db:VULMONid:CVE-2004-0230

Trust: 0.1

db:SECUNIAid:15263

Trust: 0.1

db:PACKETSTORMid:37558

Trust: 0.1

db:CERT/CCid:VU#498440

Trust: 0.1

db:PACKETSTORMid:128284

Trust: 0.1

sources: CERT/CC: VU#415294 // VULHUB: VHN-8660 // VULMON: CVE-2004-0230 // BID: 10183 // JVNDB: JVNDB-2004-000150 // PACKETSTORM: 37558 // PACKETSTORM: 33143 // PACKETSTORM: 33160 // PACKETSTORM: 33159 // PACKETSTORM: 33152 // PACKETSTORM: 128284 // CNNVD: CNNVD-200408-159 // NVD: CVE-2004-0230

REFERENCES

url:http://www.securityfocus.com/bid/10183

Trust: 2.6

url:http://www.us-cert.gov/cas/techalerts/ta04-111a.html

Trust: 2.3

url:http://www.kb.cert.org/vuls/id/415294

Trust: 2.1

url:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Trust: 1.5

url:http://www.uniras.gov.uk/vuls/2004/236929/index.htm

Trust: 1.5

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10053

Trust: 1.4

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0230

Trust: 1.4

url:http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml

Trust: 1.2

url:http://kb.juniper.net/jsa10638

Trust: 1.2

url:http://www.securityfocus.com/archive/1/449179/100/0/threaded

Trust: 1.2

url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019

Trust: 1.2

url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064

Trust: 1.2

url:ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2004-006.txt.asc

Trust: 1.2

url:http://www.osvdb.org/4030

Trust: 1.2

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2689

Trust: 1.2

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a270

Trust: 1.2

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a3508

Trust: 1.2

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4791

Trust: 1.2

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5711

Trust: 1.2

url:ftp://ftp.sco.com/pub/updates/unixware/scosa-2005.14/scosa-2005.14.txt

Trust: 1.2

url:ftp://ftp.sco.com/pub/updates/openserver/scosa-2005.3/scosa-2005.3.txt

Trust: 1.2

url:ftp://ftp.sco.com/pub/updates/openserver/scosa-2005.9/scosa-2005.9.txt

Trust: 1.2

url:http://secunia.com/advisories/11440

Trust: 1.2

url:http://secunia.com/advisories/11458

Trust: 1.2

url:http://secunia.com/advisories/22341

Trust: 1.2

url:ftp://patches.sgi.com/support/free/security/advisories/20040403-01-a.asc

Trust: 1.2

url:http://www.vupen.com/english/advisories/2006/3983

Trust: 1.2

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/15886

Trust: 1.2

url:http://marc.info/?l=bugtraq&m=108302060014745&w=2

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=108506952116653&w=2

Trust: 1.1

url:http://xforce.iss.net/xforce/alerts/id/170

Trust: 1.1

url:http://www.uniras.gov.uk/niscc/docs/al-20040420-00199.html?lang=en

Trust: 0.8

url:http://www.niscc.gov.uk/niscc/docs/re-20040420-00391.pdf

Trust: 0.8

url:http://www.ietf.org/rfc/rfc3562.txt

Trust: 0.8

url:http://www.ietf.org/rfc/rfc2385.txt

Trust: 0.8

url:http://www.ietf.org/rfc/rfc1323.txt

Trust: 0.8

url:http://www.osvdb.org/displayvuln.php?osvdb_id=4030

Trust: 0.8

url:http://www.ciac.org/ciac/bulletins/o-124.shtml

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0230

Trust: 0.8

url:http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20040420-00391.xml

Trust: 0.8

url:http://www.jpcert.or.jp/wr/2004/wr041702.txt

Trust: 0.8

url:http://www.jpcert.or.jp/at/2004/at040003.txt

Trust: 0.8

url:http://jvn.jp/niscc/niscc-236929/index.html

Trust: 0.8

url:http://jvn.jp/cert/jvnta04-111a/index.html

Trust: 0.8

url:http://jvn.jp/tr/trta04-111a

Trust: 0.8

url:http://www.cpni.gov.uk/docs/re-20040420-00391.pdf?lang=en

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/15886

Trust: 0.8

url:http://www.isskk.co.jp/support/techinfo/general/tcp_170.html

Trust: 0.8

url:http://www.cisco.com/en/us/products/products_security_advisory09186a008021ba2f.shtml

