ID

VAR-200411-0171


CVE

CVE-2004-0112


TITLE

OpenSSL does not adequately validate length of Kerberos ticket during SSL/TLS handshake

Trust: 0.8

sources: CERT/CC: VU#484726

DESCRIPTION

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. OpenSSL for, Kerberos using a cipher suite SSL/TLS When communicating, there is a flaw in not properly checking the communication data during the key exchange during handshake, and it is intentionally created. Please note that this vulnerability OpenSSL Applications and systems using the library may also be affected. For more detailed information about other systems, NISCC-224012 (JVN) , NISCC Advisory 224012 (CPNI Advisory 00389) Please also check.OpenSSL Applications that use this crash and cause a denial of service. (DoS) may become a state. OpenSSL is an open source SSL implementation used to implement high-strength encryption of network communications. It is now widely used in various network applications.  When using Kerberos ciphersuites, there is a flaw in the SSL / TLS handshake code. A remote attacker can construct a special SSL / TLS handshake and send it to a server configured with Kerberos ciphersuites. Most applications do not use Kerberos ciphersuites. It is therefore not affected by this vulnerability. For the first issue, a NULL-pointer assignment can be triggered by attackers during SSL/TLS handshake exchanges. Versions 0.9.6c to 0.9.6k (inclusive) and from 0.9.7a to 0.9.7c (inclusive) are vulnerable. The vendor has reported that this vulnerability may not be a threat to many, because it occurs only when Kerberos ciphersuites are in use, an uncommon configuration. This entry will be retired when individual BID records are created for each issue. *Note: A third denial-of-service vulnerability included in the announcement was discovered affecting 0.9.6 and fixed in 0.9.6d. Multiple security vulnerabilities are reported to affect Apple Mac OS X; updates are available. Apache is prone to five vulnerabilities ranging from buffer overflows to access validation vulnerabilities. The CVE Mitre candidate IDs CAN-2005-1344, CAN-2004-0942, CAN-2004-0885, CAN-2004-1083, and CAN-2004-1084 are assigned to these issues. Appkit is prone to three vulnerabilities. Two of these could result in arbitrary code execution, the third could permit the creation of local accounts. The CVE Mitre candidate IDs CAN-2005-2501, CAN-2005-2502, and CAN-2005-2503 are assigned to these issues. Bluetooth is prone to a vulnerability regarding authentication bypass. The CVE Mitre candidate ID CAN-2005-2504 is assigned to this issue. CoreFoundation is prone to two vulnerabilities, one resulting in a buffer overflow, the other a denial-of-service vulnerability. The CVE Mitre candidate IDs CAN-2005-2505 and CAN-2005-2506 are assigned to these issues. CUPS is prone to two vulnerabilities resulting in a denial of service until the service can be restarted. The CVE Mitre candidate IDs CAN-2005-2525 and CAN-2005-2526 are assigned to these issues. Directory Services is prone to three vulnerabilities. These issues vary from buffer overflow, unauthorized account creation and deletion, and privilege escalation. The CVE Mitre candidate IDs CAN-2005-2507, CAN-2005-2508 and CAN-2005-2519 are assigned to these issues. HItoolbox is prone to a vulnerability that could result in information disclosure. The CVE Mitre candidate ID CAN-2005-2513 is assigned to this issue. Kerberos is prone to five vulnerabilities that may result in a buffer overflow, execution of arbitrary code, and root compromise. The CVE Mitre candidate IDs CAN-2004-1189, CAN-2005-1174, CAN-2005-1175, CAN-2005-1689, and CAN-2005-2511 are assigned to these issues. loginwindow is prone to a vulnerability that could permit a user to gain access to other logged-in accounts. The CVE Mitre candidate ID CAN-2005-2509 is assigned to this issue. Mail is prone to a vulnerability regarding the loss of privacy when remote images are loaded into HTML email. The CVE Mitre candidate ID CAN-2005-2512 is assigned to this issue. MySQL is prone to three vulnerabilities that include arbitrary code execution by remote authenticated users. The CVE Mitre candidate IDs CAN-2005-0709, CAN-2005-0710, and CAN-2005-0711 are assigned to these issues. OpenSSL is prone to two vulnerabilities resulting in denial of service. The CVE Mitre candidate IDs CAN-2004-0079 and CAN-2004-0112 are assigned to these issues. ping is prone to a vulnerability that could allow local privilege escalation and arbitrary code execution. The CVE Mitre candidate ID CAN-2005-2514 is assigned to this issue. QuartzComposerScreenSaver is prone to a vulnerability that could allow users to open pages while the RSS Visualizer screen is locked. The CVE Mitre candidate ID CAN-2005-2515 is assigned to this issue. Safari is prone to two vulnerabilities that could result in arbitrary command execution or have information submitted to an incorrect site. The CVE Mitre candidate IDs CAN-2005-2516 and CAN-2005-2517 are assigned to these issues. SecurityInterface is prone to a vulnerability that could expose recently used passwords. The CVE Mitre candidate ID CAN-2005-2520 is assigned to this issue. servermgrd is prone to a buffer-overflow vulnerability that could ultimately lead to the execution of arbitrary code. The CVE Mitre candidate ID CAN-2005-2518 is assigned to this issue. servermgr_ipfilter is prone to a vulnerability regarding firewall settings not always being written to the Active Rules. The CVE Mitre candidate ID CAN-2005-2510 is assigned to this issue. SquirrelMail is prone to two vulnerabilities including a cross-site scripting issue. The CVE Mitre candidate IDs CAN-2005-1769 and CAN-2005-2095 are assigned to these issues. traceroute is prone to a vulnerability that could result in arbitrary code execution and privilege escalation. The CVE Mitre candidate ID CAN-2005-2521 is assigned to this issue. WebKit is affected by a vulnerability that could result in code execution regarding a malformed PDF file. The CVE Mitre candidate ID CAN-2005-2522 is assigned to this issue. Weblog Server is prone to multiple cross-site scripting vulnerabilities. The CVE Mitre candidate ID CAN-2005-2523 is assigned to this issue. X11 is prone to a vulnerability that could result in arbitrary code execution. The CVE Mitre candidate ID CAN-2005-0605 is assigned to this issue. zlib is prone to two denial-of-service vulnerabilities that may ultimately lead to arbitrary code execution. The CVE Mitre candidate IDs CAN-2005-2096 and CAN-2005-1849 are assigned to these issues. These vulnerabilities will be separated into individual BIDs upon further analysis of the issues. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. TITLE: Fedora update for openssl096b SECUNIA ADVISORY ID: SA17381 VERIFY ADVISORY: http://secunia.com/advisories/17381/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Fedora Core 3 http://secunia.com/product/4222/ DESCRIPTION: Fedora has issued an update for openssl096b. For more information: SA10133 SA11139 SOLUTION: Apply updated packages. Fedora Core 3: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 8d68e4b430aa7c5ca067c12866ae694e SRPMS/openssl096b-0.9.6b-21.42.src.rpm 54a9e78a2fdd625b9dc9121e09eb4398 x86_64/openssl096b-0.9.6b-21.42.x86_64.rpm c5c6174e23eba8d038889d08f49231b8 x86_64/debug/openssl096b-debuginfo-0.9.6b-21.42.x86_64.rpm 56b63fc150d0c099b2e4f0950e21005b x86_64/openssl096b-0.9.6b-21.42.i386.rpm 56b63fc150d0c099b2e4f0950e21005b i386/openssl096b-0.9.6b-21.42.i386.rpm 93195495585c7e9789041c75b1ed5380 i386/debug/openssl096b-debuginfo-0.9.6b-21.42.i386.rpm OTHER REFERENCES: SA10133: http://secunia.com/advisories/10133/ SA11139: http://secunia.com/advisories/11139/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco OpenSSL Implementation Vulnerability Revision 1.0 For Public Release 2004 March 17 at 1300 UTC (GMT) ---------------------------------------------------------------------- Contents Summary Affected Products Details Impact Software Versions and Fixes Obtaining Fixed Software Workarounds Exploitation and Public Announcements Status of This Notice: INTERIM Distribution Revision History Cisco Security Procedures ---------------------------------------------------------------------- Summary A new vulnerability in the OpenSSL implementation for SSL has been announced on March 17, 2004. An affected network device running an SSL server based on an affected OpenSSL implementation may be vulnerable to a Denial of Service (DoS) attack. There are workarounds available to mitigate the effects of this vulnerability on Cisco products in the workaround section of this advisory. Cisco is providing fixed software, and recommends that customers upgrade to it when it is available. This advisory will be posted at http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml. * Cisco IOS 12.1(11)E and later in the 12.1E release train. Only crypto images (56i and k2) are vulnerable for the Cisco 7100 and 7200 Series Routers. * Cisco IOS 12.2SY release train. Only crypto images (k8, k9 and k91) are vulnerable for the Cisco Catalyst 6500 Series and Cisco 7600 Series Routers. * Cisco PIX Firewall * Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series and Cisco 7600 Series routers * Cisco MDS 9000 Series Multilayer Switch * Cisco Content Service Switch (CSS) 11000 series * Cisco Global Site Selector (GSS) 4480 * CiscoWorks Common Services (CWCS) version 2.2 and CiscoWorks Common Management Foundation (CMF) version 2.1 * Cisco Access Registrar (CAR) The following products have their SSL implementation based on the OpenSSL code and are not affected by this vulnerability. * Cisco Secure Intrusion Detection System (NetRanger) appliance. This includes the IDS-42xx appliances, NM-CIDS and WS-SVS-IDSM2. * Cisco SN 5428 and SN 5428-2 Storage Router * Cisco CNS Configuration Engine * Cisco Network Analysis Modules (NAM) for the Cisco Catalyst 6000 and 6500 Series switches and Cisco 7600 Series routers * Cisco SIP Proxy Server (SPS) * CiscoWorks 1105 Hosting Solution Engine (HSE) * CiscoWorks 1105 Wireless LAN Solution Engine (WLSE) * Cisco Ethernet Subscriber Solution Engine (ESSE) The following products, which implement SSL, are not affected by this vulnerability. * Cisco VPN 3000 Series Concentrators CatOS does not implement SSL and is not vulnerable. This vulnerability is still being actively investigated across Cisco products and status of some products has still not been determined. Details Secure Sockets Layer (SSL), is a protocol used to encrypt the data transferred over an TCP session. SSL in Cisco products is mainly used by the HyperText Transfer Protocol Secure (HTTPS) web service for which the default TCP port is 443. The affected products, listed above, are only vulnerable if they have the HTTPS service enabled and the access to the service is not limited to trusted hosts or network management workstations. To check if the HTTPS service is enabled one can do the following: 1. Check the configuration on the device to verify the status of the HTTPS service. 