ID
VAR-200911-0398
CVE
CVE-2009-3555
TITLE
SSL and TLS protocols renegotiation vulnerability
Trust: 0.8
DESCRIPTION
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. A vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction. =========================================================== Ubuntu Security Notice USN-860-1 November 19, 2009 apache2 vulnerabilities CVE-2009-3094, CVE-2009-3095, CVE-2009-3555 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.9 Ubuntu 8.04 LTS: apache2.2-common 2.2.8-1ubuntu0.14 Ubuntu 8.10: apache2.2-common 2.2.9-7ubuntu3.5 Ubuntu 9.04: apache2.2-common 2.2.11-2ubuntu2.5 Ubuntu 9.10: apache2.2-common 2.2.12-1ubuntu2.1 In general, a standard system upgrade is sufficient to effect the necessary changes. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. The flaw is with TLS renegotiation and potentially affects any software that supports this feature. Attacks against the HTTPS protocol are known, with the severity of the issue depending on the safeguards used in the web application. Until the TLS protocol and underlying libraries are adjusted to defend against this vulnerability, a partial, temporary workaround has been applied to Apache that disables client initiated TLS renegotiation. This update does not protect against server initiated TLS renegotiation when using SSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. Users can defend againt server inititiated TLS renegotiation attacks by adjusting their Apache configuration to use SSLVerifyClient and SSLCipherSuite only on the server or virtual host level. (CVE-2009-3555) It was discovered that mod_proxy_ftp in Apache did not properly sanitize its input when processing replies to EPASV and PASV commands. An attacker could use this to cause a denial of service in the Apache child process. (CVE-2009-3094) Another flaw was discovered in mod_proxy_ftp. If Apache is configured as a reverse proxy, an attacker could send a crafted HTTP header to bypass intended access controls and send arbitrary commands to the FTP server. (CVE-2009-3095) Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz Size/MD5: 130638 5d172b0ca228238e211940fad6b0935d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc Size/MD5: 1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb Size/MD5: 2125884 643115e9135b9bf626f3a65cfc5f2ed3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 834492 818915da9848657833480b1ead6b4a12 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 229578 9086ac3033e0425ecd150b31b377ee76 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 224594 85a4480344a072868758c466f6a98747 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 229128 446b52088b9744fb776e53155403a474 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 172850 17e4cd95ecb9d0390274fca9625c2e5e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 173636 b501407d01fa07e5807c28cd1db16cd7 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 95454 a06ee30ec14b35003ebcb821624bc2af http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 37510 4c063b1b8d831ea8a02d5ec691995dec http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 287048 9cdc7502ebc526d4bc7df9b59a9d8925 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb Size/MD5: 145624 4b613a57da2ca57678e8c8f0c1628556 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 787870 67b1855dc984e5296ac9580e2a2f0a0c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 204122 edf40b0ff5c1824b2d6232da247ce480 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 200060 6267a56fcef78f6300372810ce36ea41 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 203580 c487929bbf45b5a4dc3d035d86f7b3a0 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 172876 bae257127c3d137e407a7db744f3d57a http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 173660 9dd0e108ab4d3382799b29d901bf4502 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 93410 d5d602c75a28873f1cd7523857e0dd80 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 37508 22049e1ea8ea88259ff3f6e94482cfb3 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 263066 43fa2ae3b43c4743c98c45ac22fb0250 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb Size/MD5: 133484 e70b7f81859cb92e0c50084e92216526 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 860622 6d386da8da90d363414846dbc7fa7f08 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 221470 8c207b379f7ba646c94759d3e9079dd4 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 217132 069cab77278b101c3c4a5b172f36ba9b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 220968 2f6ba65769fc964eb6dfec8a842f7621 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 172874 89137c84b5a33f526daf3f8b4c047a7e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 173662 23e576721faccb4aef732cf98e2358d4 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 105198 44f9e698567784555db7d7d971b9fce2 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 37518 fe7caa2a3cf6d4227ac34692de30635e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 282644 ec0306c04778cf8c8edd622aabb0363c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb Size/MD5: 142730 d43356422176ca29440f3e0572678093 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 211674 eb19532b9b759c806e9a95a4ffbfad9b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 207344 9e5770a4c94cbc4f9bc8cc11a6a038f1 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 210948 6d1d2357cec5b88c1c2269e5c16724bc http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 172882 d04dd123def1bc4cfbf2ac0095432eea http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 173662 6be46bbb9e92224020da49d657cb4cd4 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 94510 9df6ae07a9218d6159b1eebde5d58606 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 37506 89856bb1433e67fb23c8d34423d3e0a5 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 269070 bf585dec777b0306cd80663c11b020df http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb Size/MD5: 131466 340eaf2d2c1f129c7676a152776cfcf3 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz Size/MD5: 141838 37d5c93b425758839cbef5afea5353a2 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc Size/MD5: 1381 78c9a13cc2af0dbf3958a3fc98aeea84 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb Size/MD5: 1929318 d4faaf64c2c0af807848ea171a4efa90 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb Size/MD5: 72920 065d63c19b22f0f7a8f7c28952b0b408 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb Size/MD5: 6258048 33c48a093bbb868ea108a50c051437cf http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb Size/MD5: 45850 07a9463a8e4fdf1a48766d5ad08b9a3c amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb Size/MD5: 253080 3c6467ee604002a5b8ebffff8554c568 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb Size/MD5: 248676 3c83ce9eb0a27f18b9c3a8c3e651cafa http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb Size/MD5: 252490 cf379a515d967d89d2009be9e06d4833 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb Size/MD5: 205592 af6cb62114d2e70bf859c32008a66433 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb Size/MD5: 206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb Size/MD5: 141660 958585d6391847cd5a618464054f7d37 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb Size/MD5: 803974 76d23bd94465a2f96711dc1c41b31af0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb Size/MD5: 236060 ad4c00dc10b406cc312982b7113fa468 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb Size/MD5: 231580 07ae6a192e6c859e49d48f2b2158df40 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb Size/MD5: 235308 18a44bbffcebde8f2d66fe3a6bdbab6d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb Size/MD5: 205594 73ec71599d4c8a42a69ac3099b9d50cf http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb Size/MD5: 206374 c1524e4fa8265e7eaac046b114b8c463 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb Size/MD5: 140644 379a125b8b5b51ff8033449755ab87b8 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb Size/MD5: 755574 9de96c8719740c2525e3c0cf7836d60b lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb Size/MD5: 235578 0265d4f6ccee2d7b5ee10cfff48fed08 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb Size/MD5: 231234 611499fb33808ecdd232e2c5350f6838 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb Size/MD5: 234738 d7757d2da2e542ce0fdad5994be1d8bd http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb Size/MD5: 205592 c10ac9eb401184c379b7993b6a62cde3 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb Size/MD5: 206358 fc91c0159b096e744c42014e6e5f8909 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb Size/MD5: 141212 f87d5f443e5d8e1c3eda6f976b3ceb06 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb Size/MD5: 749716 86ae389b81b057288ff3c0b69ef68656 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb Size/MD5: 254134 4337f858972022fa196c9a1f9bb724fb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb Size/MD5: 249596 44a6e21ff8fa81d09dab19cab4caffdb http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb Size/MD5: 253698 f101a1709f21320716d4c9afb356f24f http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb Size/MD5: 205604 3f4d4f6733257a7037e35101ef792352 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb Size/MD5: 206386 06402188459de8dab5279b5bfef768fa http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb Size/MD5: 158390 0acffbdb7e5602b434c4f2805f8dc4d0 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb Size/MD5: 906022 28c3e8b63d123a4ca0632b3fed6720b5 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb Size/MD5: 237422 5651f53b09c0f36e1333c569980a0eb0 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb Size/MD5: 233152 1165607c64c57c84212b6b106254e885 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb Size/MD5: 236606 bbe00d0707c279a16eca35258dd8f13a http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb Size/MD5: 205598 76afcd4085fa6f39055a5a3f1ef34a43 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb Size/MD5: 206372 5c67270e0a19d1558cf17cb21a114833 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb Size/MD5: 143838 28e9c3811feeac70b846279e82c23430 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb Size/MD5: 765398 92c5b054b80b6258a1c4caac8248a40a Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz Size/MD5: 137715 0e8a6128ff37a1c064d4ce881b5d3df9 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc Size/MD5: 1788 5e3c3d53b68ea3053bcca3a5e19f5911 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb Size/MD5: 2041786 cd1e98fb2064bad51f7845f203a07d79 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb Size/MD5: 6538578 32e07db65f1e7b3002aedc3afce1748c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb Size/MD5: 45474 0f1b4fb499af61a596241bd4f0f4d35d amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb Size/MD5: 254968 f2004f847cc5cbc730599352ad1f7dc6 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb Size/MD5: 249196 fb001fc4f192e9b8ae1bb7161925413c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb Size/MD5: 254360 419b942bad4cf4d959afcfa3ce4314e2 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb Size/MD5: 208524 0d87bf6acbf1ab5dc48c68debe7c0d26 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb Size/MD5: 84490 2a4df4b619debe549f48ac3e9e764305 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb Size/MD5: 82838 215665711684d5b5dd04cdfa23d36462 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb Size/MD5: 209550 496d387e315370c0cd83489db663a356 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb Size/MD5: 147762 48061b9015c78b39b7afd834f4c81ae0 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb Size/MD5: 820242 3497441009bc9db76a87fd2447ba433c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb Size/MD5: 241376 488812d1a311fd67dafd5b18b6813920 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb Size/MD5: 236082 9256681808703f40e822c81b53f4ce3e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb Size/MD5: 240668 2b6b7c11a88ed5a280f603305bee880e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb Size/MD5: 208532 e0eccceba6cae5fb12f431ff0283a23e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb Size/MD5: 83922 ea5f69f36e344e493cce5d9c0bc69c46 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb Size/MD5: 82320 0d9b2f9afff4b9efe924b59e9bb039ea http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb Size/MD5: 209554 f4e53148ae30d5c4f060d455e4f11f95 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb Size/MD5: 146596 5ed6a4af9378bacfb7d4a034d9923915 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb Size/MD5: 778564 ffd7752394933004094c13b00113b263 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb Size/MD5: 238358 4955c7d577496ea4f3573345fad028a4 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb Size/MD5: 232964 76aecf38baba17a8a968329b818ec74a http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb Size/MD5: 237626 83f32bd08e2e206bbdb9f92cfb1a37e5 http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb Size/MD5: 208528 6672fb116e108687669c89197732fbb0 http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb Size/MD5: 83870 b8f875f197017aec0fe8203c203065d7 http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb Size/MD5: 82296 d6724391ed540b351e2b660ba98af1ca http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb Size/MD5: 209550 263b43fb11c6d954d5a4bf7839e720a4 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb Size/MD5: 146282 a225b8d0f48e141eea28b2369d4595c0 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb Size/MD5: 766494 454c737e191429c43ad3f28c9e0294a0 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb Size/MD5: 261510 d3e1155682726cc28859156e647d97b3 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb Size/MD5: 256082 e49d894a6e9ab612a3cbd2f189ca3d8d http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb Size/MD5: 260850 bc3cd7677cd630ac00424e73a3a6b343 http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb Size/MD5: 208542 ae1cc6b1323832528ad8f0e7130ec87d http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb Size/MD5: 84558 68452b686e89320007e9c5367ce36345 http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb Size/MD5: 82908 2b8c5fc4bdec1017735dc16eba41d0a6 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb Size/MD5: 209562 a8da7487e3dcd1bdff008956728b8dd3 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb Size/MD5: 161030 a5ffe07d5e3050c8a54c4fccd3732263 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb Size/MD5: 926240 8282583e86e84bd256959540f39a515d sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb Size/MD5: 246720 e54b4b9b354001a910ec9027dc90b0d2 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb Size/MD5: 241280 1eea25472875056e34cd2c3283c60171 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb Size/MD5: 246024 5709e7421814ecfb83fff5804d429971 http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb Size/MD5: 208528 25cdfd0177da7e5484d3d44f93257863 http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb Size/MD5: 84096 3ffbacffcc23ffc640a2ce05d35437bf http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb Size/MD5: 82470 17d1ca84f9455c492013f4f754a1d365 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb Size/MD5: 209546 696ef3652703523aea6208a4e51e48f1 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb Size/MD5: 150932 44c89e0249c85eed09b6f3a6a23db59d http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb Size/MD5: 783902 773a80d7a85a452016da3b10b1f3ae43 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz Size/MD5: 141023 50d6737005a6d4fe601e223a39293f99 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc Size/MD5: 1795 59720f4d7ad291c986d92ec120750c3d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb Size/MD5: 2219326 d29c903489b894ddf88b23a0fec23e5c http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb Size/MD5: 46636 ee03585b00f277ed98c0de07a683317a http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb Size/MD5: 6948222 a3505a83c13cf36c86248079127dd84d amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb Size/MD5: 259028 5e9bddefad4c58c3ef9fd15d7a06988d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb Size/MD5: 253218 ee1bfbb759ffade3a52a6782e2f4b66d http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb Size/MD5: 258414 8ef063026de9790bac1965427ce1b584 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb Size/MD5: 213294 09701d434bd102e4205e551b4525afd1 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb Size/MD5: 214258 e98de48ea01e1132c5f1248a9a018745 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb Size/MD5: 151140 2f7c7f14b843b2c24de8c67356406449 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb Size/MD5: 826834 28abdf1c7be886e9be2825d351abaec7 http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb Size/MD5: 87818 670c62615e107920c45893b3377ab2a0 http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb Size/MD5: 86094 5a7c68fd37066287b4819cba4cfed1f2 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb Size/MD5: 245538 952540b7679ebc8d3ffc953f32d3be0f http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb Size/MD5: 240048 08a7fd4888ffd9188890e57c613c4be7 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb Size/MD5: 244914 955bb5121da808d44aa994386d90723f http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb Size/MD5: 213308 dd16143608ff8c41cb2d5cd27212a57e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb Size/MD5: 214280 1e1f5d6feef40413f823a19126a018e3 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb Size/MD5: 150046 0769d86d26282d1d31615050ae5b8915 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb Size/MD5: 784198 8760e9c37147d0472dbbfe941c058829 http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb Size/MD5: 87182 21980cb1035d05f69b857870bbcbc085 http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb Size/MD5: 85572 6a1b8a5e4cb19e815e88335757b06cf3 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb Size/MD5: 242386 859ad63822b7e82c81cd6dcaca088c4a http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb Size/MD5: 236924 200538ce94218c9d8af8532636bfd40a http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb Size/MD5: 241822 3a3183ea4ee77d2677919d3b698f92a1 http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb Size/MD5: 213286 bf81273b1db0a4a621085171c2b2b421 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb Size/MD5: 214264 ed278dab71289d2baae2ea409382fbf8 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb Size/MD5: 149758 75f6e2d7bd1cdfe5b1806062c3c859df http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb Size/MD5: 773424 c7cdc26051bd9443ae25b73776537fb5 http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb Size/MD5: 87132 32e7ea89c96a0afce7ce1da457d947fb http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb Size/MD5: 85550 1d9b5963aa6ea5c01492ec417ab8510a powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb Size/MD5: 265476 5d03fe6b2da8de98c876941ff78b066f http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb Size/MD5: 260478 3e3aeaaf496cc86c62a831c59994c1f2 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb Size/MD5: 265154 5eae30e7a33c09b37483f3aab595d0e9 http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb Size/MD5: 213314 879534ebabbb8be86b606e1800dc9cf8 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb Size/MD5: 214286 922033231a6aa67ecca1c400d47f09c1 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb Size/MD5: 164444 74faf68f0baeffcd011155ca9b201039 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb Size/MD5: 932416 2911758e4ad1b3b401369621301ea76f http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb Size/MD5: 87876 1d45c033ec5498c092f30188cf1d481e http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb Size/MD5: 86154 52c1d8806d52fef6f43ab53662953953 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb Size/MD5: 250786 4e8e98dcba5543394ed5f07d141ce408 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb Size/MD5: 245094 a82bf04fc92b8c275b0c0f25cc81ff91 http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb Size/MD5: 250110 092cf734813ae1d127d7b4f498f936c1 http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb Size/MD5: 213312 98d7062a6bdb58637f7e850b76bfbc80 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb Size/MD5: 214286 a378e2e0418631cec0f398379a446172 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb Size/MD5: 154284 ce8b7bbccd359675b70426df15becfed http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb Size/MD5: 789298 11f088b18425b97367d5bc141da2ef2f http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb Size/MD5: 87384 477b6594866c8c73a8a3603e7e646c68 http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb Size/MD5: 85686 5562ea5a0e6f01ba12adda3afb65c1b0 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz Size/MD5: 185244 1ef59f9642bd9efa35e0808ea804cd0b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc Size/MD5: 1888 d3bfdecefdd8b1adec8ab35dcf85d2b3 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz Size/MD5: 6678149 17f017b571f88aa60abebfe2945d7caf Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb Size/MD5: 2246560 be12bcc117bf165ffd3401486186762e http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb Size/MD5: 2336 009d381342b0be5280835a46c91f01d9 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb Size/MD5: 2374 7545a3750acea08e95bee86f6a3247e2 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb Size/MD5: 2314 17719223d92d46821098ce178b5947d6 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb Size/MD5: 284782 4321e3201d8e8d1a9e3c6fbe6864102b http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb Size/MD5: 1424 7b4d96008368549d5600a8c1f64a7559 http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb Size/MD5: 2366 46add3d428c97fa69a8848a3e4025bb0 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb Size/MD5: 137080 91e4f72d0f1f0abe91555e1497558fc2 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb Size/MD5: 138176 5fd6a5ed536306528f9f2c1a0281ad70 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb Size/MD5: 156646 cfa55666363303b3f44a24fa2929bf01 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb Size/MD5: 1399630 82b36d57faa29a646e72a1125600c11c http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb Size/MD5: 92488 ddebef9d1a537520380f85b63c512bef http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb Size/MD5: 90880 c6d163edf145da8ff6d102dc0dd1f8d7 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb Size/MD5: 137102 69dcd0519ca612e02102f52dcb50bf7f http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb Size/MD5: 138200 17221b53903d664823a55faa1ec4d9a9 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb Size/MD5: 155166 4347806710edff47fc051b4a68d5b448 http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb Size/MD5: 1309136 d9a7df212b315fc6f77fc87fa8eb4a04 http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb Size/MD5: 91876 289bf732dd4750a2ce61ab121b04b079 http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb Size/MD5: 90316 add7f446f6b524343c0066a486dd299a lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb Size/MD5: 137088 571e9f0370b5687acff25f71c4efe33e http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb Size/MD5: 138192 816a6e033f02114553bbb3627b9c6f9c http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb Size/MD5: 155090 af8272dc794250c30cd2f66b82486dc2 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb Size/MD5: 1290606 4c51de07f5a6fe9612de45369e6f35a5 http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb Size/MD5: 91830 06866386df811127f4fd71d6fb2a9e2a http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb Size/MD5: 90312 9e68bd8111503135a4eae7265b0084ae powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb Size/MD5: 137096 61b24dbeb12d7998e5d7014c26410a99 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb Size/MD5: 138202 599898ff374bde8bfa388e2615064c5a http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb Size/MD5: 161058 fea8f5b9a80bef9c4cb3405bc37160af http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb Size/MD5: 1390150 fb1a244728a509586b77d02930fcf10f http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb Size/MD5: 92400 572c3b0aa5ab717e8c4e4e8248aff1ff http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb Size/MD5: 90774 82011ebc757d31e690698cf9913e3adc sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb Size/MD5: 137098 7f566dfade1678c72eac7dd923ab5987 http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb Size/MD5: 138202 09fbc3145d768cf1f204d47b50e21528 http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb Size/MD5: 159488 7cb6c81588adaee162b8c85a1f69e7a7 http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb Size/MD5: 1297936 106b0b71f5e928c1d543973b5b1f015b http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb Size/MD5: 92166 28899fe31226880dfa961d8b05e8fa43 http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb Size/MD5: 90554 f207de0099ed259e2af736e8c82f91c2 . A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169 (CVE-2013-1619). OpenSSL Security Advisory [11-Nov-2009] ======================================= A potentially serious flaw in SSL and TLS has been worked around in OpenSSL 0.9.8l. Since many changes had occurred on the 0.9.8 branch without a public release it was decided to release 0.9.8l based on the last publicly tested release version 0.9.8k. Man-in-the-middle Renegotiation Attack ====================================== A man-in-the-middle (MitM) can intercept an SSL connection and instead make his own connection to the server. He can then send arbitrary data and trigger a renegotiation using the client's original connection data. From the server's point of view the client simply