Trust: 0.6

url:http://www.nsfocus.net/vulndb/7605

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1795/

Trust: 0.6

url:http://support.avaya.com/elmodocs2/security/asa-2005-097_scasa-2005-14.pdf

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2004-0230

Trust: 0.4

url:http://www.seil.jp/en/ann/announce_en_20040421_01.txt

Trust: 0.3

url:http://support.avaya.com/elmodocs2/security/asa-2006-217.htm

Trust: 0.3

url:http://www-1.ibm.com/support/docview.wss?uid=isg1iy55949

Trust: 0.3

url:http://www-1.ibm.com/support/docview.wss?uid=isg1iy55950

Trust: 0.3

url:http://www-1.ibm.com/support/docview.wss?uid=isg1iy62006

Trust: 0.3

url:http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx

Trust: 0.3

url:http://www.microsoft.com/technet/security/bulletin/ms06-064.mspx

Trust: 0.3

url:http://www.bluecoat.com/support/knowledge/advisory_tcp_can-2004-0230.html

Trust: 0.3

url:http://securityresponse.symantec.com/avcenter/security/content/2005.05.02.html

Trust: 0.3

url:http://www.juniper.net/support/alert.html

Trust: 0.3

url:http://www.checkpoint.com/techsupport/alerts/tcp_dos.html

Trust: 0.3

url:https://www.freebsd.org/security/advisories/freebsd-sa-14:19.tcp.asc

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/101006870

Trust: 0.3

url:https://www.alienvault.com/forums/discussion/5706/security-advisory-alienvault-v5-1-addresses-6-vulnerabilities

Trust: 0.3

url:http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml.

Trust: 0.2

url:http://www.cisco.com/warp/public/707/

Trust: 0.2

url:http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml.

Trust: 0.2

url:http://www.cisco.com/go/psirt.

Trust: 0.2

url:http://www.cisco.com.

Trust: 0.2

url:http://www.cisco.com/warp/public/687/directory/dirtac.shtml

Trust: 0.2

url:http://marc.info/?l=bugtraq&amp;m=108302060014745&amp;w=2

Trust: 0.1

url:https://kc.mcafee.com/corporate/index?page=content&amp;id=sb10053

Trust: 0.1

url:http://marc.info/?l=bugtraq&amp;m=108506952116653&amp;w=2

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://www.rapid7.com/db/vulnerabilities/tcp-seq-num-approximation

Trust: 0.1

url:https://github.com/gabrieljcs/ips-assessment-reports

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.exploit-db.com/exploits/24033/

Trust: 0.1

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

url:http://secunia.com/advisories/11440/

Trust: 0.1

url:http://secunia.com/product/4586/

Trust: 0.1

url:http://secunia.com/secunia_vacancies/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/15263/

Trust: 0.1

url:http://www.kb.cert.org/vuls/id/415294#systems.

Trust: 0.1

url:http://www.uniras.gov.uk/vuls/2004/236929/index.htm>.

Trust: 0.1

url:http://www.kb.cert.org/vuls/id/498440)

Trust: 0.1

url:http://www.uniras.gov.uk/vuls/2004/236929/index.htm)

Trust: 0.1

url:http://www.cert.org/advisories/ca-2001-09.html>),

Trust: 0.1

url:http://www.cymru.com/>).

Trust: 0.1

url:http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm>

Trust: 0.1

url:http://www.cisco.com/en/us/products/sw/iosswrel/

Trust: 0.1

url:http://www.ietf.org/rfc/rfc0793.txt.

Trust: 0.1

url:http://www.cisco.com/en/us/products/sw/iosswrel/ps1835

Trust: 0.1

url:http://www.cisco.com/en/us/products/sw/iosswrel/ps1828/

Trust: 0.1

url:http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml,

Trust: 0.1

url:http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml,

Trust: 0.1

url:http://www.cisco.com/en/us/products/sw/iosswrel/ps1835/

Trust: 0.1

url:http://www.ietf.org/rfc/rfc0793.txt

Trust: 0.1

url:http://www.qorbit.net/documents/junos-bgp-template.pdf">http://www.qorbit.net/documents/junos-bgp-template.pdf