2. Try to connect to the device using a standard web browser that supports SSL using a URL similar to https://ip_address_of_device/. 3. Try and connect to the default HTTPS port, TCP 443, using Telnet. telnet ip_address_of_device 443. If the session connects the service is enabled and accessible. Testing by the OpenSSL development team has uncovered a null-pointer assignment in the do_change_cipher_spec() function. This crash on many Cisco products would cause the device to reload. A third vulnerability described in the NISCC advisory is a bug in older versions of OpenSSL, versions before 0.9.6d, that can also lead to a Denial of Service attack. None of the Cisco OpenSSL implementations are known to be affected by this older OpenSSL issue. * Cisco IOS - All 12.1(11)E and later IOS software crypto (56i and k2) image releases in the 12.1E release train for the Cisco 7100 and 7200 Series Routers are affected by this vulnerability. All IOS software crypto (k8, k9, and k91) image releases in the 12.2SY release train for the Cisco Catalyst 6500 Series and Cisco 7600 Series Routers are affected by this vulnerability. The SSH implementation in IOS is not dependent on any OpenSSL code. SSH implementations in IOS do not handle certificates, yet, and therefore do not use any SSL code for SSH. OpenSSL in 12.1E and 12.2SY release trains is only used for providing the HTTPS and VPN Device Manager (VDM) services. This vulnerability is documented in the Cisco Bug Toolkit (registered customers only) as Bug ID CSCee00041. The HTTPS web service, that uses the OpenSSL code, on the device is disabled by default. The no ip http secure-server command may be used to disable the HTTPS web service on the device, if required. The SSH and IPSec services in IOS are not vulnerable to this vulnerability. * Cisco PIX Firewall - PIX 6.x releases are affected by this vulnerability. PIX 5.x releases do not contain any SSL code and are not vulnerable. This vulnerability is documented in the Cisco Bug Toolkit (registered customers only) as Bug ID CSCed90672. * Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series and Cisco 7600 Series routers - This vulnerability is documented in the Cisco Bug Toolkit (registered customers only) as Bug ID CSCee02055. * Cisco MDS 9000 Series Multilayer Switches - This vulnerability is documented in the Cisco Bug Toolkit (registered customers only) as Bug ID CSCed96246. * Cisco Content Service Switch (CSS) 11000 series - WebNS version 6.x and 7.x are affected by this vulnerability. This vulnerability is documented in the Cisco Bug Toolkit (registered customers only) as Bug ID CSCee01234 for SCM and is documented in the Cisco Bug Toolkit (registered customers only) as Bug ID CSCee01240 for the SSL module. * Cisco Global Site Selector (GSS) 4480 - This vulnerability is documented in the Cisco Bug Toolkit (registered customers only) as Bug ID CSCee01057. * CiscoWorks Common Services (CWCS) version 2.2 and CiscoWorks Common Management Foundation (CMF) version 2.1 - This vulnerability is documented in the Cisco Bug Toolkit (registered customers only) as Bug ID CSCsa13748. * Cisco Access Registrar (CAR) - This vulnerability is documented in the Cisco Bug Toolkit (registered customers only) as Bug ID CSCee01956. The Internetworking Terms and Cisco Systems Acronyms online guides can be found at http://www.cisco.com/univercd/cc/td/doc/cisintwk/. Impact An affected network device running an SSL server based on the OpenSSL implementation may be vulnerable to a Denial of Service (DoS) attack. Software Versions and Fixes * Cisco IOS - +----------------------------------------+ |Release| Fixed Releases |Availability | | Train | | | |-------+------------------+-------------| |12.2SY |12.2(14)SY4 |March 25 | |-------+------------------+-------------| | |12.1(13)E14 |April 8 | |12.1E |12.1.(19)E7 |April 8 | | |12.1(20)E3 |April 26 | +----------------------------------------+ * Cisco PIX Firewall - The vulnerability is fixed in software releases 6.0(4)102, 6.1(5)102, 6.2(3)107, and 6.3(3)124. These engineering builds may be obtained by contacting the Cisco Technical Assistance Center (TAC). TAC Contact information is given in the Obtaining Fixed Software section below. * Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series and Cisco 7600 Series routers - The vulnerability is fixed in software release 1.1.3(14) which will be available by Monday, 22 of March, 2004. This engineering builds may be obtained by contacting the Cisco Technical Assistance Center (TAC). TAC Contact information is given in the Obtaining Fixed Software section below. * Cisco MDS 9000 Series Multilayer Switches - No fixed software release or software availability date has been determined yet. * Cisco Content Service Switch (CSS) 11000 series -No fixed software release or software availability date has been determined yet. * Cisco Global Site Selector (GSS) 4480 - No fixed software release or software availability date has been determined yet. * CiscoWorks Common Services (CWCS) version 2.2 and CiscoWorks Common Management Foundation (CMF) version 2.1 - No fixed software release or software availability date has been determined yet. * Cisco Access Registrar (CAR) - The vulnerability is fixed in software release 3.5.0.12 which will be available by Friday, 26 of March, 2004. Obtaining Fixed Software Cisco is offering free software upgrades to address this vulnerability for all affected customers. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, Customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/public/sw-license-agreement.html, or as otherwise set forth at the Cisco Connection Online Software Center at http://www.cisco.com/public/sw-center/sw-usingswc.shtml. Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com/tacpage/sw-center. To access the software download URL, you must be a registered user and you must be logged in. Customers whose Cisco products are provided or maintained through a prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers, should contact that support organization for assistance with obtaining the software upgrade(s). Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC) using the contact information listed below. In these cases, customers are entitled to obtain a free upgrade to a later version of the same release or as indicated by the applicable corrected software version in the Software Versions and Fixes section (noted above). Cisco TAC contacts are as follows: * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com See http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including special localized telephone numbers and instructions and e-mail addresses for use in various languages. Please have your product serial number available and give the URL of this notice as evidence of your entitlement to a upgrade. Upgrades for non-contract customers must be requested through the TAC. Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software upgrades. Workarounds The Cisco PSIRT recommends that affected users upgrade to a fixed software version of code as soon as it is available. * Restrict access to the HTTPS server on the network device. Allow access to the network device only from trusted workstations by using access lists / MAC filters that are available on the affected platforms. * Disable the SSL server / service on the network device. This workaround must be weighed against the need for secure communications with the vulnerable device. Exploitation and Public Announcements The Cisco PSIRT is not aware of any malicious use of the vulnerability described in this advisory. Status of This Notice: INTERIM This is an interim advisory. Although Cisco cannot guarantee the accuracy of all statements in this advisory, all of the facts have been checked to the best of our ability. Cisco does not anticipate issuing updated versions of this advisory unless there is some material change in the facts. Should there be a significant change in the facts, Cisco may update this advisory. A stand-alone copy or paraphrase of the text of this security advisory that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution This advisory will be posted on Cisco's worldwide website at http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml . In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key having the fingerprint 8C82 5207 0CA9 ED40 1DD2 EE2A 7B31 A8CF 32B6 B590 and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-teams@first.org (includes CERT/CC) * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.netsys.com * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History +------------------------------------------+ |Revision 1.0|2004-March-17|Initial | | | |release. | +------------------------------------------+ Cisco Security Procedures Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/warp/public/707/sec_incident_response.shtml. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt. This advisory is copyright 2004 by Cisco Systems, Inc. This advisory may be redistributed freely after the release date given at the top of the text, provided that redistributed copies are complete and unmodified, including all date and version information. ---------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Comment: PGP Signed by Sharad Ahlawat, Cisco Systems PSIRT iD8DBQFAWFvZezGozzK2tZARAqIwAKDXDMLAY6eDYyU8y1MhKZUto2SRxwCg+oid 7AhsNlLsNVSLwTRKTHSigu0= =gtba -----END PGP SIGNATURE----- . OpenSSL 0.9.7d and OpenSSL 0.9.6m are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under http://www.openssl.org/source/mirror.html): ftp://ftp.openssl.org/source/ The distribution file names are: o openssl-0.9.7d.tar.gz MD5 checksum: 1b49e90fc8a75c3a507c0a624529aca5 o openssl-0.9.6m.tar.gz [normal] MD5 checksum: 1b63bfdca1c37837dddde9f1623498f9 o openssl-engine-0.9.6m.tar.gz [engine] MD5 checksum: 4c39d2524bd466180f9077f8efddac8c The checksums were calculated using the following command: openssl md5 openssl-0.9*.tar.gz Credits ------- Patches for these issues were created by Dr Stephen Henson (steve@openssl.org) of the OpenSSL core team. The OpenSSL team would like to thank Codenomicon for supplying the TLS Test Tool which was used to discover these vulnerabilities, and Joe Orton of Red Hat for performing the majority of the testing. References ---------- http://www.codenomicon.com/testtools/tls/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0112 URL for this Security Advisory: http://www.openssl.org/news/secadv_20040317.txt