connected, sent data, renegotiated and continued. From the client's point of view he connects to the server normally. There is no indication at the SSL level that the attack occurred. There may be indications at the level of the protocol layered on top of SSL, for example, unexpected or pipelined responses. This attack can also be performed when the server requests a renegotiation - in this variant, the MitM would wait for the server's renegotiation request and at that point replay the clients original connection data. Once the original client connection data has been replayed, the MitM can no longer inject data, nor can he read the traffic over the SSL connection in either direction. Workaround ========== The workaround in 0.9.8l simply bans all renegotiation. Because of the nature of the attack, this is only an effective defence when deployed on servers. Upgraded clients will still be vulnerable. Servers that need renegotiation to function correctly obviously cannot deploy this fix without breakage. Severity ======== Because of the enormous difficulty of analysing every possible attack on every protocol that is layered on SSL, the OpenSSL Team classify this as a severe issue and recommend that everyone who does not rely on renegotiation deploy 0.9.8l as soon as possible. History ======= A small number of people knew about the problem in advance under NDA and a comprehensive fix was being developed. Unfortunately the issue was independently discovered and the details made public so a less than ideal brute force emergency fix had to be developed and released. Future Plans ============ A TLS extension has been defined which will cryptographically bind the session before renegotiation to the session after. We are working on incorporating this into 0.9.8m, which will also incorporate a number of other security and bug fixes. Because renegotiation is, in practice, rarely used we will not be rushing the production of 0.9.8m, but will instead test interoperability with other implementations, and ensure the stability of the other fixes before release. Acknowledgements ================ Thanks to Marsh Ray, who discovered the issue, and Steve Dispensa of PhoneFactor. Also thanks to ICASI who managed the early coordination of this issue. References =========== CVE-2009-3555: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 TLS extension: https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt URL for this Security Advisory: https://www.openssl.org/news/secadv_20091111.txt . Service (DoS) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01945686 Version: 1 HPSBUX02482 SSRT090249 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2009-11-25 Last Updated: 2009-11-25 Potential Security Impact: Remote unauthorized data injection, Denial of Service (DoS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX OpenSSL. The vulnerability could be exploited remotely to inject unauthorized data or to create a Denial of Service (DoS). References: CVE-2009-3555 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08l. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided upgrades to resolve this vulnerability. The upgrades are available from the following location. HOST ACCOUNT PASSWORD ftp.usa.hp.com sb02482 Secure12 HP-UX Release Depot name SHA-1 Hash B.11.11 PA (32 and 64) OpenSSL_A.00.09.08l.001_HP-UX_B.11.11_32+64.depot 2efb-e45e-78a7-17d0-11e9-5c10-3753-0585-6fde-36c4 B.11.23 (PA and IA) OpenSSL_A.00.09.08l.002_HP-UX_B.11.23_IA-PA.depot 2794-2f77-48a4-3316-a8b9-d213-7243-8e1b-7336-95a2 B.11.31 (PA and IA) OpenSSL_A.00.09.08l.003_HP-UX_B.11.31_IA-PA.depot 7be7-25a2-d3c4-0dce-761d-eba0-2782-8788-3bf8-02ca Note: OpenSSL vA.00.09.08l disables renegotiation. Although renegotiation is thought to be rarely used, applications should be tested to evaluate the impact of installing OpenSSL vA.00.09.08l. MANUAL ACTIONS: Yes - Update Install OpenSSL A.00.09.08l or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN action: install revision A.00.09.08l.001 or subsequent HP-UX B.11.23 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-LIB.2 openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PRNG.2 openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-RUN.2 action: install revision A.00.09.08l.002 or subsequent HP-UX B.11.31 ================== openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-LIB.2 openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PRNG.2 openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-RUN.2 action: install revision A.00.09.08l.003 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) 25 November 2009 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201206-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: GnuTLS: Multiple vulnerabilities Date: June 23, 2012 Bugs: #281224, #292025, #389947, #409287 ID: 201206-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in GnuTLS, allowing a remote attacker to perform man-in-the-middle or Denial of Service attacks. Background ========== GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/gnutls < 2.12.18 >= 2.12.18 Description =========== Multiple vulnerabilities have been found in GnuTLS: * An error in libgnutls does not properly sanitize "\0" characters from certificate fields (CVE-2009-2730). * An error in the TLS and SSL protocols mistreats renegotiation handshakes (CVE-2009-3555). * A boundary error in the "gnutls_session_get_data()" function in gnutls_session.c could cause a buffer overflow (CVE-2011-4128). Impact ====== A remote attacker could perform man-in-the-middle attacks to spoof arbitrary SSL servers or cause a Denial of Service condition in applications linked against GnuTLS. Resolution ========== All GnuTLS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/gnutls-2.12.18" References ========== [ 1 ] CVE-2009-2730 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2730 [ 2 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 3 ] CVE-2011-4128 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4128 [ 4 ] CVE-2012-1573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1573 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201206-18.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ATTENTION: After applying this update, a patched server will allow both patched and unpatched clients to connect, but unpatched clients will not be able to renegotiate. (CVE-2009-3555) It was discovered that Loader-constraint table, Policy/PolicyFile, Inflater/Deflater, drag/drop access, and deserialization did not correctly handle certain sensitive objects. If a user were tricked into running a specially crafted applet, private information could be leaked to a remote attacker, leading to a loss of privacy. (CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0094) It was discovered that AtomicReferenceArray, System.arraycopy, InetAddress, and HashAttributeSet did not correctly handle certain situations. (CVE-2010-0092, CVE-2010-0093, CVE-2010-0095, CVE-2010-0845) It was discovered that Pack200, CMM readMabCurveData, ImagingLib, and the AWT library did not correctly check buffer lengths. If a user or automated system were tricked into handling specially crafted JAR files or images, a remote attacker could crash the Java application or possibly gain user privileges (CVE-2010-0837, CVE-2010-0838, CVE-2010-0847, CVE-2010-0848). It was discovered that applets did not correctly handle certain trust chains. If a user were tricked into running a specially crafted applet, a remote attacker could possibly run untrusted code with user privileges. Details follow: USN-927-1 fixed vulnerabilities in nss in Ubuntu 9.10. This update adds support for the new new renegotiation extension and will use it when the server supports it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0003 Synopsis: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX Issue date: 2011-02-10 Updated on: 2011-02-10 (initial release of advisory) CVE numbers: --- Apache Tomcat --- CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 CVE-2009-3548 CVE-2010-2227 CVE-2010-1157 --- Apache Tomcat Manager --- CVE-2010-2928 --- cURL --- CVE-2010-0734 --- COS Kernel --- CVE-2010-1084 CVE-2010-2066 CVE-2010-2070 CVE-2010-2226 CVE-2010-2248 CVE-2010-2521 CVE-2010-2524 CVE-2010-0008 CVE-2010-0415 CVE-2010-0437 CVE-2009-4308 CVE-2010-0003 CVE-2010-0007 CVE-2010-0307 CVE-2010-1086 CVE-2010-0410 CVE-2010-0730 CVE-2010-1085 CVE-2010-0291 CVE-2010-0622 CVE-2010-1087 CVE-2010-1173 CVE-2010-1437 CVE-2010-1088 CVE-2010-1187 CVE-2010-1436 CVE-2010-1641 CVE-2010-3081 --- Microsoft SQL Express --- CVE-2008-5416 CVE-2008-0085 CVE-2008-0086 CVE-2008-0107 CVE-2008-0106 --- OpenSSL --- CVE-2010-0740 CVE-2010-0433 CVE-2010-3864 CVE-2010-2939 --- Oracle (Sun) JRE --- CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 CVE-2010-0886 CVE-2010-3556 CVE-2010-3566 CVE-2010-3567 CVE-2010-3550 CVE-2010-3561 CVE-2010-3573 CVE-2010-3565 CVE-2010-3568 CVE-2010-3569 CVE-2010-1321 CVE-2010-3548 CVE-2010-3551 CVE-2010-3562 CVE-2010-3571 CVE-2010-3554 CVE-2010-3559 CVE-2010-3572 CVE-2010-3553 CVE-2010-3549 CVE-2010-3557 CVE-2010-3541 CVE-2010-3574 --- pam_krb5 --- CVE-2008-3825 CVE-2009-1384 - ------------------------------------------------------------------------ 1. Summary Update 1 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere Hypervisor (ESXi) 4.1, ESXi 4.1, addresses several security issues. 2. Relevant releases vCenter Server 4.1 without Update 1, vCenter Update Manager 4.1 without Update 1, ESXi 4.1 without patch ESXi410-201101201-SG, ESX 4.1 without patch ESX410-201101201-SG. 3. Problem Description a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3 Microsoft SQL Server 2005 Express Edition (SQL Express) distributed with vCenter Server 4.1 Update 1 and vCenter Update Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2 to SQL Express Service Pack 3, to address multiple security issues that exist in the earlier releases of Microsoft SQL Express. Customers using other database solutions need not update for these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086, CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL Express Service Pack 3. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned Update Manager 4.1 Windows Update 1 Update Manager 4.0 Windows affected, patch pending Update Manager 1.0 Windows affected, no patch planned hosted * any any not affected ESXi any ESXi not affected ESX any ESX not affected * Hosted products are VMware Workstation, Player, ACE, Fusion. b. vCenter Apache Tomcat Management Application Credential Disclosure The Apache Tomcat Manager application configuration file contains logon credentials that can be read by unprivileged local users. The issue is resolved by removing the Manager application in vCenter 4.1 Update 1. If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon credentials are not present in the configuration file after the update. VMware would like to thank Claudio Criscione of Secure Networking for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-2928 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows not affected VirtualCenter 2.5 Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX any ESX not affected * hosted products are VMware Workstation, Player, ACE, Fusion. c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21 Oracle (Sun) JRE update to version 1.6.0_21, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0850. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name to the security issue fixed in Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows not applicable ** VirtualCenter 2.5 Windows not applicable ** Update Manager 4.1 Windows not applicable ** Update Manager 4.0 Windows not applicable ** Update Manager 1.0 Windows not applicable ** hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX not applicable ** ESX 3.5 ESX not applicable ** ESX 3.0.3 ESX not applicable ** * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.5.0 family d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26 Oracle (Sun) JRE update to version 1.5.0_26, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566, CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573, CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555, CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562, CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572, CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541, CVE-2010-3574. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows not applicable ** vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned Update Manager 4.1 Windows Update 1 Update Manager 4.0 Windows affected, patch pending Update Manager 1.0 Windows affected, no patch planned hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX not applicable ** ESX 4.0 ESX affected, patch pending ESX 3.5 ESX affected, no patch planned ESX 3.0.3 ESX affected, no patch planned * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.6.0 family e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28 Apache Tomcat updated to version 6.0.28, which addresses multiple security issues that existed in earlier releases of Apache Tomcat The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i and CVE-2009-3548. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows not applicable ** hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX not applicable ** ESX 3.0.3 ESX not applicable ** * hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Apache Tomcat 5.5 family f. vCenter Server third party component OpenSSL updated to version 0.9.8n The version of the OpenSSL library in vCenter Server is updated to 0.9.8n. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0740 and CVE-2010-0433 to the issues addressed in this version of OpenSSL. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter 4.1 Windows Update 1 vCenter 4.0 Windows affected, patch pending VirtualCenter 2.5 Windows affected, no patch planned hosted * any any not applicable ESXi any ESXi not applicable ESX any ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. g. ESX third party component OpenSSL updated to version 0.9.8p The version of the ESX OpenSSL library is updated to 0.9.8p. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3864 and CVE-2010-2939 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not applicable hosted * any any not applicable ESXi 4.1 ESXi ESXi410-201101201-SG ESXi 4.0 ESXi affected, patch pending ESXi 3.5 ESXi affected, patch pending ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending * hosted products are VMware Workstation, Player, ACE, Fusion. h. ESXi third party component cURL updated The version of cURL library in ESXi is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0734 to the issues addressed in this update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi 4.1 ESXi ESXi410-201101201-SG ESXi 4.0 ESXi affected, patch pending ESXi 3.5 ESXi affected, patch pending ESX any ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. i. ESX third party component pam_krb5 updated The version of pam_krb5 library is updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3825 and CVE-2009-1384 to the issues addressed in the update. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX not affected ESX 3.5 ESX not affected ESX 3.0.3 ESX not affected * hosted products are VMware Workstation, Player, ACE, Fusion. j. ESX third party update for Service Console kernel The Service Console kernel is updated to include kernel version 2.6.18-194.11.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070, CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524, CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308, CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086, CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437, CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and CVE-2010-3081 to the issues addressed in the update. Note: This update also addresses the 64-bit compatibility mode stack pointer underflow issue identified by CVE-2010-3081. This issue was patched in an ESX 4.1 patch prior to the release of ESX 4.1 Update 1. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= vCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201101201-SG ESX 4.0 ESX affected, patch pending ESX 3.5 ESX not applicable ESX 3.0.3 ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. VMware vCenter Server 4.1 Update 1 and modules ---------------------------------------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html File type: .iso md5sum: 729cf247aa5d33ceec431c86377eee1a sha1sum: c1e10a5fcbc1ae9d13348d43541d574c563d66f0 File type: .zip md5sum: fd1441bef48a153f2807f6823790e2f0 sha1sum: 31737a816ed1c08ab3a505fb6db2483f49ad7c19 VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESXi 4.1 Installable Update 1 ----------------------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html http://kb.vmware.com/kb/1027919 File type: .iso MD5SUM: d68d6c2e040a87cd04cd18c04c22c998 SHA1SUM: bbaacc0d34503822c14f6ccfefb6a5b62d18ae64 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.1) File type: .zip MD5SUM: 2f1e009c046b20042fae3b7ca42a840f SHA1SUM: 1c9c644012dec657a705ddd3d033cbfb87a1fab1 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.0) File type: .zip MD5SUM: 67b924618d196dafaf268a7691bd1a0f SHA1SUM: 9d74b639e703259d9e49c0341158e0d4e45de516 ESXi 4.1 Update 1 (upgrade ZIP from ESXi 3.5) File type: .zip MD5SUM: a6024b9f6c6b7b2c629696afc6d07cf4 SHA1SUM: b3841de1a30617ac68d5a861882aa72de3a93488 VMware Tools CD image for Linux Guest OSes File type: .iso MD5SUM: dad66fa8ece1dd121c302f45444daa70 SHA1SUM: 56535a2cfa7799607356c6fd0a7d9f041da614af VMware vSphere Client File type: .exe MD5SUM: cb6aa91ada1289575355d79e8c2a9f8e SHA1SUM: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESXi Installable Update 1 contains the following security bulletins: ESXi410-201101201-SG. ESX 4.1 Update 1 ---------------- http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html http://kb.vmware.com/kb/1029353 ESX 4.1 Update 1 (DVD ISO) File type: .iso md5sum: b9a275b419a20c7bedf31c0bf64f504e sha1sum: 2d85edcaca8218013585e1eab00bc80db6d96e11 ESX 4.1 Update 1 (upgrade ZIP from ESX 4.1) File type: .zip md5sum: 2d81a87e994aa2b329036f11d90b4c14 sha1sum: c2bfc0cf7ac03d24afd5049ddbd09a865aad1798 Pre-upgrade package for ESX 4.0 to ESX 4.1 Update 1 File type: .zip md5sum: 75f8cebfd55d8a81deb57c27def963c2 sha1sum: 889c15aa8008fe0e29439d0ab3468c2beb1c4fe2 ESX 4.1 Update 1 (upgrade ZIP from ESX 4.0) File type: .zip md5sum: 1dc9035cd10e7e60d27e7a7aef57b4c2 sha1sum: e6d3fb65d83a3e263d0f634a3572025854ff8922 VMware Tools CD image for Linux Guest OSes File type: .iso md5sum: dad66fa8ece1dd121c302f45444daa70 sha1sum: 56535a2cfa7799607356c6fd0a7d9f041da614af VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4 ESX410-Update01 contains the following security bulletins: ESX410-201101201-SG (COS kernel, pam_krb5, cURL, OpenSSL, Apache Tomcat, Oracle (Sun) JRE) | http://kb.vmware.com/kb/1027904 ESX410-201101226-SG (glibc) | http://kb.vmware.com/kb/1031330 ESX410-Update01 also contains the following non-security bulletins ESX410-201101211-UG, ESX410-201101213-UG, ESX410-201101215-UG, ESX410-201101202-UG, ESX410-201101203-UG, ESX410-201101204-UG, ESX410-201101206-UG, ESX410-201101207-UG, ESX410-201101208-UG, ESX410-201101214-UG, ESX410-201101216-UG, ESX410-201101217-UG, ESX410-201101218-UG, ESX410-201101219-UG, ESX410-201101220-UG, ESX410-201101221-UG, ESX410-201101222-UG, ESX410-201101225-UG. To install an individual bulletin use esxupdate with the -b option. 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2928 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0850 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2524 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4308 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0007 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1436 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574 - ------------------------------------------------------------------------ 6. Change log 2011-02-10 VMSA-2011-0003 Initial security advisory in conjunction with the release of vCenter Server 4.1 Update 1, vCenter Update Manager 4.1 Update 1, ESXi 4.1 Update 1, and ESX 4.1 Update 1 on 2011-02-10. - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2011 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iEYEARECAAYFAk1U1eoACgkQS2KysvBH1xm3swCfeh4sWvPOubDT1K7QlRj3SjW9 dxYAmwbNLMR9IG/rKZDYh9hqcf4IldCX =2pVj -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Transport Layer Security (TLS) is a protocol for ensuring the privacy of communication applications and their users over the Internet. Corrected: 2009-12-01 02:59:22 UTC (RELENG_8, 8.0-STABLE) 2009-12-03 09:18:40 UTC (RELENG_8_0, 8.0-RELEASE-p1) 2009-12-01 03:00:16 UTC (RELENG_7, 7.2-STABLE) 2009-12-03 09:18:40 UTC (RELENG_7_2, 7.2-RELEASE-p5) 2009-12-03 09:18:40 UTC (RELENG_7_1, 7.1-RELEASE-p9) CVE Name: CVE-2009-4146, CVE-2009-4147 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://security.FreeBSD.org/>. Background The run-time link-editor, rtld, links dynamic executable with their needed libraries at run-time. It also allows users to explicitly load libraries via various LD_ environmental variables. II. Problem Description When running setuid programs rtld will normally remove potentially dangerous environment variables. Due to recent changes in FreeBSD environment variable handling code, a corrupt environment may result in attempts to unset environment variables failing. III. Impact An unprivileged user who can execute programs on a system can gain the privileges of any setuid program which he can run. On most systems configurations, this will allow a local attacker to execute code as the root user. IV. Workaround No workaround is available, but systems without untrusted local users, where all the untrusted local users are jailed superusers, and/or where untrusted users cannot execute arbitrary code (e.g., due to use of read only and noexec mount options) are not affected. Note that "untrusted local users" include users with the ability to upload and execute web scripts (CGI, PHP, Python, Perl etc.), as they may be able to exploit this issue. Solution Perform one of the following: 1) Upgrade your vulnerable system to 7-STABLE or 8-STABLE, or to the RELENG_8_0, RELENG_7_2, or RELENG_7_1 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 7.1, 7.2, and 8.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 7.x] # fetch http://security.FreeBSD.org/patches/SA-09:16/rtld7.patch # fetch http://security.FreeBSD.org/patches/SA-09:16/rtld7.patch.asc [FreeBSD 8.0] # fetch http://security.FreeBSD.org/patches/SA-09:16/rtld.patch # fetch http://security.FreeBSD.org/patches/SA-09:16/rtld.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/libexec/rtld-elf # make obj && make depend && make && make install NOTE: On the amd64 platform, the above procedure will not update the ld-elf32.so.1 (i386 compatibility) run-time link-editor (rtld). On amd64 systems where the i386 rtld are installed, the operating system should instead be recompiled as described in <URL:http://www.FreeBSD.org/handbook/makeworld.html> VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - ------------------------------------------------------------------------- RELENG_7 src/libexec/rtld-elf/rtld.c 1.124.2.7 RELENG_7_2 src/UPDATING 1.507.2.23.2.8 src/sys/conf/newvers.sh 1.72.2.11.2.9 src/libexec/rtld-elf/rtld.c 1.124.2.4.2.2 RELENG_7_1 src/UPDATING 1.507.2.13.2.12 src/sys/conf/newvers.sh 1.72.2.9.2.13 src/libexec/rtld-elf/rtld.c 1.124.2.3.2.2 RELENG_8 src/libexec/rtld-elf/rtld.c 1.139.2.4 RELENG_8_0 src/UPDATING 1.632.2.7.2.4 src/sys/conf/newvers.sh 1.83.2.6.2.4 src/libexec/rtld-elf/rtld.c 1.139.2.2.2.2 - ------------------------------------------------------------------------- Subversion: Branch/path Revision - ------------------------------------------------------------------------- stable/7/ r199981 releng/7.2/ r200054 releng/7.1/ r200054 stable/8/ r199980 releng/8.0/ r200054 - ------------------------------------------------------------------------- VII. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:084 http://www.mandriva.com/security/ _______________________________________________________________________ Package : java-1.6.0-openjdk Date : April 28, 2010 Affected: 2009.0, 2009.1, 2010.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple Java OpenJDK security vulnerabilities has been identified and fixed: - TLS: MITM attacks via session renegotiation (CVE-2009-3555). - Loader-constraint table allows arrays instead of only the b ase-classes (CVE-2010-0082). - Policy/PolicyFile leak dynamic ProtectionDomains. (CVE-2010-0084). - File TOCTOU deserialization vulnerability (CVE-2010-0085). - Inflater/Deflater clone issues (CVE-2010-0088). - Unsigned applet can retrieve the dragged information before drop action occurs (CVE-2010-0091). - AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (CVE-2010-0092). - System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (CVE-2010-0093). - Deserialization of RMIConnectionImpl objects should enforce stricter checks (CVE-2010-0094). - Subclasses of InetAddress may incorrectly interpret network addresses (CVE-2010-0095). - JAR unpack200 must verify input parameters (CVE-2010-0837). - CMM readMabCurveData Buffer Overflow Vulnerability (CVE-2010-0838). - Applet Trusted Methods Chaining Privilege Escalation Vulner ability (CVE-2010-0840). - No ClassCastException for HashAttributeSet constructors if run with -Xcomp (CVE-2010-0845) - ImagingLib arbitrary code execution vulnerability (CVE-2010-0847). - AWT Library Invalid Index Vulnerability (CVE-2010-0848). Additional security issues that was fixed with IcedTea6 1.6.2: - deprecate MD2 in SSL cert validation (CVE-2009-2409). - ICC_Profile file existence detection information leak (CVE-2009-3728). - JRE AWT setDifflCM stack overflow (CVE-2009-3869). - JRE AWT setBytePixels heap overflow (CVE-2009-3871). - JPEG Image Writer quantization problem (CVE-2009-3873). - ImageI/O JPEG heap overflow (CVE-2009-3874). - MessageDigest.isEqual introduces timing attack vulnerabilities (CVE-2009-3875). - OpenJDK ASN.1/DER input stream parser denial of service (CVE-2009-3876, CVE-2009-3877) - GraphicsConfiguration information leak (CVE-2009-3879). - UI logging information leakage (CVE-2009-3880). - resurrected classloaders can still have children (CVE-2009-3881). - Numerous static security flaws in Swing (findbugs) (CVE-2009-3882). - Mutable statics in Windows PL&F (findbugs) (CVE-2009-3883). - zoneinfo file existence information leak (CVE-2009-3884). - BMP parsing DoS with UNC ICC links (CVE-2009-3885). Additionally Paulo Cesar Pereira de Andrade (pcpa) at Mandriva found and fixed a bug in IcedTea6 1.8 that is also applied to the provided packages: * plugin/icedteanp/IcedTeaNPPlugin.cc (plugin_filter_environment): Increment malloc size by one to account for NULL terminator. Bug# 474. Packages for 2009.0 are provided due to the Extended Maintenance Program. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3871 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3874 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3880 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3881 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3882 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://article.gmane.org/gmane.comp.java.openjdk.distro-packaging.devel/8938 http://blogs.sun.com/darcy/resource/OpenJDK_6/openjdk6-b18-changes-summary.html http://icedtea.classpath.org/hg/release/icedtea6-1.8/rev/a6a02193b073 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 37c14ebea4b3ceccbecba4ffea2630a6 2009.0/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 3f7ba1d78aaf5f1ca56e86fcb48e7192 2009.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 12963efa8b4ea6691ba68f4e72e81e5d 2009.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 6387d4381c518c5658701c114c5fcb9d 2009.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.0.i586.rpm f90d2a22c10b6eb30aedef13207d346c 2009.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 01e62b54974a3d1b5232de0baa196e41 2009.0/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.0.i586.rpm 212262f34829af20e53fb2076fa78d25 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 630941e679a033285ddf5cb3e4c1d092 2009.0/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm 6330c6dda9cf7c59a90f529bceeee17b 2009.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm c7d708c5f14d710a6bdcc352bb18a55a 2009.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm edf4b1d8efeb157bb0f19b4c4cc55935 2009.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm ac9f8227297249940b1845f3ad95165f 2009.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm d1ed0ce1155c85c423d0cbe47eadfa5b 2009.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.0.x86_64.rpm 212262f34829af20e53fb2076fa78d25 2009.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0.src.rpm Mandriva Linux 2009.1: 304bc2cab18b29781bfac69d4927ddce 2009.1/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 77f0d2e2b2c04288a5aae608a2f73f1a 2009.1/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 7ff7542b4328fd978725f8e0b02590d9 2009.1/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 3d1bf214209ea3aef86b58962e80901e 2009.1/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.1.i586.rpm f52cf5f8d3f85b98da246963d583f6bc 2009.1/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 87b2fd7ac9883e624e71faa993559e78 2009.1/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.1.i586.rpm 0ff2ca4dfc122a3538349ed2dab6ed81 2009.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 883105d4347bb0864c7c73e4f0865066 2009.1/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm ac44d41806625e0be7a55ff30bf1f0e7 2009.1/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 67db7247fbf1b5be5391f33603b9148c 2009.1/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 0b6e7a93df49306976453daf29a29d96 2009.1/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 67e679d7aa4545a968889dcbb1a3fa8e 2009.1/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 4042e3ae7e3b2dbdcba0e73aadd219d5 2009.1/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.1.x86_64.rpm 0ff2ca4dfc122a3538349ed2dab6ed81 2009.1/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1.src.rpm Mandriva Linux 2010.0: f3c1bb7b091d5889a856edf93e066367 2010.0/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 7f717091a34f98e9547c698bf08065f5 2010.0/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 21b8532c934559100b0dbc498ba3c52e 2010.0/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 8711fdef27cce9af73191903f85dbcd6 2010.0/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2010.0.i586.rpm 1905269f878bb1c6367dedc6797f6914 2010.0/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2010.0.i586.rpm c5f53d24770de6704f00fdf34c87a703 2010.0/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2010.0.i586.rpm b789ff663963ae8b60a0d189b870907c 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 100203d38e76348f262d69d2cae8a7ba 2010.0/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm f155019a4a22d7bf7265c67024dcbc33 2010.0/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 8eaf304d6eb93212d1045adc301de385 2010.0/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 2e2082bd89db22cf5fa4be2ebaceb71c 2010.0/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm 3e7a1849db88a8b8ddcdf30441edfcb7 2010.0/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm fbc9da5e2080972f6f8c01f23e86890f 2010.0/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2010.0.x86_64.rpm b789ff663963ae8b60a0d189b870907c 2010.0/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0.src.rpm Mandriva Enterprise Server 5: 742a7a6dcc82962a132eadb91a2b1736 mes5/i586/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 3acd32ccd1fee71f07ccb4b038434ffd mes5/i586/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm c3358ac84dbc950752655fee46fd5e4b mes5/i586/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm a30ef6b33fd9ba1403ab46ef9643efdb mes5/i586/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 534f95a18c4798ec80cdfe47bd1148a8 mes5/i586/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm e79e4bd9462096222f5b07d681b3d418 mes5/i586/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdvmes5.1.i586.rpm 0bc580c8d4d6e57cbee939bf68743170 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: 180566f92a5564c747c716ecdf082c8f mes5/x86_64/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 5e05d90fe32dfce7b15db7d9e5604227 mes5/x86_64/java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 09506c689ed0265023861e006fbcb624 mes5/x86_64/java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm c9ff4a3a4695c56b13268d76c355cfbe mes5/x86_64/java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 0a70a54c2eed68e723cbc65de63bfbff mes5/x86_64/java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 166c980a8479cd915f3507070c25508e mes5/x86_64/java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdvmes5.1.x86_64.rpm 0bc580c8d4d6e57cbee939bf68743170 mes5/SRPMS/java-1.6.0-openjdk-1.6.0.0-2.b18.2mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFL1/vUmqjQ0CJFipgRAlcyAJ9+2v53cztdo8nXoixp0vg0IuQjrACbB/vW +oOtru3I2iYRjlx04fi7wMw= =rIwa -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- http://secunia.com/research/ http://secunia.com/company/jobs/open_positions/reverse_engineer ---------------------------------------------------------------------- TITLE: Oracle Application Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44293 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44293/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44293 RELEASE DATE: 2011-04-24 DISCUSS ADVISORY: http://secunia.com/advisories/44293/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44293/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44293 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Application Server, which can be exploited by malicious users and people to manipulate certain data. 1) An error exists in the C Oracle SSL API of the Oracle Security Service component and can be exploited to manipulate certain data. For more information see vulnerability #1: SA37291 2) An unspecified error in the Oracle HTTP Server component can be exploited to manipulate certain data. 3) An error exists in the Midtier Infrastructure of the Portal component and can be exploited to manipulate certain data. For more information see vulnerability #3: SA44246 4) An unspecified error in the Single Sign On component can be exploited by authenticated users to manipulate certain data. The vulnerabilities are reported in the following products: * Oracle Application Server 10g Release 2 version 10.1.2.3.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for April 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html#AppendixAS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . - The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of information. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Such input strings represent valid numbers and can be contained in data supplied by an attacker over the network, leading to a denial-of-service attack. For the old stable distribution (lenny), this problem has been fixed in version 6b18-1.8.3-2~lenny1. Note that this update introduces an OpenJDK package based on the IcedTea release 1.8.3 into the old stable distribution. This addresses several dozen security vulnerabilities, most of which are only exploitable by malicious mobile code. A notable exception is CVE-2009-3555, the TLS renegotiation vulnerability. This update implements the protocol extension described in RFC 5746, addressing this issue. This update also includes a new version of Hotspot, the Java virtual machine, which increases the default heap size on machines with several GB of RAM. If you run several JVMs on the same machine, you might have to reduce the heap size by specifying a suitable -Xmx argument in the invocation of the "java" command
Trust: 3.15
AFFECTED PRODUCTS
| vendor: | openssl | model: | openssl | scope: | lte | version: | 0.9.8k | Trust: 1.0 |
| vendor: | debian | model: | linux | scope: | eq | version: | 8.0 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 8.04 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 8.10 | Trust: 1.0 |
| vendor: | fedoraproject | model: | fedora | scope: | eq | version: | 13 | Trust: 1.0 |
| vendor: | f5 | model: | nginx | scope: | lte | version: | 0.8.22 | Trust: 1.0 |
| vendor: | debian | model: | linux | scope: | eq | version: | 4.0 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 10.04 | Trust: 1.0 |
| vendor: | apache | model: | http server | scope: | lte | version: | 2.2.14 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 9.10 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 10.10 | Trust: 1.0 |
| vendor: | canonical | model: | ubuntu linux | scope: | eq | version: | 9.04 | Trust: 1.0 |
| vendor: | debian | model: | linux | scope: | eq | version: | 7.0 | Trust: 1.0 |
| vendor: | openssl | model: | openssl | scope: | eq | version: | 1.0 | Trust: 1.0 |
| vendor: | fedoraproject | model: | fedora | scope: | eq | version: | 11 | Trust: 1.0 |
| vendor: | fedoraproject | model: | fedora | scope: | eq | version: | 14 | Trust: 1.0 |
| vendor: | fedoraproject | model: | fedora | scope: | eq | version: | 12 | Trust: 1.0 |
| vendor: | mozilla | model: | nss | scope: | lte | version: | 3.12.4 | Trust: 1.0 |
| vendor: | gnu | model: | gnutls | scope: | lte | version: | 2.8.5 | Trust: 1.0 |
| vendor: | debian | model: | linux | scope: | eq | version: | 6.0 | Trust: 1.0 |
| vendor: | f5 | model: | nginx | scope: | gte | version: | 0.1.0 | Trust: 1.0 |
| vendor: | debian | model: | linux | scope: | eq | version: | 5.0 | Trust: 1.0 |
| vendor: | barracuda | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | debian gnu linux | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | gnutls | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | hewlett packard | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | ibm | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | mcafee | model: | - | scope: | - | version: | - | Trust: 0.8 |
| vendor: | sun microsystems | model: | - | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-295 | Trust: 1.1 |
| problemtype: | CWE-310 | Trust: 0.1 |
THREAT TYPE
remote
Trust: 0.3
TYPE
arbitrary
Trust: 0.4
EXPLOIT AVAILABILITY
EXTERNAL IDS
| db: | NVD | id: | CVE-2009-3555 | Trust: 3.4 |
| db: | CERT/CC | id: | VU#120541 | Trust: 1.9 |
| db: | SECUNIA | id: | 38781 | Trust: 1.1 |
| db: | SECUNIA | id: | 42377 | Trust: 1.1 |
| db: | SECUNIA | id: | 37501 | Trust: 1.1 |
| db: | SECUNIA | id: | 39632 | Trust: 1.1 |
| db: | SECUNIA | id: | 37604 | Trust: 1.1 |
| db: | SECUNIA | id: | 41972 | Trust: 1.1 |