Trust: 0.1

url:http://www.ietf.org">the

Trust: 0.1

url:http://www.cymru.com/documents/ip-stack-tuning.html">http://www.cymru.com/documents/ip-stack-tuning.html

Trust: 0.1

url:http://www.polycom.com/securitycenter">

Trust: 0.1

url:http://www.cymru.com/documents/secure-bgp-template.html">http://www.cymru.com/documents/secure-bgp-template.html

Trust: 0.1

url:http://www.cymru.com/documents/secure-bgp-template.html">

Trust: 0.1

url:http://www.ietf.org/rfc/rfc793.txt">

Trust: 0.1

url:http://cve.mitre.org/cve">cve</a>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc2827.txt</a></td>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc3682.txt">

Trust: 0.1

url:http://www.osvdb.org">open

Trust: 0.1

url:http://www.uniras.gov.uk/vuls/2004/236929/index.htm">http://www.uniras.gov.uk/vuls/2004/236929/index.htm</a><br>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc0793.txt">rfc

Trust: 0.1

url:http://www.niscc.gov.uk/aboutniscc/index.htm">http://www.niscc.gov.uk/aboutniscc/index.htm</a><br>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc1323.txt</a></td>

Trust: 0.1

url:http://www.niscc.gov.uk/bgp%20filtering%20guide.pdf">

Trust: 0.1

url:http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt</a></td>

Trust: 0.1

url:http://www.osvdb.org/displayvuln.php?osvdb_id=4030">4030</a>.<br>

Trust: 0.1

url:http://www.qorbit.net/documents/junos-bgp-template.pdf">

Trust: 0.1

url:http://www.niscc.gov.uk/images/newtitle.gif"

Trust: 0.1

url:http://www.ietf.org/rfc/rfc1323.txt">

Trust: 0.1

url:http://www.ietf.org/rfc/rfc3562.txt</a></td>

Trust: 0.1

url:http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml">http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml</a></td>

Trust: 0.1

url:http://www.cymru.com/documents/secure-bgp-template.html</a></td>

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230">

Trust: 0.1

url:http://www.ietf.org/rfc/rfc3562.txt">

Trust: 0.1

url:http://www.sans.org/y2k/egress.htm">http://www.sans.org/y2k/egress.htm</a>.<br>

Trust: 0.1

url:http://www.sans.org/y2k/egress.htm</a></td>

Trust: 0.1

url:http://www.niscc.gov.uk/bgp

Trust: 0.1

url:http://www.ietf.org/rfc/rfc2385.txt">

Trust: 0.1

url:http://www.polycom.com/securitycenter</a>.</td>

Trust: 0.1

url:http://www.cymru.com/documents/ip-stack-tuning.html</a></td>

Trust: 0.1

url:http://www.niscc.gov.uk/bgp%20filtering%20guide.pdf">http://www.niscc.gov.uk/bgp

Trust: 0.1

url:http://www.ietf.org/rfc/rfc1771.txt">

Trust: 0.1

url:http://www.uniras.gov.uk/uniras.asc">http://www.uniras.gov.uk/uniras.asc</a>.<br>

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230</a></td>

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0230">can-2004-0230</a>.<br>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc2385.txt">rfc

Trust: 0.1

url:http://www.ietf.org/rfc/rfc2385.txt</a></td>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc1323.txt">rfc

Trust: 0.1

url:http://www.checkpoint.com/techsupport/alerts/tcp_dos.html">

Trust: 0.1

url:http://www.seil.jp/en/ann/announce_en_20040421_01.txt</a>.</td>

Trust: 0.1

url:http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt">

Trust: 0.1

url:http://www.ietf.org/rfc/rfc793.txt</a></td>

Trust: 0.1

url:http://www.jpcert.or.jp">jpcert/cc</a>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc2827.txt">

Trust: 0.1

url:http://www.ietf.org/rfc/rfc2827.txt">rfc

Trust: 0.1

url:http://www.iniche.com">www.iniche.com</a>

Trust: 0.1

url:http://www.osvdb.org/displayvuln.php?osvdb_id=4030</a></td>

Trust: 0.1

url:http://www.seil.jp/en/ann/announce_en_20040421_01.txt">

Trust: 0.1

url:http://www.qorbit.net/documents/junos-bgp-template.pdf</a></td>

Trust: 0.1

url:http://www.sans.org/y2k/egress.htm">

Trust: 0.1

url:http://www.osvdb.org/displayvuln.php?osvdb_id=4030">

Trust: 0.1

url:http://www.checkpoint.com/techsupport/alerts/tcp_dos.html</a>.</td>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc1771.txt</a></td>