Trust: 3.87

sources: NVD: CVE-2004-0112 // CERT/CC: VU#484726 // JVNDB: JVNDB-2004-000088 // CNVD: CNVD-2004-0790 // BID: 9899 // BID: 14567 // VULHUB: VHN-8542 // PACKETSTORM: 41200 // PACKETSTORM: 41105 // PACKETSTORM: 32887 // PACKETSTORM: 32886

AFFECTED PRODUCTS

vendor:freebsdmodel:freebsdscope:eqversion:4.9

Trust: 1.9

vendor:freebsdmodel:freebsdscope:eqversion:4.8

Trust: 1.9

vendor:vmwaremodel:gsx serverscope:eqversion:2.5.1

Trust: 1.3

vendor:vmwaremodel:gsx serverscope:eqversion:2.0

Trust: 1.3

vendor:stonesoftmodel:stonebeat webclusterscope:eqversion:2.5

Trust: 1.3

vendor:stonesoftmodel:stonebeat webclusterscope:eqversion:2.0

Trust: 1.3

vendor:stonesoftmodel:stonebeat securityclusterscope:eqversion:2.5

Trust: 1.3

vendor:stonesoftmodel:stonebeat securityclusterscope:eqversion:2.0

Trust: 1.3

vendor:stonesoftmodel:serverclusterscope:eqversion:2.5.2

Trust: 1.3

vendor:stonesoftmodel:serverclusterscope:eqversion:2.5

Trust: 1.3

vendor:sgimodel:propackscope:eqversion:3.0

Trust: 1.3

vendor:sgimodel:propackscope:eqversion:2.4

Trust: 1.3

vendor:sgimodel:propackscope:eqversion:2.3

Trust: 1.3

vendor:redhatmodel:linuxscope:eqversion:8.0

Trust: 1.3

vendor:redhatmodel:linuxscope:eqversion:7.3

Trust: 1.3

vendor:redhatmodel:linuxscope:eqversion:7.2

Trust: 1.3

vendor:openbsdmodel:openbsdscope:eqversion:3.4

Trust: 1.3

vendor:openbsdmodel:openbsdscope:eqversion:3.3

Trust: 1.3

vendor:novellmodel:imanagerscope:eqversion:2.0

Trust: 1.3

vendor:novellmodel:imanagerscope:eqversion:1.5

Trust: 1.3

vendor:novellmodel:edirectoryscope:eqversion:8.7.1

Trust: 1.3

vendor:novellmodel:edirectoryscope:eqversion:8.7

Trust: 1.3

vendor:novellmodel:edirectoryscope:eqversion:8.6.2

Trust: 1.3

vendor:novellmodel:edirectoryscope:eqversion:8.5.27

Trust: 1.3

vendor:novellmodel:edirectoryscope:eqversion:8.5

Trust: 1.3

vendor:novellmodel:edirectoryscope:eqversion:8.0

Trust: 1.3

vendor:hpmodel:hp-uxscope:eqversion:11.23

Trust: 1.3

vendor:hpmodel:hp-uxscope:eqversion:11.11

Trust: 1.3

vendor:hpmodel:apache-based web serverscope:eqversion:2.0.43.04

Trust: 1.3

vendor:hpmodel:apache-based web serverscope:eqversion:2.0.43.00

Trust: 1.3

vendor:freebsdmodel:freebsdscope:eqversion:5.2

Trust: 1.3

vendor:freebsdmodel:freebsdscope:eqversion:5.1

Trust: 1.3

vendor:ciscomodel:webnsscope:eqversion:7.10

Trust: 1.3

vendor:ciscomodel:webnsscope:eqversion:6.10

Trust: 1.3

vendor:ciscomodel:secure content acceleratorscope:eqversion:10000

Trust: 1.3

vendor:ciscomodel:okena stormwatchscope:eqversion:3.2

Trust: 1.3

vendor:ciscomodel:firewall services modulescope:eqversion:1.1.3

Trust: 1.3

vendor:ciscomodel:firewall services modulescope:eqversion:1.1.2

Trust: 1.3

vendor:ciscomodel:css secure content acceleratorscope:eqversion:2.0

Trust: 1.3

vendor:ciscomodel:css secure content acceleratorscope:eqversion:1.0

Trust: 1.3

vendor:ciscomodel:ciscoworks common servicesscope:eqversion:2.2

Trust: 1.3

vendor:ciscomodel:ciscoworks common management foundationscope:eqversion:2.1

Trust: 1.3

vendor:avayamodel:sg5scope:eqversion:4.4

Trust: 1.3

vendor:avayamodel:sg5scope:eqversion:4.3

Trust: 1.3

vendor:avayamodel:sg5scope:eqversion:4.2

Trust: 1.3

vendor:avayamodel:sg208scope:eqversion:4.4

Trust: 1.3

vendor:avayamodel:sg203scope:eqversion:4.31.29

Trust: 1.3

vendor:avayamodel:sg203scope:eqversion:4.4

Trust: 1.3

vendor:avayamodel:sg200scope:eqversion:4.31.29

Trust: 1.3

vendor:avayamodel:sg200scope:eqversion:4.4

Trust: 1.3

vendor:avayamodel:converged communications serverscope:eqversion:2.0

Trust: 1.3

vendor:4dmodel:webstarscope:eqversion:5.3.1

Trust: 1.3

vendor:4dmodel:webstarscope:eqversion:5.3

Trust: 1.3

vendor:4dmodel:webstarscope:eqversion:5.2.4

Trust: 1.3

vendor:4dmodel:webstarscope:eqversion:5.2.3

Trust: 1.3

vendor:4dmodel:webstarscope:eqversion:5.2.2

Trust: 1.3

vendor:4dmodel:webstarscope:eqversion:5.2.1

Trust: 1.3

vendor:4dmodel:webstarscope:eqversion:5.2

Trust: 1.3

vendor:4dmodel:webstarscope:eqversion:4.0

Trust: 1.3

vendor:ciscomodel:webnsscope:eqversion:7.1_0.2.06

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.2sy

Trust: 1.0

vendor:avayamodel:s8300scope:eqversion:r2.0.0

Trust: 1.0

vendor:neoterismodel:instant virtual extranetscope:eqversion:3.0

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.2za

Trust: 1.0

vendor:avayamodel:s8300scope:eqversion:r2.0.1

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.1\(4\)