| db: | SECUNIA | id: | 43308 | Trust: 1.1 |
| db: | SECUNIA | id: | 38241 | Trust: 1.1 |
| db: | SECUNIA | id: | 37859 | Trust: 1.1 |
| db: | SECUNIA | id: | 40070 | Trust: 1.1 |
| db: | SECUNIA | id: | 41818 | Trust: 1.1 |
| db: | SECUNIA | id: | 39292 | Trust: 1.1 |
| db: | SECUNIA | id: | 42816 | Trust: 1.1 |
| db: | SECUNIA | id: | 42379 | Trust: 1.1 |
| db: | SECUNIA | id: | 39317 | Trust: 1.1 |
| db: | SECUNIA | id: | 38020 | Trust: 1.1 |
| db: | SECUNIA | id: | 42467 | Trust: 1.1 |
| db: | SECUNIA | id: | 37320 | Trust: 1.1 |
| db: | SECUNIA | id: | 37640 | Trust: 1.1 |
| db: | SECUNIA | id: | 37656 | Trust: 1.1 |
| db: | SECUNIA | id: | 37383 | Trust: 1.1 |
| db: | SECUNIA | id: | 42724 | Trust: 1.1 |
| db: | SECUNIA | id: | 38003 | Trust: 1.1 |
| db: | SECUNIA | id: | 44183 | Trust: 1.1 |
| db: | SECUNIA | id: | 42733 | Trust: 1.1 |
| db: | SECUNIA | id: | 38484 | Trust: 1.1 |
| db: | SECUNIA | id: | 40545 | Trust: 1.1 |
| db: | SECUNIA | id: | 40866 | Trust: 1.1 |
| db: | SECUNIA | id: | 39242 | Trust: 1.1 |
| db: | SECUNIA | id: | 38056 | Trust: 1.1 |
| db: | SECUNIA | id: | 39278 | Trust: 1.1 |
| db: | SECUNIA | id: | 39243 | Trust: 1.1 |
| db: | SECUNIA | id: | 42808 | Trust: 1.1 |
| db: | SECUNIA | id: | 37675 | Trust: 1.1 |
| db: | SECUNIA | id: | 39127 | Trust: 1.1 |
| db: | SECUNIA | id: | 39461 | Trust: 1.1 |
| db: | SECUNIA | id: | 39819 | Trust: 1.1 |
| db: | SECUNIA | id: | 37453 | Trust: 1.1 |
| db: | SECUNIA | id: | 40747 | Trust: 1.1 |
| db: | SECUNIA | id: | 41490 | Trust: 1.1 |
| db: | SECUNIA | id: | 39628 | Trust: 1.1 |
| db: | SECUNIA | id: | 44954 | Trust: 1.1 |
| db: | SECUNIA | id: | 39500 | Trust: 1.1 |
| db: | SECUNIA | id: | 48577 | Trust: 1.1 |
| db: | SECUNIA | id: | 42811 | Trust: 1.1 |
| db: | SECUNIA | id: | 37291 | Trust: 1.1 |
| db: | SECUNIA | id: | 41480 | Trust: 1.1 |
| db: | SECUNIA | id: | 37292 | Trust: 1.1 |
| db: | SECUNIA | id: | 37399 | Trust: 1.1 |
| db: | SECUNIA | id: | 39713 | Trust: 1.1 |
| db: | SECUNIA | id: | 38687 | Trust: 1.1 |
| db: | SECUNIA | id: | 37504 | Trust: 1.1 |
| db: | SECUNIA | id: | 39136 | Trust: 1.1 |
| db: | SECUNIA | id: | 41967 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023217 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023273 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023274 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023206 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023272 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023427 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023218 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023163 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023214 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023211 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023219 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023216 | Trust: 1.1 |
| db: | SECTRACK | id: | 1024789 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023148 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023213 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023271 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023243 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023209 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023215 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023208 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023411 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023204 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023224 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023210 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023207 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023426 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023428 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023205 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023275 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023270 | Trust: 1.1 |
| db: | SECTRACK | id: | 1023212 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-2745 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3353 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-3069 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0086 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3354 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3484 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1793 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3310 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0982 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2011-0033 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3220 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-2010 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1639 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1107 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-3126 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0916 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3164 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2011-0032 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2011-0086 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3313 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0748 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1350 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3521 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0994 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-3086 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1191 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0173 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3587 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0933 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3205 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1054 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-0848 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2010-1673 | Trust: 1.1 |
| db: | VUPEN | id: | ADV-2009-3165 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/05/3 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/07/3 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/23/10 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/05/5 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/20/1 | Trust: 1.1 |
| db: | OPENWALL | id: | OSS-SECURITY/2009/11/06/3 | Trust: 1.1 |
| db: | OSVDB | id: | 65202 | Trust: 1.1 |
| db: | OSVDB | id: | 62210 | Trust: 1.1 |
| db: | OSVDB | id: | 60521 | Trust: 1.1 |
| db: | OSVDB | id: | 60972 | Trust: 1.1 |
| db: | HITACHI | id: | HS10-030 | Trust: 1.1 |
| db: | USCERT | id: | TA10-222A | Trust: 1.1 |
| db: | USCERT | id: | TA10-287A | Trust: 1.1 |
| db: | BID | id: | 36935 | Trust: 1.1 |
| db: | PACKETSTORM | id: | 130868 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 83271 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 88173 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 91309 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 83415 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 120714 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 94087 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 88698 | Trust: 0.2 |
| db: | PACKETSTORM | id: | 84181 | Trust: 0.2 |
| db: | EXPLOIT-DB | id: | 10071 | Trust: 0.1 |
| db: | EXPLOIT-DB | id: | 10579 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 82657 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 82770 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 90262 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 120365 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 106155 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 111273 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 83414 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 92095 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 88167 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 124088 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 82652 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 97489 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 131826 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 95279 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 137201 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 102374 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 106156 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 89136 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 92497 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 88621 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 94088 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 89667 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 84112 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 90286 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 127267 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 84183 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 86075 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 114810 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 88224 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 123380 | Trust: 0.1 |
| db: | CNNVD | id: | CNNVD-200911-069 | Trust: 0.1 |
| db: | SEEBUG | id: | SSVID-67231 | Trust: 0.1 |
| db: | VULHUB | id: | VHN-41001 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 82799 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 98419 | Trust: 0.1 |
| db: | SECUNIA | id: | 44293 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 100761 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 89026 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 98469 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 114128 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 169645 | Trust: 0.1 |
REFERENCES
| url: | https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt | Trust: 2.0 |
| url: | http://extendedsubset.com/?p=8 | Trust: 1.9 |
| url: | http://www.links.org/?p=780 | Trust: 1.9 |
| url: | http://www.links.org/?p=786 | Trust: 1.9 |
| url: | http://www.links.org/?p=789 | Trust: 1.9 |
| url: | http://blogs.iss.net/archive/sslmitmiscsrf.html | Trust: 1.9 |
| url: | http://www.ietf.org/mail-archive/web/tls/current/msg03948.html | Trust: 1.9 |
| url: | https://bugzilla.redhat.com/show_bug.cgi?id=533125 | Trust: 1.9 |
| url: | http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html | Trust: 1.9 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3555 | Trust: 1.5 |
| url: | http://www.openssl.org/news/secadv_20091111.txt | Trust: 1.2 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1 | Trust: 1.1 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1 | Trust: 1.1 |
| url: | http://securitytracker.com/id?1023148 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023163 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023204 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023205 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023206 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023207 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023208 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023209 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023210 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023211 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023212 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023213 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023214 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023215 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023216 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023217 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023218 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023219 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023224 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023243 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023270 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023271 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023272 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023273 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023274 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023275 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023411 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023426 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023427 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1023428 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1024789 | Trust: 1.1 |
| url: | http://www.cisco.com/en/us/products/products_security_advisory09186a0080b01d1d.shtml | Trust: 1.1 |
| url: | http://seclists.org/fulldisclosure/2009/nov/139 | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/507952/100/0/threaded | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/508075/100/0/threaded | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/508130/100/0/threaded | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/515055/100/0/threaded | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/516397/100/0/threaded | Trust: 1.1 |
