Sign-up

ID

VAR-200609-0855


CVE

CVE-2006-4409


TITLE

OpenSSL SSLv2 client code fails to properly check for NULL

Trust: 0.8

sources: CERT/CC: VU#386964

DESCRIPTION

The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may result in the use of revoked certificates. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Apple Mac OS X is prone to multiple security vulnerabilities. These issue affect Mac OS X and various applications including Apple Type Services, CFNetwork, Finder, FTPD, Installer, PPP, Security Framework, VPN, and WebKit. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. Apple Mac OS X 10.4.8 and prior versions are vulnerable to these issues

Trust: 4.86

sources: NVD: CVE-2006-4409 // CERT/CC: VU#386964 // CERT/CC: VU#811384 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // JVNDB: JVNDB-2006-001154 // BID: 21335 // VULHUB: VHN-20517

AFFECTED PRODUCTS

vendor:debian gnu linuxmodel: - scope: - version: -

Trust: 2.4

vendor:f5model: - scope: - version: -

Trust: 2.4

vendor:freebsdmodel: - scope: - version: -

Trust: 2.4

vendor:openpkgmodel: - scope: - version: -

Trust: 2.4

vendor:opensslmodel: - scope: - version: -

Trust: 2.4

vendor:oraclemodel: - scope: - version: -

Trust: 2.4

vendor:red hatmodel: - scope: - version: -

Trust: 2.4

vendor:suse linuxmodel: - scope: - version: -

Trust: 2.4

vendor:slackware linuxmodel: - scope: - version: -

Trust: 2.4

vendor:ubuntumodel: - scope: - version: -

Trust: 2.4

vendor:rpathmodel: - scope: - version: -

Trust: 2.4

vendor:trustix secure linuxmodel: - scope: - version: -

Trust: 1.6

vendor:apple computermodel: - scope: - version: -

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.2

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.5

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.6

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.4

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.8

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.1

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.7

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4

Trust: 1.6

vendor:applemodel:mac os xscope:eqversion:10.4.3

Trust: 1.6

vendor:appgate network securitymodel: - scope: - version: -

Trust: 0.8

vendor:attachmatewrqmodel: - scope: - version: -

Trust: 0.8

vendor:avayamodel: - scope: - version: -

Trust: 0.8

vendor:blue coatmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:gentoo linuxmodel: - scope: - version: -

Trust: 0.8

vendor:gnutlsmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:iaik java groupmodel: - scope: - version: -

Trust: 0.8

vendor:ibmmodel: - scope: - version: -

Trust: 0.8

vendor:internet consortiummodel: - scope: - version: -

Trust: 0.8

vendor:intotomodel: - scope: - version: -

Trust: 0.8

vendor:junipermodel: - scope: - version: -

Trust: 0.8

vendor:mandrivamodel: - scope: - version: -

Trust: 0.8

vendor:mozillamodel: - scope: - version: -

Trust: 0.8

vendor:openwall gnu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:operamodel: - scope: - version: -

Trust: 0.8

vendor:rsa securitymodel: - scope: - version: -

Trust: 0.8

vendor:ssh security corpmodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

vendor:sybasemodel: - scope: - version: -

Trust: 0.8

vendor:vmwaremodel: - scope: - version: -

Trust: 0.8

vendor:vandykemodel: - scope: - version: -

Trust: 0.8

vendor:stonesoftmodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.4 to 10.4.8

Trust: 0.8

vendor:applemodel:mac osscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.3

Trust: 0.3

vendor:cosmicperlmodel:directory proscope:eqversion:10.0.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.1.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.3.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.4.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.3.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.0.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.4.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.03

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.1

Trust: 0.3

sources: CERT/CC: VU#386964 // CERT/CC: VU#811384 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // BID: 21335 // JVNDB: JVNDB-2006-001154 // CNNVD: CNNVD-200611-479 // NVD: CVE-2006-4409

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-4409
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#386964
value: 0.32

Trust: 0.8

CARNEGIE MELLON: VU#811384
value: 0.22

Trust: 0.8

CARNEGIE MELLON: VU#845620
value: 7.56

Trust: 0.8

CARNEGIE MELLON: VU#547300
value: 2.53

Trust: 0.8

NVD: CVE-2006-4409
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200611-479
value: MEDIUM

Trust: 0.6

VULHUB: VHN-20517
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-4409
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-20517
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#386964 // CERT/CC: VU#811384 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // VULHUB: VHN-20517 // JVNDB: JVNDB-2006-001154 // CNNVD: CNNVD-200611-479 // NVD: CVE-2006-4409