Trust: 1.0

vendor:hpmodel:aaa serverscope:eqversion:*

Trust: 1.0

vendor:checkpointmodel:vpn-1scope:eqversion:next_generation_fp0

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6f

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.0

Trust: 1.0

vendor:scomodel:openserverscope:eqversion:5.0.6

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.0\(1\)

Trust: 1.0

vendor:avayamodel:vsuscope:eqversion:7500_r2.0.1

Trust: 1.0

vendor:ciscomodel:threat responsescope:eqversion:*

Trust: 1.0

vendor:hpmodel:hp-uxscope:eqversion:11.00

Trust: 1.0

vendor:stonesoftmodel:stonebeat fullclusterscope:eqversion:2.5

Trust: 1.0

vendor:novellmodel:edirectoryscope:eqversion:8.5.12a

Trust: 1.0

vendor:avayamodel:s8700scope:eqversion:r2.0.0

Trust: 1.0

vendor:avayamodel:s8700scope:eqversion:r2.0.1

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.0.1

Trust: 1.0

vendor:checkpointmodel:firewall-1scope:eqversion:next_generation_fp0

Trust: 1.0

vendor:ciscomodel:webnsscope:eqversion:7.1_0.1.02

Trust: 1.0

vendor:avayamodel:intuity audixscope:eqversion:s3400

Trust: 1.0

vendor:dellmodel:bsafe ssl-jscope:eqversion:3.1

Trust: 1.0

vendor:securecomputingmodel:sidewinderscope:eqversion:5.2.1.02

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.2.1

Trust: 1.0

vendor:securecomputingmodel:sidewinderscope:eqversion:5.2.1

Trust: 1.0

vendor:vmwaremodel:gsx serverscope:eqversion:2.5.1_build_5336

Trust: 1.0

vendor:ciscomodel:webnsscope:eqversion:7.2_0.0.03

Trust: 1.0

vendor:avayamodel:s8500scope:eqversion:r2.0.0

Trust: 1.0

vendor:bluecoatmodel:proxysgscope:eqversion:*

Trust: 1.0

vendor:neoterismodel:instant virtual extranetscope:eqversion:3.3.1

Trust: 1.0

vendor:dellmodel:bsafe ssl-jscope:eqversion:3.0.1

Trust: 1.0

vendor:ciscomodel:firewall services modulescope:eqversion:1.1_\(3.005\)

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:3.0

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.0\(3\)

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.3\(2\)

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.3\(3.102\)

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:1.7.2

Trust: 1.0

vendor:checkpointmodel:vpn-1scope:eqversion:next_generation_fp1

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.2\(3.100\)

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.0.7

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:1.7.1

Trust: 1.0

vendor:avayamodel:vsuscope:eqversion:5000_r2.0.1

Trust: 1.0

vendor:symantecmodel:clientless vpn gateway 4400scope:eqversion:5.0

Trust: 1.0

vendor:avayamodel:vsuscope:eqversion:2000_r2.0.1

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.1\(2\)

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.1\(19\)e1

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:1.6.3

Trust: 1.0

vendor:avayamodel:sg208scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.0\(4\)

Trust: 1.0

vendor:securecomputingmodel:sidewinderscope:eqversion:5.2.0.03

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.3

Trust: 1.0

vendor:ciscomodel:webnsscope:eqversion:6.10_b4

Trust: 1.0

vendor:checkpointmodel:firewall-1scope:eqversion:next_generation_fp1

Trust: 1.0

vendor:checkpointmodel:vpn-1scope:eqversion:vsx_ng_with_application_intelligence

Trust: 1.0

vendor:securecomputingmodel:sidewinderscope:eqversion:5.2.0.01

Trust: 1.0

vendor:hpmodel:wbemscope:eqversion:a.02.00.01

Trust: 1.0

vendor:checkpointmodel:provider-1scope:eqversion:4.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.2\(14\)sy

Trust: 1.0

vendor:stonesoftmodel:stonebeat fullclusterscope:eqversion:1_2.0

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:1.7

Trust: 1.0

vendor:securecomputingmodel:sidewinderscope:eqversion:5.2.0.04

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.0.5

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.2\(14\)sy1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.1\(11b\)e

Trust: 1.0

vendor:vmwaremodel:gsx serverscope:eqversion:3.0_build_7592

Trust: 1.0

vendor:avayamodel:vsuscope:eqversion:500

Trust: 1.0

vendor:redhatmodel:opensslscope:eqversion:0.9.6-15

Trust: 1.0

vendor:ciscomodel:gss 4480 global site selectorscope:eqversion:*

Trust: 1.0

vendor:hpmodel:wbemscope:eqversion:a.01.05.08

Trust: 1.0

vendor:scomodel:openserverscope:eqversion:5.0.7

Trust: 1.0

vendor:checkpointmodel:firewall-1scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:css11000 content services switchscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:access registrarscope:eqversion:*

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.2

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6k

Trust: 1.0

vendor:avayamodel:vsuscope:eqversion:5

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6c

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7

Trust: 1.0

vendor:stonesoftmodel:stonebeat fullclusterscope:eqversion:2.0

Trust: 1.0

vendor:stonesoftmodel:stonebeat fullclusterscope:eqversion:3.0

Trust: 1.0

vendor:avayamodel:vsuscope:eqversion:100_r2.0.1

Trust: 1.0

vendor:bluecoatmodel:cacheos ca sascope:eqversion:4.1.10

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6d

Trust: 1.0

vendor:applemodel:mac os x serverscope:eqversion:10.3.3

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.1\(11b\)e14

Trust: 1.0

vendor:litespeedtechmodel:litespeed web serverscope:eqversion:1.0.1

Trust: 1.0

vendor:avayamodel:intuity audixscope:eqversion:s3210

Trust: 1.0

vendor:bluecoatmodel:cacheos ca sascope:eqversion:4.1.12

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.3.3

Trust: 1.0

vendor:tarantellamodel:enterprisescope:eqversion:3.40

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.2

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.0.9

Trust: 1.0

vendor:ciscomodel:firewall services modulescope:eqversion:2.1_\(0.208\)

Trust: 1.0

vendor:checkpointmodel:vpn-1scope:eqversion:next_generation_fp2

Trust: 1.0

vendor:neoterismodel:instant virtual extranetscope:eqversion:3.3

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6i

Trust: 1.0

vendor:ciscomodel:content services switch 11500scope:eqversion:*

Trust: 1.0

vendor:vmwaremodel:gsx serverscope:eqversion:2.0.1_build_2129

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7a

Trust: 1.0

vendor:dellmodel:bsafe ssl-jscope:eqversion:3.0

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.1\(5\)

Trust: 1.0

vendor:neoterismodel:instant virtual extranetscope:eqversion:3.1

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6e

Trust: 1.0

vendor:hpmodel:hp-uxscope:eqversion:8.05

Trust: 1.0

vendor:stonesoftmodel:stonebeat fullclusterscope:eqversion:1_3.0

Trust: 1.0

vendor:ciscomodel:mds 9000scope:eqversion:*

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:1.5.18

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.0\(2\)

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.1

Trust: 1.0

vendor:freebsdmodel:freebsdscope:eqversion:5.2.1

Trust: 1.0

vendor:ciscomodel:webnsscope:eqversion:7.10_.0.06s

Trust: 1.0

vendor:avayamodel:vsuscope:eqversion:5x

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6h

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.0.8

Trust: 1.0

vendor:sunmodel:crypto accelerator 4000scope:eqversion:1.0

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.1\(3\)