| url: | http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html | Trust: 1.1 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1 | Trust: 1.1 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1 | Trust: 1.1 |
| url: | http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1 | Trust: 1.1 |
| url: | http://www.securityfocus.com/bid/36935 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37291 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37292 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37320 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37383 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37399 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37453 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37501 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37504 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37604 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37640 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37656 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37675 | Trust: 1.1 |
| url: | http://secunia.com/advisories/37859 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38003 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38020 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38056 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38241 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38484 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38687 | Trust: 1.1 |
| url: | http://secunia.com/advisories/38781 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39127 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39136 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39242 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39243 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39278 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39292 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39317 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39461 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39500 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39628 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39632 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39713 | Trust: 1.1 |
| url: | http://secunia.com/advisories/39819 | Trust: 1.1 |
| url: | http://secunia.com/advisories/40070 | Trust: 1.1 |
| url: | http://secunia.com/advisories/40545 | Trust: 1.1 |
| url: | http://secunia.com/advisories/40747 | Trust: 1.1 |
| url: | http://secunia.com/advisories/40866 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41480 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41490 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41818 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41967 | Trust: 1.1 |
| url: | http://secunia.com/advisories/41972 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42377 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42379 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42467 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42724 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42733 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42808 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42811 | Trust: 1.1 |
| url: | http://secunia.com/advisories/42816 | Trust: 1.1 |
| url: | http://secunia.com/advisories/43308 | Trust: 1.1 |
| url: | http://secunia.com/advisories/44183 | Trust: 1.1 |
| url: | http://secunia.com/advisories/44954 | Trust: 1.1 |
| url: | http://secunia.com/advisories/48577 | Trust: 1.1 |
| url: | http://osvdb.org/60521 | Trust: 1.1 |
| url: | http://osvdb.org/60972 | Trust: 1.1 |
| url: | http://osvdb.org/62210 | Trust: 1.1 |
| url: | http://osvdb.org/65202 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3164 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3165 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3205 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3220 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3310 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3313 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3353 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3354 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3484 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3521 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2009/3587 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0086 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0173 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0748 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0848 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0916 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0933 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0982 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/0994 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1054 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1107 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1191 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1350 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1639 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1673 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/1793 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/2010 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/2745 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/3069 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/3086 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2010/3126 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2011/0032 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2011/0033 | Trust: 1.1 |
| url: | http://www.vupen.com/english/advisories/2011/0086 | Trust: 1.1 |
| url: | http://lists.apple.com/archives/security-announce/2010/jan/msg00000.html | Trust: 1.1 |
| url: | http://lists.apple.com/archives/security-announce/2010//may/msg00001.html | Trust: 1.1 |
| url: | http://lists.apple.com/archives/security-announce/2010//may/msg00002.html | Trust: 1.1 |
| url: | http://www.debian.org/security/2009/dsa-1934 | Trust: 1.1 |
| url: | http://www.debian.org/security/2011/dsa-2141 | Trust: 1.1 |
| url: | http://www.debian.org/security/2015/dsa-3253 | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg01029.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg01020.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00645.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00944.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00428.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00442.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00449.html | Trust: 1.1 |
| url: | https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00634.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049702.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049528.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-october/049455.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-april/039561.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-april/039957.html | Trust: 1.1 |
| url: | http://lists.fedoraproject.org/pipermail/package-announce/2010-may/040652.html | Trust: 1.1 |
| url: | http://security.gentoo.org/glsa/glsa-200912-01.xml | Trust: 1.1 |
| url: | http://security.gentoo.org/glsa/glsa-201203-22.xml | Trust: 1.1 |
| url: | http://security.gentoo.org/glsa/glsa-201406-32.xml | Trust: 1.1 |
| url: | http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c02436041 | Trust: 1.1 |
| url: | http://itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02273751 | Trust: 1.1 |
| url: | http://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02512995 | Trust: 1.1 |
| url: | http://www.securityfocus.com/archive/1/522176 | Trust: 1.1 |
| url: | http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01945686 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg1ic67848 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg1ic68054 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg1ic68055 | Trust: 1.1 |
| url: | http://www.mandriva.com/security/advisories?name=mdvsa-2010:076 | Trust: 1.1 |
| url: | http://www.mandriva.com/security/advisories?name=mdvsa-2010:084 | Trust: 1.1 |
| url: | http://www.mandriva.com/security/advisories?name=mdvsa-2010:089 | Trust: 1.1 |
| url: | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg1pm12247 | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0119.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0130.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0155.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0165.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0167.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0337.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0338.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0339.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0768.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0770.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0786.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0807.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0865.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0986.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2010-0987.html | Trust: 1.1 |
| url: | http://www.redhat.com/support/errata/rhsa-2011-0880.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html | Trust: 1.1 |
| url: | http://www.us-cert.gov/cas/techalerts/ta10-222a.html | Trust: 1.1 |
| url: | http://www.us-cert.gov/cas/techalerts/ta10-287a.html | Trust: 1.1 |
| url: | http://www.ubuntu.com/usn/usn-1010-1 | Trust: 1.1 |
| url: | http://ubuntu.com/usn/usn-923-1 | Trust: 1.1 |
| url: | http://www.ubuntu.com/usn/usn-927-1 | Trust: 1.1 |
| url: | http://www.ubuntu.com/usn/usn-927-4 | Trust: 1.1 |
| url: | http://www.ubuntu.com/usn/usn-927-5 | Trust: 1.1 |
| url: | http://www.kb.cert.org/vuls/id/120541 | Trust: 1.1 |
| url: | http://openbsd.org/errata45.html#010_openssl | Trust: 1.1 |
| url: | http://openbsd.org/errata46.html#004_openssl | Trust: 1.1 |
| url: | http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/05/3 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/05/5 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/06/3 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/07/3 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/20/1 | Trust: 1.1 |
| url: | http://www.openwall.com/lists/oss-security/2009/11/23/10 | Trust: 1.1 |
| url: | http://www.ietf.org/mail-archive/web/tls/current/msg03928.html | Trust: 1.1 |
| url: | https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3cdev.tomcat.apache.org%3e | Trust: 1.1 |
| url: | https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3cdev.tomcat.apache.org%3e | Trust: 1.1 |
| url: | https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3cdev.tomcat.apache.org%3e | Trust: 1.1 |
| url: | https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3cdev.tomcat.apache.org%3e | Trust: 1.1 |
| url: | http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html | Trust: 1.1 |
| url: | http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during | Trust: 1.1 |
| url: | http://clicky.me/tlsvuln | Trust: 1.1 |
| url: | http://extendedsubset.com/renegotiating_tls.pdf | Trust: 1.1 |
| url: | http://kbase.redhat.com/faq/docs/doc-20491 | Trust: 1.1 |
| url: | http://support.apple.com/kb/ht4004 | Trust: 1.1 |
| url: | http://support.apple.com/kb/ht4170 | Trust: 1.1 |
| url: | http://support.apple.com/kb/ht4171 | Trust: 1.1 |
| url: | http://support.avaya.com/css/p8/documents/100070150 | Trust: 1.1 |
| url: | http://support.avaya.com/css/p8/documents/100081611 | Trust: 1.1 |
| url: | http://support.avaya.com/css/p8/documents/100114315 | Trust: 1.1 |
| url: | http://support.avaya.com/css/p8/documents/100114327 | Trust: 1.1 |
| url: | http://support.citrix.com/article/ctx123359 | Trust: 1.1 |
| url: | http://support.zeus.com/zws/media/docs/4.3/release_notes | Trust: 1.1 |
| url: | http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released | Trust: 1.1 |
| url: | http://sysoev.ru/nginx/patch.cve-2009-3555.txt | Trust: 1.1 |
| url: | http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html | Trust: 1.1 |
| url: | http://wiki.rpath.com/advisories:rpsa-2009-0155 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg21426108 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg21432298 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg24006386 | Trust: 1.1 |
| url: | http://www-01.ibm.com/support/docview.wss?uid=swg24025312 | Trust: 1.1 |
| url: | http://www.arubanetworks.com/support/alerts/aid-020810.txt | Trust: 1.1 |
| url: | http://www.betanews.com/article/1257452450 | Trust: 1.1 |
| url: | http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs10-030/index.html | Trust: 1.1 |
| url: | http://www.ingate.com/relnote.php?ver=481 | Trust: 1.1 |
