Details of VAR-200609-1143

ID

VAR-200609-1143

CVE

CVE-2006-4407

TITLE

OpenSSL SSLv2 client code fails to properly check for NULL

Trust: 0.8

sources: CERT/CC: VU#386964

DESCRIPTION

The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may allow traffic to be weakly encrypted. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, overwrite files, and access potentially sensitive information. Both local and remote vulnerabilities are present. When making a connection, the best cipher supported by both parties should be used. Due to errors in the priority order of credentials, Secure Transport may use ciphers that do not provide encryption or authentication when better ciphers are available

Trust: 4.86

sources: NVD: CVE-2006-4407 // CERT/CC: VU#386964 // CERT/CC: VU#734032 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // JVNDB: JVNDB-2006-001152 // BID: 21335 // VULHUB: VHN-20515

AFFECTED PRODUCTS

vendor:	debian gnu linux	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	f5	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	freebsd	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	openpkg	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	openssl	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	oracle	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	red hat	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	suse linux	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	slackware linux	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	ubuntu	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	rpath	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	trustix secure linux	model:	-	scope:	-	version:	-	Trust: 1.6
vendor:	apple computer	model:	-	scope:	-	version:	-	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.6	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.7	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.4	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.3	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.1	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.2	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.5	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.8	Trust: 1.6
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3	Trust: 1.6
vendor:	appgate network security	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	attachmatewrq	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	avaya	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	blue coat	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	gentoo linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	gnutls	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	hewlett packard	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	iaik java group	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ibm	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	internet consortium	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	intoto	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	juniper	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	mandriva	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	mozilla	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	openwall gnu linux	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	opera	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	rsa security	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ssh security corp	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	sun microsystems	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	sybase	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	vmware	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	vandyke	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	stonesoft	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.x to 10.3.9	Trust: 0.8
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	cosmicperl	model:	directory pro	scope:	eq	version:	10.0.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.4.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.0.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.4.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.03	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1	Trust: 0.3

sources: CERT/CC: VU#386964 // CERT/CC: VU#734032 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // BID: 21335 // JVNDB: JVNDB-2006-001152 // CNNVD: CNNVD-200611-503 // NVD: CVE-2006-4407

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-4407
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#386964
value:	0.32
Trust: 0.8
CARNEGIE MELLON:	VU#734032
value:	10.94
Trust: 0.8
CARNEGIE MELLON:	VU#845620
value:	7.56
Trust: 0.8
CARNEGIE MELLON:	VU#547300
value:	2.53
Trust: 0.8
NVD:	CVE-2006-4407
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200611-503
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-20515
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-4407
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-20515
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#386964 // CERT/CC: VU#734032 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // VULHUB: VHN-20515 // JVNDB: JVNDB-2006-001152 // CNNVD: CNNVD-200611-503 // NVD: CVE-2006-4407

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-4407

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200611-503

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200611-503

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-001152

PATCH

title:

APPLE-SA-2006-11-28

url:

http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html

Trust: 0.8

sources: JVNDB: JVNDB-2006-001152

EXTERNAL IDS

db:	CERT/CC	id:	VU#734032	Trust: 3.3
db:	USCERT	id:	TA06-333A	Trust: 2.8
db:	NVD	id:	CVE-2006-4407	Trust: 2.8
db:	SECUNIA	id:	23155	Trust: 2.5
db:	BID	id:	22083	Trust: 2.4
db:	BID	id:	21335	Trust: 2.0
db:	SECTRACK	id:	1017298	Trust: 1.7
db:	OSVDB	id:	30731	Trust: 1.7
db:	VUPEN	id:	ADV-2006-4750	Trust: 1.7
db:	SECUNIA	id:	23280	Trust: 1.6
db:	SECUNIA	id:	23309	Trust: 1.6
db:	BID	id:	20246	Trust: 0.8
db:	CERT/CC	id:	VU#386964	Trust: 0.8
db:	SECUNIA	id:	21709	Trust: 0.8
db:	CERT/CC	id:	VU#845620	Trust: 0.8
db:	SECUNIA	id:	22207	Trust: 0.8
db:	SECUNIA	id:	22212	Trust: 0.8
db:	SECUNIA	id:	22116	Trust: 0.8
db:	SECUNIA	id:	22216	Trust: 0.8
db:	SECUNIA	id:	22220	Trust: 0.8
db:	SECUNIA	id:	22330	Trust: 0.8
db:	SECUNIA	id:	22130	Trust: 0.8
db:	SECUNIA	id:	22240	Trust: 0.8
db:	SECUNIA	id:	22259	Trust: 0.8
db:	SECUNIA	id:	22260	Trust: 0.8
db:	SECUNIA	id:	22165	Trust: 0.8
db:	SECUNIA	id:	22166	Trust: 0.8
db:	SECUNIA	id:	22172	Trust: 0.8
db:	SECUNIA	id:	22284	Trust: 0.8
db:	SECUNIA	id:	22186	Trust: 0.8
db:	SECUNIA	id:	22193	Trust: 0.8
db:	SECUNIA	id:	22094	Trust: 0.8
db:	BID	id:	20249	Trust: 0.8
db:	SECTRACK	id:	1016943	Trust: 0.8
db:	XF	id:	29237	Trust: 0.8
db:	CERT/CC	id:	VU#547300	Trust: 0.8
db:	JVNDB	id:	JVNDB-2006-001152	Trust: 0.8
db:	CNNVD	id:	CNNVD-200611-503	Trust: 0.7
db:	CERT/CC	id:	TA06-333A	Trust: 0.6
db:	APPLE	id:	APPLE-SA-2006-11-28	Trust: 0.6
db:	VULHUB	id:	VHN-20515	Trust: 0.1

sources: CERT/CC: VU#386964 // CERT/CC: VU#734032 // CERT/CC: VU#845620 // CERT/CC: VU#547300 // VULHUB: VHN-20515 // BID: 21335 // JVNDB: JVNDB-2006-001152 // CNNVD: CNNVD-200611-503 // NVD: CVE-2006-4407