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.2\(2\)

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:1.6.2

Trust: 1.0

vendor:redhatmodel:opensslscope:eqversion:0.9.6b-3

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6g

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.1

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.2.4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.1\(11\)e

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.3\(1\)

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.2\(1\)

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.0\(4.101\)

Trust: 1.0

vendor:ciscomodel:call managerscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:pix firewallscope:eqversion:6.2.2_.111

Trust: 1.0

vendor:redhatmodel:opensslscope:eqversion:0.9.7a-2

Trust: 1.0

vendor:ciscomodel:gss 4490 global site selectorscope:eqversion:*

Trust: 1.0

vendor:avayamodel:vsuscope:eqversion:10000_r2.0.1

Trust: 1.0

vendor:checkpointmodel:firewall-1scope:eqversion:next_generation_fp2

Trust: 1.0

vendor:hpmodel:wbemscope:eqversion:a.02.00.00

Trust: 1.0

vendor:avayamodel:intuity audixscope:eqversion:*

Trust: 1.0

vendor:avayamodel:s8500scope:eqversion:r2.0.1

Trust: 1.0

vendor:securecomputingmodel:sidewinderscope:eqversion:5.2

Trust: 1.0

vendor:neoterismodel:instant virtual extranetscope:eqversion:3.2

Trust: 1.0

vendor:avayamodel:intuity audixscope:eqversion:5.1.46

Trust: 1.0

vendor:securecomputingmodel:sidewinderscope:eqversion:5.2.0.02

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:1.5.17

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.0.6

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:3.0

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6j

Trust: 1.0

vendor:checkpointmodel:firewall-1scope:eqversion:2.0

Trust: 1.0

vendor:ciscomodel:application and content networking softwarescope:eqversion:*

Trust: 1.0

vendor:forcepointmodel:stonegatescope:eqversion:2.0.4

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.1\(13\)e9

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7b

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7c

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:12.1\(11b\)e12

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.3\(3.109\)

Trust: 1.0

vendor:tarantellamodel:enterprisescope:eqversion:3.30

Trust: 1.0

vendor:tarantellamodel:enterprisescope:eqversion:3.20

Trust: 1.0

vendor:ciscomodel:firewall services modulescope:eqversion:*

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.2\(3\)

Trust: 1.0

vendor:ciscomodel:pix firewall softwarescope:eqversion:6.1\(1\)

Trust: 1.0

vendor:apple computermodel: - scope: - version: -

Trust: 0.8

vendor:opensslmodel: - scope: - version: -

Trust: 0.8

vendor:富士通model:netwatcherscope: - version: -

Trust: 0.8

vendor:ターボリナックスmodel:turbolinux appliance serverscope: - version: -

Trust: 0.8

vendor:レッドハットmodel:red hat enterprise linuxscope: - version: -

Trust: 0.8

vendor:ヒューレット パッカードmodel:hp-ux apache-based web serverscope: - version: -

Trust: 0.8

vendor:ヒューレット パッカードmodel:hp-uxscope: - version: -

Trust: 0.8

vendor:トレンドマイクロmodel:trendmicro interscan viruswallscope: - version: -

Trust: 0.8

vendor:チェック ポイント ソフトウェア テクノロジーズmodel:provider-1scope: - version: -

Trust: 0.8

vendor:富士通model:primergy sslacceleratorscope:eqversion:7115

Trust: 0.8

vendor:ヒューレット パッカードmodel:hp wbem servicesscope: - version: -

Trust: 0.8

vendor:ターボリナックスmodel:turbolinux serverscope: - version: -

Trust: 0.8

vendor:レッドハットmodel:red hat enterprise linux desktopscope: - version: -

Trust: 0.8

vendor:富士通model:netshelterシリーズscope: - version: -

Trust: 0.8

vendor:サン マイクロシステムズmodel:sun cobalt raq4scope: - version: -

Trust: 0.8

vendor:富士通model:primergy sslacceleratorscope:eqversion:7117

Trust: 0.8

vendor:netbsdmodel:netbsdscope: - version: -

Trust: 0.8

vendor:vine linuxmodel:vine linuxscope: - version: -

Trust: 0.8

vendor:サイバートラスト株式会社model:asianux serverscope: - version: -

Trust: 0.8

vendor:レッドハットmodel:red hat linuxscope: - version: -

Trust: 0.8

vendor:サン マイクロシステムズmodel:sun crypto acceleratorscope: - version: -

Trust: 0.8

vendor:ターボリナックスmodel:turbolinux desktopscope: - version: -

Trust: 0.8

vendor:富士通model:ipcomシリーズscope: - version: -

Trust: 0.8

vendor:チェック ポイント ソフトウェア テクノロジーズmodel:firewall-1 gxscope: - version: -

Trust: 0.8

vendor:opensslmodel:opensslscope: - version: -

Trust: 0.8

vendor:ヒューレット パッカードmodel:hp-ux aaa serverscope: - version: -

Trust: 0.8

vendor:チェック ポイント ソフトウェア テクノロジーズmodel:vpn-1/firewall-1scope: - version: -

Trust: 0.8

vendor:ターボリナックスmodel:turbolinux workstationscope: - version: -

Trust: 0.8

vendor:富士通model:primergy sslacceleratorscope:eqversion:7110

Trust: 0.8

vendor:nonemodel: - scope: - version: -

Trust: 0.6

vendor:ciscomodel:ios 12.1 escope: - version: -

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.6

vendor:applemodel:mac os serverscope:eqversion:x10.3.9

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.6

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.6

vendor:vmwaremodel:gsx server buildscope:eqversion:3.07592

Trust: 0.3

vendor:vmwaremodel:gsx server buildscope:eqversion:2.5.15336

Trust: 0.3

vendor:vmwaremodel:gsx server buildscope:eqversion:2.0.12129

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.40

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.30

Trust: 0.3

vendor:tarantellamodel:enterprisescope:eqversion:33.200

Trust: 0.3

vendor:symantecmodel:clientless vpn gateway seriesscope:eqversion:44005.0

Trust: 0.3

vendor:sunmodel:crypto acceleratorscope:eqversion:40001.0

Trust: 0.3

vendor:stonesoftmodel:stonegate vpn clientscope:eqversion:2.0.9

Trust: 0.3

vendor:stonesoftmodel:stonegate vpn clientscope:eqversion:2.0.8

Trust: 0.3

vendor:stonesoftmodel:stonegate vpn clientscope:eqversion:2.0.7

Trust: 0.3

vendor:stonesoftmodel:stonegate vpn clientscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonegate vpn clientscope:eqversion:1.7.2

Trust: 0.3

vendor:stonesoftmodel:stonegate vpn clientscope:eqversion:1.7

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.2.4

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.2.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.2

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.9

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.8

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.7

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.6

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.5

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.4

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:2.0.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.7.2

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.7.1

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.7

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.6.3

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.6.2

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.5.18

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:eqversion:1.5.17

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for raptorscope:eqversion:2.5

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for raptorscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for isa serverscope:eqversion:3.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for gauntletscope:eqversion:2.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for firewall-1scope:eqversion:3.0