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-4409

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200611-479

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200611-479

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-001154

PATCH
title:APPLE-SA-2006-11-28url:http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-001154

EXTERNAL IDS
db:CERT/CCid:VU#811384
Trust: 3.3
db:USCERTid:TA06-333A
Trust: 2.8
db:NVDid:CVE-2006-4409
Trust: 2.8
db:SECUNIAid:23155
Trust: 2.5
db:BIDid:22083
Trust: 2.4
db:BIDid:21335
Trust: 2.0
db:SECTRACKid:1017298
Trust: 1.7
db:OSVDBid:30729
Trust: 1.7
db:VUPENid:ADV-2006-4750
Trust: 1.7
db:SECUNIAid:23280
Trust: 1.6
db:SECUNIAid:23309
Trust: 1.6
db:BIDid:20246
Trust: 0.8
db:CERT/CCid:VU#386964
Trust: 0.8
db:SECUNIAid:21709
Trust: 0.8
db:CERT/CCid:VU#845620
Trust: 0.8
db:SECUNIAid:22207
Trust: 0.8
db:SECUNIAid:22212
Trust: 0.8
db:SECUNIAid:22116
Trust: 0.8
db:SECUNIAid:22216
Trust: 0.8
db:SECUNIAid:22220
Trust: 0.8
db:SECUNIAid:22330
Trust: 0.8
db:SECUNIAid:22130
Trust: 0.8
db:SECUNIAid:22240
Trust: 0.8
db:SECUNIAid:22259
Trust: 0.8
db:SECUNIAid:22260
Trust: 0.8
db:SECUNIAid:22165
Trust: 0.8
db:SECUNIAid:22166
Trust: 0.8
db:SECUNIAid:22172
Trust: 0.8
db:SECUNIAid:22284
Trust: 0.8
db:SECUNIAid:22186
Trust: 0.8
db:SECUNIAid:22193
Trust: 0.8
db:SECUNIAid:22094
Trust: 0.8
db:BIDid:20249
Trust: 0.8
db:SECTRACKid:1016943
Trust: 0.8
db:XFid:29237
Trust: 0.8
db:CERT/CCid:VU#547300
Trust: 0.8
db:JVNDBid:JVNDB-2006-001154
Trust: 0.8
db:CNNVDid:CNNVD-200611-479
Trust: 0.7
db:CERT/CCid:TA06-333A
Trust: 0.6
db:APPLEid:APPLE-SA-2006-11-28
Trust: 0.6
db:VULHUBid:VHN-20517
Trust: 0.1
sources:
            
            
            CERT/CC: VU#386964 // 
            
            
            
            CERT/CC: VU#811384 // 
            
            
            
            CERT/CC: VU#845620 // 
            
            
            
            CERT/CC: VU#547300 // 
            
            
            
            VULHUB: VHN-20517 // 
            
            
            
            BID: 21335 // 
            
            
            
            JVNDB: JVNDB-2006-001154 // 
            
            
            
            CNNVD: CNNVD-200611-479 // 
            
            
            