REFERENCES

url:	http://docs.info.apple.com/article.html?artnum=304829	Trust: 2.8
url:	http://www.us-cert.gov/cas/techalerts/ta06-333a.html	Trust: 2.8
url:	http://www.kb.cert.org/vuls/id/734032	Trust: 2.5
url:	http://www.securityfocus.com/bid/22083	Trust: 2.4
url:	http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/21335	Trust: 1.7
url:	http://www.osvdb.org/30731	Trust: 1.7
url:	http://securitytracker.com/id?1017298	Trust: 1.7
url:	http://secunia.com/advisories/23155	Trust: 1.7
url:	http://www.openssl.org/news/secadv_20060928.txt	Trust: 1.6
url:	http://secunia.com/advisories/23280/	Trust: 1.6
url:	http://secunia.com/advisories/23309/	Trust: 1.6
url:	http://www.vupen.com/english/advisories/2006/4750	Trust: 1.1
url:	http://jvn.jp/cert/jvnvu%23386964/index.html	Trust: 0.8
url:	http://www.securityfocus.com/bid/20246	Trust: 0.8
url:	http://secunia.com/advisories/23155/	Trust: 0.8
url:	http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html	Trust: 0.8
url:	http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/	Trust: 0.8
url:	http://www.openssl.org/news/secadv_20060905.txt	Trust: 0.8
url:	http://secunia.com/advisories/21709/	Trust: 0.8
url:	http://www.rsasecurity.com/rsalabs/node.asp?id=2125	Trust: 0.8
url:	http://www.ietf.org/rfc/rfc3447.txt	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu%23547300/index.html	Trust: 0.8
url:	http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html	Trust: 0.8
url:	https://issues.rpath.com/browse/rpl-613	Trust: 0.8
url:	http://www.openssl.org/news/secadv_20060928.txt	Trust: 0.8
url:	http://kolab.org/security/kolab-vendor-notice-11.txt	Trust: 0.8
url:	http://openvpn.net/changelog.html	Trust: 0.8
url:	http://www.serv-u.com/releasenotes/	Trust: 0.8
url:	http://openbsd.org/errata.html#openssl2	Trust: 0.8
url:	http://www.securityfocus.com/bid/20249	Trust: 0.8
url:	http://securitytracker.com/id?1016943	Trust: 0.8
url:	http://secunia.com/advisories/22130	Trust: 0.8
url:	http://secunia.com/advisories/22094	Trust: 0.8
url:	http://secunia.com/advisories/22165	Trust: 0.8
url:	http://secunia.com/advisories/22186	Trust: 0.8
url:	http://secunia.com/advisories/22193	Trust: 0.8
url:	http://secunia.com/advisories/22207	Trust: 0.8
url:	http://secunia.com/advisories/22259	Trust: 0.8
url:	http://secunia.com/advisories/22260	Trust: 0.8
url:	http://secunia.com/advisories/22166	Trust: 0.8
url:	http://secunia.com/advisories/22172	Trust: 0.8
url:	http://secunia.com/advisories/22212	Trust: 0.8
url:	http://secunia.com/advisories/22240	Trust: 0.8
url:	http://secunia.com/advisories/22216	Trust: 0.8
url:	http://secunia.com/advisories/22116	Trust: 0.8
url:	http://secunia.com/advisories/22220	Trust: 0.8
url:	http://secunia.com/advisories/22284	Trust: 0.8
url:	http://secunia.com/advisories/22330	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/29237	Trust: 0.8
url:	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4407	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4407	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2006/4750	Trust: 0.6
url:	http://www.info.apple.com/usen/security/security_updates.html	Trust: 0.3
url:	http://www.apple.com/macosx/	Trust: 0.3
url:	http://labs.musecurity.com/advisories/mu-200611-01.txt	Trust: 0.3

CREDITS

Benjamin WilliamsMu SecurityEric CroninDr. Stephen N. HensonTim※ darksock@uhagr.org

Trust: 0.6

sources: CNNVD: CNNVD-200611-503

SOURCES

db:	CERT/CC	id:	VU#386964
db:	CERT/CC	id:	VU#734032
db:	CERT/CC	id:	VU#845620
db:	CERT/CC	id:	VU#547300
db:	VULHUB	id:	VHN-20515
db:	BID	id:	21335
db:	JVNDB	id:	JVNDB-2006-001152
db:	CNNVD	id:	CNNVD-200611-503
db:	NVD	id:	CVE-2006-4407

LAST UPDATE DATE

2024-09-10T19:46:32.702000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#386964	date:	2011-07-22T00:00:00
db:	CERT/CC	id:	VU#734032	date:	2006-11-30T00:00:00
db:	CERT/CC	id:	VU#845620	date:	2007-02-08T00:00:00
db:	CERT/CC	id:	VU#547300	date:	2011-07-22T00:00:00
db:	VULHUB	id:	VHN-20515	date:	2011-03-08T00:00:00
db:	BID	id:	21335	date:	2006-11-30T20:25:00
db:	JVNDB	id:	JVNDB-2006-001152	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200611-503	date:	2006-11-30T00:00:00
db:	NVD	id:	CVE-2006-4407	date:	2011-03-08T02:40:52.703

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#386964	date:	2006-09-28T00:00:00
db:	CERT/CC	id:	VU#734032	date:	2006-11-30T00:00:00
db:	CERT/CC	id:	VU#845620	date:	2006-09-11T00:00:00
db:	CERT/CC	id:	VU#547300	date:	2006-09-28T00:00:00
db:	VULHUB	id:	VHN-20515	date:	2006-11-30T00:00:00
db:	BID	id:	21335	date:	2006-11-28T00:00:00
db:	JVNDB	id:	JVNDB-2006-001152	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200611-503	date:	2006-11-30T00:00:00
db:	NVD	id:	CVE-2006-4407	date:	2006-11-30T16:28:00