Trust: 0.3

vendor:stonesoftmodel:stonebeat fullcluster for firewall-1scope:eqversion:2.0

Trust: 0.3

vendor:sgimodel:propack sp6scope:eqversion:3.0

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.24

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.23

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.22

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.21

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.21

Trust: 0.3

vendor:sgimodel:irix mscope:eqversion:6.5.20

Trust: 0.3

vendor:sgimodel:irix fscope:eqversion:6.5.20

Trust: 0.3

vendor:securemodel:computing sidewinderscope:eqversion:5.2.1.02

Trust: 0.3

vendor:securemodel:computing sidewinderscope:eqversion:5.2.1

Trust: 0.3

vendor:securemodel:computing sidewinderscope:eqversion:5.2.0.04

Trust: 0.3

vendor:securemodel:computing sidewinderscope:eqversion:5.2.0.03

Trust: 0.3

vendor:securemodel:computing sidewinderscope:eqversion:5.2.0.02

Trust: 0.3

vendor:securemodel:computing sidewinderscope:eqversion:5.2.0.01

Trust: 0.3

vendor:securemodel:computing sidewinderscope:eqversion:5.2

Trust: 0.3

vendor:scomodel:unixwarescope:eqversion:7.1.3

Trust: 0.3

vendor:scomodel:unixwarescope:eqversion:7.1.1

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.7

Trust: 0.3

vendor:scomodel:open serverscope:eqversion:5.0.6

Trust: 0.3

vendor:rsamodel:security bsafe ssl-j sdkscope:eqversion:3.1

Trust: 0.3

vendor:rsamodel:security bsafe ssl-j sdkscope:eqversion:3.0.1

Trust: 0.3

vendor:rsamodel:security bsafe ssl-j sdkscope:eqversion:3.0

Trust: 0.3

vendor:redhatmodel:openssl096b-0.9.6b-3.i386.rpmscope: - version: -

Trust: 0.3

vendor:redhatmodel:openssl096-0.9.6-15.i386.rpmscope: - version: -

Trust: 0.3

vendor:redhatmodel:openssl-perl-0.9.7a-2.i386.rpmscope: - version: -

Trust: 0.3

vendor:redhatmodel:openssl-devel-0.9.7a-2.i386.rpmscope: - version: -

Trust: 0.3

vendor:redhatmodel:openssl-0.9.7a-2.i386.rpmscope: - version: -

Trust: 0.3

vendor:redhatmodel:linux i386scope:eqversion:7.3

Trust: 0.3

vendor:redhatmodel:enterprise linux wsscope:eqversion:4

Trust: 0.3

vendor:redhatmodel:enterprise linux wsscope:eqversion:3

Trust: 0.3

vendor:redhatmodel:enterprise linux esscope:eqversion:4

Trust: 0.3

vendor:redhatmodel:enterprise linux esscope:eqversion:3

Trust: 0.3

vendor:redhatmodel:desktopscope:eqversion:4.0

Trust: 0.3

vendor:redhatmodel:desktopscope:eqversion:3.0

Trust: 0.3

vendor:redmodel:hat fedora core3scope: - version: -

Trust: 0.3

vendor:redmodel:hat fedora core2scope: - version: -

Trust: 0.3

vendor:redmodel:hat fedora core1scope: - version: -

Trust: 0.3

vendor:redmodel:hat enterprise linux asscope:eqversion:4

Trust: 0.3

vendor:redmodel:hat enterprise linux asscope:eqversion:3

Trust: 0.3

vendor:opensslmodel:project openssl cscope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl beta3scope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl beta2scope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl beta1scope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl bscope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl ascope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl kscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl jscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl iscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl hscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl gscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl fscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl escope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl dscope:eqversion:0.9.6

Trust: 0.3

vendor:opensslmodel:project openssl cscope:eqversion:0.9.6

Trust: 0.3

vendor:novellmodel:edirectory su1scope:eqversion:8.7.1

Trust: 0.3

vendor:novellmodel:edirectory ascope:eqversion:8.5.12

Trust: 0.3

vendor:netscreenmodel:instant virtual extranetscope:eqversion:3.3.1

Trust: 0.3

vendor:netscreenmodel:instant virtual extranetscope:eqversion:3.3

Trust: 0.3

vendor:netscreenmodel:instant virtual extranetscope:eqversion:3.2

Trust: 0.3

vendor:netscreenmodel:instant virtual extranetscope:eqversion:3.1

Trust: 0.3

vendor:netscreenmodel:instant virtual extranetscope:eqversion:3.0

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:eqversion:1.3.1

Trust: 0.3

vendor:lite speedmodel:litespeed web server rc3scope:eqversion:1.3

Trust: 0.3

vendor:lite speedmodel:litespeed web server rc2scope:eqversion:1.3

Trust: 0.3

vendor:lite speedmodel:litespeed web server rc1scope:eqversion:1.3

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:eqversion:1.3

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:eqversion:1.2.2

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:eqversion:1.2.1

Trust: 0.3

vendor:lite speedmodel:litespeed web server rc2scope:eqversion:1.2

Trust: 0.3

vendor:lite speedmodel:litespeed web server rc1scope:eqversion:1.2

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:eqversion:1.1.1

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:eqversion:1.1

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:eqversion:1.0.3

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:eqversion:1.0.2

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:eqversion:1.0.1

Trust: 0.3

vendor:hpmodel:wbem a.02.00.01scope: - version: -

Trust: 0.3

vendor:hpmodel:wbem a.02.00.00scope: - version: -

Trust: 0.3

vendor:hpmodel:wbem a.01.05.08scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:11.0

Trust: 0.3

vendor:hpmodel:hp-uxscope:eqversion:8.5

Trust: 0.3

vendor:hpmodel:aaa serverscope: - version: -

Trust: 0.3

vendor:freebsdmodel:-releasescope:eqversion:5.2

Trust: 0.3

vendor:freebsdmodel:-relengscope:eqversion:5.1

Trust: 0.3

vendor:freebsdmodel:-releasescope:eqversion:5.1

Trust: 0.3

vendor:freebsdmodel:-relengscope:eqversion:4.8

Trust: 0.3

vendor:computermodel:associates etrust security command centerscope:eqversion:1.0

Trust: 0.3

vendor:citrixmodel:secure gateway for solarisscope:eqversion:1.13

Trust: 0.3

vendor:citrixmodel:secure gateway for solarisscope:eqversion:1.12

Trust: 0.3

vendor:citrixmodel:secure gateway for solarisscope:eqversion:1.1

Trust: 0.3

vendor:ciscomodel:webns .0.06sscope:eqversion:7.10

Trust: 0.3

vendor:ciscomodel:webnsscope:eqversion:7.20.0.03

Trust: 0.3

vendor:ciscomodel:webnsscope:eqversion:7.10.2.06

Trust: 0.3

vendor:ciscomodel:webnsscope:eqversion:7.10.1.02

Trust: 0.3

vendor:ciscomodel:webns b4scope:eqversion:6.10

Trust: 0.3

vendor:ciscomodel:threat responsescope: - version: -

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3.2

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3(3.109)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3(3.102)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3(1)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.3

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2.3

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2.2.111

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2.2

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2(3.100)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2(3)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2(2)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2(1)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1.5

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1.4

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1.3

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(5)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(4)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(3)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(2)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1(1)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0.4

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0.3

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0(4.101)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0(4)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0(2)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0(1)

Trust: 0.3

vendor:ciscomodel:pix firewallscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:mdsscope:eqversion:9000

Trust: 0.3

vendor:ciscomodel:ios 12.2zascope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2syscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2 sy1scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2 syscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1 e1scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1 e9scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1 e14scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1 e12scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1 ecscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.1 ea1scope: - version: -

Trust: 0.3

vendor:ciscomodel:gss global site selectorscope:eqversion:44900

Trust: 0.3

vendor:ciscomodel:gss global site selectorscope:eqversion:4480

Trust: 0.3

vendor:ciscomodel:firewall services modulescope:eqversion:2.1(0.208)

Trust: 0.3

vendor:ciscomodel:firewall services modulescope:eqversion:1.1(3.005)

Trust: 0.3

vendor:ciscomodel:firewall services modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:css11500 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:css11000 content services switchscope: - version: -

Trust: 0.3

vendor:ciscomodel:call managerscope: - version: -

Trust: 0.3

vendor:ciscomodel:application & content networking softwarescope: - version: -

Trust: 0.3

vendor:ciscomodel:access registrarscope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 vsx ng with application intelligencescope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 next generation fp2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 next generation fp1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software vpn-1 next generation fp0scope: - version: -

Trust: 0.3

vendor:checkmodel:point software providor-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software providor-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 vsx ng with application intelligencescope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 next generation fp2scope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 next generation fp1scope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 next generation fp0scope: - version: -