            NVD: CVE-2006-4409

REFERENCES
url:http://docs.info.apple.com/article.html?artnum=304829
Trust: 2.8
url:http://www.us-cert.gov/cas/techalerts/ta06-333a.html
Trust: 2.8
url:http://www.kb.cert.org/vuls/id/811384
Trust: 2.5
url:http://www.securityfocus.com/bid/22083
Trust: 2.4
url:http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html
Trust: 1.7
url:http://www.securityfocus.com/bid/21335
Trust: 1.7
url:http://www.osvdb.org/30729
Trust: 1.7
url:http://securitytracker.com/id?1017298
Trust: 1.7
url:http://secunia.com/advisories/23155
Trust: 1.7
url:http://www.openssl.org/news/secadv_20060928.txt
Trust: 1.6
url:http://secunia.com/advisories/23280/
Trust: 1.6
url:http://secunia.com/advisories/23309/
Trust: 1.6
url:http://www.vupen.com/english/advisories/2006/4750
Trust: 1.1
url:http://jvn.jp/cert/jvnvu%23386964/index.html
Trust: 0.8
url:http://www.securityfocus.com/bid/20246
Trust: 0.8
url:http://secunia.com/advisories/23155/
Trust: 0.8
url:http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html
Trust: 0.8
url:http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/
Trust: 0.8
url:http://www.openssl.org/news/secadv_20060905.txt 
Trust: 0.8
url:http://secunia.com/advisories/21709/
Trust: 0.8
url:http://www.rsasecurity.com/rsalabs/node.asp?id=2125
Trust: 0.8
url:http://www.ietf.org/rfc/rfc3447.txt
Trust: 0.8
url:http://jvn.jp/cert/jvnvu%23547300/index.html
Trust: 0.8
url:http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html 
Trust: 0.8
url:https://issues.rpath.com/browse/rpl-613 
Trust: 0.8
url:http://www.openssl.org/news/secadv_20060928.txt 
Trust: 0.8
url:http://kolab.org/security/kolab-vendor-notice-11.txt 
Trust: 0.8
url:http://openvpn.net/changelog.html 
Trust: 0.8
url:http://www.serv-u.com/releasenotes/ 
Trust: 0.8
url:http://openbsd.org/errata.html#openssl2 
Trust: 0.8
url:http://www.securityfocus.com/bid/20249 
Trust: 0.8
url:http://securitytracker.com/id?1016943 
Trust: 0.8
url:http://secunia.com/advisories/22130 
Trust: 0.8
url:http://secunia.com/advisories/22094 
Trust: 0.8
url:http://secunia.com/advisories/22165 
Trust: 0.8
url:http://secunia.com/advisories/22186 
Trust: 0.8
url:http://secunia.com/advisories/22193 
Trust: 0.8
url:http://secunia.com/advisories/22207 
Trust: 0.8
url:http://secunia.com/advisories/22259 
Trust: 0.8
url:http://secunia.com/advisories/22260 
Trust: 0.8
url:http://secunia.com/advisories/22166 
Trust: 0.8
url:http://secunia.com/advisories/22172 
Trust: 0.8
url:http://secunia.com/advisories/22212 
Trust: 0.8
url:http://secunia.com/advisories/22240 
Trust: 0.8
url:http://secunia.com/advisories/22216 
Trust: 0.8
url:http://secunia.com/advisories/22116 
Trust: 0.8
url:http://secunia.com/advisories/22220 
Trust: 0.8
url:http://secunia.com/advisories/22284 
Trust: 0.8
url:http://secunia.com/advisories/22330 
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/29237 
Trust: 0.8
url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4409
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4409
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2006/4750
Trust: 0.6
url:http://www.info.apple.com/usen/security/security_updates.html
Trust: 0.3
url:http://www.apple.com/macosx/
Trust: 0.3
url:http://labs.musecurity.com/advisories/mu-200611-01.txt
Trust: 0.3
sources:
            
            
            CERT/CC: VU#386964 // 
            
            
            
            CERT/CC: VU#811384 // 
            
            
            
            CERT/CC: VU#845620 // 
            
            
            
            CERT/CC: VU#547300 // 
            
            
            
            VULHUB: VHN-20517 // 
            
            
            
            BID: 21335 // 
            
            
            
            JVNDB: JVNDB-2006-001154 // 
            
            
            
            CNNVD: CNNVD-200611-479 // 
            
            
            
            NVD: CVE-2006-4409

CREDITS
Benjamin WilliamsMu SecurityEric CroninDr. Stephen N. HensonTim※ darksock@uhagr.org
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200611-479

SOURCES
db:CERT/CCid:VU#386964
db:CERT/CCid:VU#811384
db:CERT/CCid:VU#845620
db:CERT/CCid:VU#547300
db:VULHUBid:VHN-20517
db:BIDid:21335
db:JVNDBid:JVNDB-2006-001154
db:CNNVDid:CNNVD-200611-479
db:NVDid:CVE-2006-4409

LAST UPDATE DATE
2024-09-19T21:44:50.052000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#386964date:2011-07-22T00:00:00
db:CERT/CCid:VU#811384date:2006-12-04T00:00:00
db:CERT/CCid:VU#845620date:2007-02-08T00:00:00
db:CERT/CCid:VU#547300date:2011-07-22T00:00:00
db:VULHUBid:VHN-20517date:2011-03-08T00:00:00
db:BIDid:21335date:2006-11-30T20:25:00
db:JVNDBid:JVNDB-2006-001154date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200611-479date:2006-11-30T00:00:00
db:NVDid:CVE-2006-4409date:2011-03-08T02:40:52.830

SOURCES RELEASE DATE
db:CERT/CCid:VU#386964date:2006-09-28T00:00:00
db:CERT/CCid:VU#811384date:2006-12-04T00:00:00
db:CERT/CCid:VU#845620date:2006-09-11T00:00:00
db:CERT/CCid:VU#547300date:2006-09-28T00:00:00
db:VULHUBid:VHN-20517date:2006-11-30T00:00:00
db:BIDid:21335date:2006-11-28T00:00:00
db:JVNDBid:JVNDB-2006-001154date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200611-479date:2006-11-30T00:00:00
db:NVDid:CVE-2006-4409date:2006-11-30T16:28:00