Trust: 0.1

url:http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml">http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml</a><br>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc3682.txt</a></td>

Trust: 0.1

url:http://www.ietf.org/rfc/rfc3562.txt">rfc

Trust: 0.1

url:http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt">http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt</a><br>

Trust: 0.1

url:http://www.cymru.com/documents/ip-stack-tuning.html">

Trust: 0.1

url:https://www.juniper.net/support">https://www.juniper.net/support</a>.

Trust: 0.1

url:http://www.jpcert.or.jp/at/2004/at040003.txt">http://www.jpcert.or.jp/at/2004/at040003.txt</a>.</font></i><br>

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0230>

Trust: 0.1

url:http://security.freebsd.org/>.

Trust: 0.1

url:http://www.freebsd.org/handbook/kernelconfig.html>

Trust: 0.1

url:http://security.freebsd.org/patches/sa-14:19/tcp.patch

Trust: 0.1

url:http://security.freebsd.org/patches/sa-14:19/tcp.patch.asc

Trust: 0.1

url:http://security.freebsd.org/advisories/freebsd-sa-14:19.tcp.asc>

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0230

Trust: 0.1

url:http://svnweb.freebsd.org/base?view=revision&revision=nnnnnn>

Trust: 0.1

sources: CERT/CC: VU#415294 // VULHUB: VHN-8660 // VULMON: CVE-2004-0230 // BID: 10183 // JVNDB: JVNDB-2004-000150 // PACKETSTORM: 37558 // PACKETSTORM: 33143 // PACKETSTORM: 33160 // PACKETSTORM: 33159 // PACKETSTORM: 33152 // PACKETSTORM: 128284 // CNNVD: CNNVD-200408-159 // NVD: CVE-2004-0230

CREDITS

Discovery is credited to Paul A. Watson.

Trust: 0.3

sources: BID: 10183

SOURCES

db:CERT/CCid:VU#415294
db:VULHUBid:VHN-8660
db:VULMONid:CVE-2004-0230
db:BIDid:10183
db:JVNDBid:JVNDB-2004-000150
db:PACKETSTORMid:37558
db:PACKETSTORMid:33143
db:PACKETSTORMid:33160
db:PACKETSTORMid:33159
db:PACKETSTORMid:33152
db:PACKETSTORMid:128284
db:CNNVDid:CNNVD-200408-159
db:NVDid:CVE-2004-0230

LAST UPDATE DATE

2024-11-07T20:01:17.090000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#415294date:2006-05-01T00:00:00
db:VULHUBid:VHN-8660date:2018-10-19T00:00:00
db:VULMONid:CVE-2004-0230date:2018-10-19T00:00:00
db:BIDid:10183date:2015-08-12T22:24:00
db:JVNDBid:JVNDB-2004-000150date:2015-01-22T00:00:00
db:CNNVDid:CNNVD-200408-159date:2020-05-21T00:00:00
db:NVDid:CVE-2004-0230date:2018-10-19T15:30:05.173

SOURCES RELEASE DATE

db:CERT/CCid:VU#415294date:2004-04-20T00:00:00
db:VULHUBid:VHN-8660date:2004-08-18T00:00:00
db:VULMONid:CVE-2004-0230date:2004-08-18T00:00:00
db:BIDid:10183date:2004-04-20T00:00:00
db:JVNDBid:JVNDB-2004-000150date:2007-04-01T00:00:00
db:PACKETSTORMid:37558date:2005-05-29T20:22:44
db:PACKETSTORMid:33143date:2004-04-23T05:59:41
db:PACKETSTORMid:33160date:2004-04-22T07:16:00
db:PACKETSTORMid:33159date:2004-04-22T07:14:00
db:PACKETSTORMid:33152date:2004-04-22T02:04:00
db:PACKETSTORMid:128284date:2014-09-17T15:58:15
db:CNNVDid:CNNVD-200408-159date:2004-08-18T00:00:00
db:NVDid:CVE-2004-0230date:2004-08-18T04:00:00