Trust: 0.3

vendor:checkmodel:point software firewall-1 gxscope:eqversion:2.0

Trust: 0.3

vendor:bluemodel:coat systems proxysgscope:eqversion:0

Trust: 0.3

vendor:bluemodel:coat systems cacheos ca/sascope:eqversion:4.1.12

Trust: 0.3

vendor:bluemodel:coat systems cacheos ca/sascope:eqversion:4.1.10

Trust: 0.3

vendor:avayamodel:vsu r2.0.1scope:eqversion:7500

Trust: 0.3

vendor:avayamodel:vsuscope:eqversion:5x0

Trust: 0.3

vendor:avayamodel:vsu r2.0.1scope:eqversion:5000

Trust: 0.3

vendor:avayamodel:vsuscope:eqversion:5000

Trust: 0.3

vendor:avayamodel:vsuscope:eqversion:50

Trust: 0.3

vendor:avayamodel:vsu r2.0.1scope:eqversion:2000

Trust: 0.3

vendor:avayamodel:vsu r2.0.1scope:eqversion:10000

Trust: 0.3

vendor:avayamodel:vsu r2.0.1scope:eqversion:100

Trust: 0.3

vendor:avayamodel:sg5xscope:eqversion:4.4

Trust: 0.3

vendor:avayamodel:sg5xscope:eqversion:4.3

Trust: 0.3

vendor:avayamodel:sg5xscope:eqversion:4.2

Trust: 0.3

vendor:avayamodel:sg208scope:eqversion:0

Trust: 0.3

vendor:avayamodel:s8700 r2.0.1scope: - version: -

Trust: 0.3

vendor:avayamodel:s8700 r2.0.0scope: - version: -

Trust: 0.3

vendor:avayamodel:s8500 r2.0.1scope: - version: -

Trust: 0.3

vendor:avayamodel:s8500 r2.0.0scope: - version: -

Trust: 0.3

vendor:avayamodel:s8300 r2.0.1scope: - version: -

Trust: 0.3

vendor:avayamodel:s8300 r2.0.0scope: - version: -

Trust: 0.3

vendor:avayamodel:intuity r5 r5.1.46scope: - version: -

Trust: 0.3

vendor:avayamodel:intuity audix r5scope:eqversion:0

Trust: 0.3

vendor:avayamodel:intuity s3400scope: - version: -

Trust: 0.3

vendor:avayamodel:intuity s3210scope: - version: -

Trust: 0.3

vendor:avayamodel:intuity lxscope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.3

Trust: 0.3

vendor:vmwaremodel:gsx serverscope:neversion:2.5.2

Trust: 0.3

vendor:stonesoftmodel:stonegate sparcscope:neversion:2.2.12

Trust: 0.3

vendor:stonesoftmodel:stonegatescope:neversion:2.2.5x86

Trust: 0.3

vendor:stonesoftmodel:stonegate ibm zseriesscope:neversion:2.2.5

Trust: 0.3

vendor:securemodel:computing sidewinderscope:neversion:5.2.1.10

Trust: 0.3

vendor:rsamodel:security bsafe ssl-j sdkscope:neversion:4.1

Trust: 0.3

vendor:opensslmodel:project openssl dscope:neversion:0.9.7

Trust: 0.3

vendor:opensslmodel:project openssl mscope:neversion:0.9.6

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:neversion:1.3.2

Trust: 0.3

vendor:lite speedmodel:litespeed web serverscope:neversion:1.0.2

Trust: 0.3

vendor:citrixmodel:secure gateway for solarisscope:neversion:1.14

Trust: 0.3

vendor:ciscomodel:threat responsescope:neversion:2.0.3

Trust: 0.3

vendor:ciscomodel:mdsscope:neversion:90002.0(0.86)

Trust: 0.3

vendor:ciscomodel:mdsscope:neversion:90001.3(3.33)

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp6scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp5ascope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp5scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp4scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp3scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp2scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1 sp1scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software vpn-1scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp6scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5ascope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp4scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:neversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:neversion:4.1

Trust: 0.3

vendor:4dmodel:webstarscope:neversion:5.3.2

Trust: 0.3

vendor:redhatmodel:linux i386scope:eqversion:9.0

Trust: 0.3

vendor:redhatmodel:fedora core2scope: - version: -

Trust: 0.3

vendor:redhatmodel:fedora core1scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

sources: CERT/CC: VU#484726 // CNVD: CNVD-2004-0790 // BID: 9899 // BID: 14567 // JVNDB: JVNDB-2004-000088 // CNNVD: CNNVD-200411-112 // NVD: CVE-2004-0112

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-0112
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#484726
value: 10.32

Trust: 0.8

NVD: CVE-2004-0112
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200411-112
value: MEDIUM

Trust: 0.6

VULHUB: VHN-8542
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2004-0112
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-8542
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#484726 // VULHUB: VHN-8542 // JVNDB: JVNDB-2004-000088 // CNNVD: CNNVD-200411-112 // NVD: CVE-2004-0112

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.0

problemtype:Out-of-bounds read (CWE-125) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2004-000088 // NVD: CVE-2004-0112

THREAT TYPE

network

Trust: 0.6

sources: BID: 9899 // BID: 14567

TYPE

Unknown

Trust: 0.6

sources: BID: 9899 // BID: 14567

PATCH

title:[ important ] OpenSSL Regarding vulnerability response Fujitsu   Public vulnerability informationurl:http://www.openssl.org/news/secadv_20040317.txt

Trust: 0.8

title:OpenSSL Repair measures for denial of service attack vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=169016

Trust: 0.6

sources: JVNDB: JVNDB-2004-000088 // CNNVD: CNNVD-200411-112

EXTERNAL IDS

db:NVDid:CVE-2004-0112

Trust: 4.7

db:CERT/CCid:VU#484726

Trust: 3.3

db:BIDid:9899

Trust: 2.8

db:USCERTid:TA04-078A

Trust: 2.5

db:SECUNIAid:11139

Trust: 1.7

db:XFid:15508

Trust: 0.8

db:SECTRACKid:1009458

Trust: 0.8

db:JVNDBid:JVNDB-2004-000088

Trust: 0.8

db:CNNVDid:CNNVD-200411-112

Trust: 0.7

db:CNVDid:CNVD-2004-0790

Trust: 0.6

db:BIDid:14567

Trust: 0.3

db:VULHUBid:VHN-8542

Trust: 0.1

db:SECUNIAid:17398

Trust: 0.1

db:PACKETSTORMid:41200

Trust: 0.1

db:SECUNIAid:17381

Trust: 0.1

db:PACKETSTORMid:41105

Trust: 0.1

db:PACKETSTORMid:32887

Trust: 0.1

db:PACKETSTORMid:32886

Trust: 0.1

sources: CERT/CC: VU#484726 // CNVD: CNVD-2004-0790 // VULHUB: VHN-8542 // BID: 9899 // BID: 14567 // JVNDB: JVNDB-2004-000088 // PACKETSTORM: 41200 // PACKETSTORM: 41105 // PACKETSTORM: 32887 // PACKETSTORM: 32886 // CNNVD: CNNVD-200411-112 // NVD: CVE-2004-0112

REFERENCES

url:http://www.openssl.org/news/secadv_20040317.txt

Trust: 2.7

url:http://www.securityfocus.com/bid/9899

Trust: 2.5

url:http://www.us-cert.gov/cas/techalerts/ta04-078a.html

Trust: 2.5

url:http://www.kb.cert.org/vuls/id/484726

Trust: 2.5

url:http://www.ciac.org/ciac/bulletins/o-101.shtml

Trust: 2.5

url:http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml

Trust: 2.1

url:http://www.uniras.gov.uk/vuls/2004/224012/index.htm

Trust: 1.8

url:http://lists.apple.com/archives/security-announce/2005/aug/msg00000.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2005//aug/msg00001.html

Trust: 1.7

url:http://docs.info.apple.com/article.html?artnum=61798

Trust: 1.7

url:http://lists.apple.com/mhonarc/security-announce/msg00045.html

Trust: 1.7

url:http://security.gentoo.org/glsa/glsa-200403-03.xml

Trust: 1.7

url:http://www.mandriva.com/security/advisories?name=mdksa-2004:023

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1049

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a928

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9580

Trust: 1.7

url:http://www.redhat.com/support/errata/rhsa-2004-120.html

Trust: 1.7

url:http://www.redhat.com/support/errata/rhsa-2004-121.html

Trust: 1.7

url:http://secunia.com/advisories/11139

Trust: 1.7

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524

Trust: 1.7

url:http://www.novell.com/linux/security/advisories/2004_07_openssl.html

Trust: 1.7

url:http://www.trustix.org/errata/2004/0012

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/15508

Trust: 1.7

url:http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961

Trust: 1.6

url:http://marc.info/?l=bugtraq&m=108403806509920&w=2

Trust: 1.6

url:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834

Trust: 1.6

url:http://marc.info/?l=bugtraq&m=107953412903636&w=2

Trust: 1.6

url:http://www.uniras.gov.uk/l1/l2/l3/alerts2004/alert-1204.txt

Trust: 1.1

url:ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2004-005.txt.asc

Trust: 1.1

url:ftp://ftp.sco.com/pub/updates/openserver/scosa-2004.10/scosa-2004.10.txt

Trust: 1.1

url:http://www.openssl.org

Trust: 0.8

url:http://www.ietf.org/rfc/rfc2712.txt

Trust: 0.8

url:http://jvn.jp/cert/jvnta04-078a/index.html

Trust: 0.8

url:http://jvn.jp/niscc/niscc-224012

Trust: 0.8

url:http://jvn.jp/tr/trta04-078a

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0112

Trust: 0.8

url:http://www.jpcert.or.jp/wr/2004/wr041201.txt

Trust: 0.8

url:http://www.jpcert.or.jp/wr/2004/wr041301.txt

Trust: 0.8

url:http://www.jpcert.or.jp/wr/2004/wr041701.txt

Trust: 0.8

url:http://www.jpcert.or.jp/wr/2004/wr041801.txt

Trust: 0.8

url:http://www.cpni.gov.uk/docs/re-20040317-00389.pdf?lang=en

Trust: 0.8

url:http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20040317-00389.xml

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/15508

Trust: 0.8

url:http://www.securitytracker.com/alerts/2004/mar/1009458.html

Trust: 0.8

url:http://www.securiteam.com/securitynews/5op0g20caa.html

Trust: 0.8

url:https://rhn.redhat.com/errata/rhsa-2004-119.html

Trust: 0.6

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57524

Trust: 0.6

url:http://www.4d.com/products/4dwsv.html

Trust: 0.3

url:http://support.avaya.com/japple/css/japple?page=avaya.css.openpage&temp.template.name=securityadvisory

Trust: 0.3

url:http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000827

Trust: 0.3

url:http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000834

Trust: 0.3

url:ftp://ftp.symantec.com/public/english_us_canada/products/sym_clientless_vpn/sym_clientless_vpn_5/updates/hf1-readme.txt

Trust: 0.3

url:http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1256

Trust: 0.3

url:http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1257

Trust: 0.3

url:http://www.netscreen.com/services/security/alerts/adv58466-signed.txt

Trust: 0.3

url:http://www.stonesoft.com/document/art/3123.html

Trust: 0.3

url:http://support.avaya.com/elmodocs2/security/asa-2005-239.htm

Trust: 0.3

url:http://www.checkpoint.com/techsupport/alerts/openssl.html

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2004-120.html

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2004-139.html

Trust: 0.3

url:http://rhn.redhat.com/errata/rhsa-2005-830.html

Trust: 0.3

url:http://www.bluecoat.com/support/knowledge/advisory_openssl_can-2004-0079.html

Trust: 0.3

url:http://www.apple.com/support/downloads/securityupdate_2004-04-05_(10_3_3).html

Trust: 0.3

url:http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968981.htm

Trust: 0.3

url:http://www.securecomputing.com/pdf/52110relnotes.pdf

Trust: 0.3

url:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f57571

Trust: 0.3

url:http://www.tarantella.com/security/bulletin-10.html

Trust: 0.3

url:http://www.adiscon.com/common/en/advisory/2004-03-18.asp

Trust: 0.3

url:http://www.litespeedtech.com

Trust: 0.3

url:/archive/1/357672

Trust: 0.3

url:http://www.info.apple.com/usen/security/security_updates.html

Trust: 0.3

url:http://www.suresec.org/advisories/adv5.pdf

Trust: 0.3

url:http://www.apple.com

Trust: 0.3

url:http://secunia.com/secunia_security_advisories/

Trust: 0.2

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.2

url:http://secunia.com/advisories/11139/

Trust: 0.2

url:http://secunia.com/about_secunia_advisories/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2004-0079

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2004-0112

Trust: 0.2

url:http://marc.info/?l=bugtraq&m=107953412903636&w=2

Trust: 0.1

url:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834

Trust: 0.1

url:http://marc.info/?l=bugtraq&m=108403806509920&w=2

Trust: 0.1

url:http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961

Trust: 0.1

url:http://secunia.com/product/48/

Trust: 0.1

url:http://rhn.redhat.com/errata/rhsa-2005-829.html

Trust: 0.1

url:http://rhn.redhat.com/

Trust: 0.1

url:http://secunia.com/product/1326/

Trust: 0.1

url:http://secunia.com/product/1306/

Trust: 0.1

url:http://secunia.com/advisories/17398/

Trust: 0.1

url:http://secunia.com/product/1044/

Trust: 0.1

url:http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Trust: 0.1

url:http://secunia.com/product/4222/

Trust: 0.1

url:http://secunia.com/advisories/17381/

Trust: 0.1

url:http://secunia.com/advisories/10133/

Trust: 0.1

url:http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml.

Trust: 0.1

url:http://www.cisco.com/public/sw-license-agreement.html,

Trust: 0.1

url:https://ip_address_of_device/.

Trust: 0.1

url:http://www.cisco.com/univercd/cc/td/doc/cisintwk/.

Trust: 0.1

url:http://www.cisco.com/tacpage/sw-center.

Trust: 0.1

url:http://www.cisco.com/warp/public/707/sec_incident_response.shtml.

Trust: 0.1

url:http://www.cisco.com/go/psirt.

Trust: 0.1

url:http://www.cisco.com/warp/public/687/directory/dirtac.shtml

Trust: 0.1

url:http://www.cisco.com/public/sw-center/sw-usingswc.shtml.

Trust: 0.1

url:http://www.codenomicon.com/testtools/tls/

Trust: 0.1

url:http://www.openssl.org/source/mirror.html):

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0112

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0079

Trust: 0.1

sources: CERT/CC: VU#484726 // VULHUB: VHN-8542 // BID: 9899 // BID: 14567 // JVNDB: JVNDB-2004-000088 // PACKETSTORM: 41200 // PACKETSTORM: 41105 // PACKETSTORM: 32887 // PACKETSTORM: 32886 // CNNVD: CNNVD-200411-112 // NVD: CVE-2004-0112

CREDITS

OpenSSL Security Advisory

Trust: 0.6

sources: CNNVD: CNNVD-200411-112

SOURCES

db:CERT/CCid:VU#484726
db:CNVDid:CNVD-2004-0790
db:VULHUBid:VHN-8542
db:BIDid:9899
db:BIDid:14567
db:JVNDBid:JVNDB-2004-000088
db:PACKETSTORMid:41200
db:PACKETSTORMid:41105
db:PACKETSTORMid:32887
db:PACKETSTORMid:32886
db:CNNVDid:CNNVD-200411-112
db:NVDid:CVE-2004-0112

LAST UPDATE DATE

2024-08-14T12:30:11.013000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#484726date:2004-03-26T00:00:00
db:CNVDid:CNVD-2004-0790date:2004-03-17T00:00:00
db:VULHUBid:VHN-8542date:2018-10-30T00:00:00
db:BIDid:9899date:2015-03-19T08:20:00
db:BIDid:14567date:2006-05-05T23:10:00
db:JVNDBid:JVNDB-2004-000088date:2024-03-04T06:12:00
db:CNNVDid:CNNVD-200411-112date:2021-11-10T00:00:00
db:NVDid:CVE-2004-0112date:2024-02-15T20:54:12.877

SOURCES RELEASE DATE

db:CERT/CCid:VU#484726date:2004-03-17T00:00:00
db:CNVDid:CNVD-2004-0790date:2004-03-17T00:00:00
db:VULHUBid:VHN-8542date:2004-11-23T00:00:00
db:BIDid:9899date:2004-03-17T00:00:00
db:BIDid:14567date:2005-08-15T00:00:00
db:JVNDBid:JVNDB-2004-000088date:2007-04-01T00:00:00
db:PACKETSTORMid:41200date:2005-11-03T01:02:14
db:PACKETSTORMid:41105date:2005-11-02T01:11:22
db:PACKETSTORMid:32887date:2004-03-17T15:44:08
db:PACKETSTORMid:32886date:2004-03-17T14:36:13
db:CNNVDid:CNNVD-200411-112date:2003-07-18T00:00:00
db:NVDid:CVE-2004-0112date:2004-11-23T05:00:00