| url: | http://www.mozilla.org/security/announce/2010/mfsa2010-22.html | Trust: 1.1 |
| url: | http://www.openoffice.org/security/cves/cve-2009-3555.html | Trust: 1.1 |
| url: | http://www.opera.com/docs/changelogs/unix/1060/ | Trust: 1.1 |
| url: | http://www.opera.com/support/search/view/944/ | Trust: 1.1 |
| url: | http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html | Trust: 1.1 |
| url: | http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html | Trust: 1.1 |
| url: | http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html | Trust: 1.1 |
| url: | http://www.proftpd.org/docs/release_notes-1.3.2c | Trust: 1.1 |
| url: | http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html | Trust: 1.1 |
| url: | http://www.tombom.co.uk/blog/?p=85 | Trust: 1.1 |
| url: | http://www.vmware.com/security/advisories/vmsa-2010-0019.html | Trust: 1.1 |
| url: | http://www.vmware.com/security/advisories/vmsa-2011-0003.html | Trust: 1.1 |
| url: | http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html | Trust: 1.1 |
| url: | http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html | Trust: 1.1 |
| url: | https://bugzilla.mozilla.org/show_bug.cgi?id=526689 | Trust: 1.1 |
| url: | https://bugzilla.mozilla.org/show_bug.cgi?id=545755 | Trust: 1.1 |
| url: | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05150888 | Trust: 1.1 |
| url: | https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html | Trust: 1.1 |
| url: | http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10088 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11578 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11617 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7315 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7478 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7973 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8366 | Trust: 1.1 |
| url: | https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8535 | Trust: 1.1 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/54158 | Trust: 1.1 |
| url: | http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=126150535619567&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=127128920008563&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=127419602507642&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=127557596201693&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=130497311408250&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=132077688910227&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=133469267822771&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=134254866602253&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=bugtraq&m=142660345230545&w=2 | Trust: 1.0 |
| url: | http://marc.info/?l=cryptography&m=125752275331877&w=2 | Trust: 1.0 |
| url: | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446 | Trust: 1.0 |
| url: | http://www-1.ibm.com/support/search.wss?rs=0&q=pm00675&apar=only | Trust: 1.0 |
| url: | https://kb.bluecoat.com/index?page=content&id=sa50 | Trust: 1.0 |
| url: | http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00014.html | Trust: 0.8 |
| url: | http://cvs.openssl.org/chngview?cn=18790 | Trust: 0.8 |
| url: | http://www.links.org/files/no-renegotiation-2.patch | Trust: 0.8 |
| url: | http://blog.zoller.lu/2009/11/new-sslv3-tls-vulnerability-mitm.html | Trust: 0.8 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555 | Trust: 0.6 |
| url: | http://secunia.com/ | Trust: 0.3 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0082 | Trust: 0.3 |
| url: | http://lists.grok.org.uk/full-disclosure-charter.html | Trust: 0.3 |
| url: | http://www.mandriva.com/security/ | Trust: 0.3 |
| url: | http://www.mandriva.com/security/advisories | Trust: 0.3 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0085 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0095 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0092 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0093 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0088 | Trust: 0.2 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0084 | Trust: 0.2 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0091 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0838 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0837 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0091 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0840 | Trust: 0.2 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0093 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0433 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0094 | Trust: 0.2 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0088 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0084 | Trust: 0.2 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0092 | Trust: 0.2 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0094 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0847 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0740 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0082 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0845 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0848 | Trust: 0.2 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0095 | Trust: 0.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0085 | Trust: 0.2 |
| url: | http://marc.info/?l=bugtraq&m=132077688910227&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=142660345230545&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=127419602507642&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=134254866602253&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=130497311408250&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=133469267822771&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=126150535619567&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=127128920008563&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=bugtraq&m=127557596201693&w=2 | Trust: 0.1 |
| url: | http://www-1.ibm.com/support/search.wss?rs=0&q=pm00675&apar=only | Trust: 0.1 |
| url: | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446 | Trust: 0.1 |
| url: | http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2 | Trust: 0.1 |
| url: | http://marc.info/?l=cryptography&m=125752275331877&w=2 | Trust: 0.1 |
| url: | https://kb.bluecoat.com/index?page=content&id=sa50 | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3095 | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3094 | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3556 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0086 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1086 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0730 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1088 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1027919 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2939 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1055 | Trust: 0.1 |
| url: | http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3571 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0307 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3548 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1031330 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3554 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3562 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0089 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3557 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3550 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0085 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1384 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3567 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-0086 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0003 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3553 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0106 | Trust: 0.1 |
| url: | http://www.vmware.com/support/policies/eos_vi.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2227 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-0107 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2902 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2901 | Trust: 0.1 |
| url: | http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1085 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0841 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0291 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2248 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0415 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3561 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3541 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3559 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3565 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1027904 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0107 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0842 | Trust: 0.1 |
| url: | http://www.vmware.com/support/policies/eos.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3574 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0886 | Trust: 0.1 |
| url: | http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0734 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1157 | Trust: 0.1 |
| url: | http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0007 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0850 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2524 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0839 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1087 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0622 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0090 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-3825 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3573 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1084 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-5416 | Trust: 0.1 |
| url: | http://www.vmware.com/security/advisories | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-1384 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0008 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0849 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2070 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4308 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3549 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3548 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2693 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-4308 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0007 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3568 | Trust: 0.1 |
| url: | http://www.vmware.com/support/policies/security_response.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5416 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3864 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3825 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0410 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1321 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3572 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1437 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0003 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3566 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0437 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0844 | Trust: 0.1 |
| url: | http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3548 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2066 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0089 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-2902 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0087 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0087 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1436 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-2693 | Trust: 0.1 |
| url: | http://kb.vmware.com/kb/1029353 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-0085 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0846 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2226 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1173 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0008 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1641 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2928 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2008-0106 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1187 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2521 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3569 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0090 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-2901 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3081 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3551 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0843 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3505 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-5139 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3512 | Trust: 0.1 |
| url: | https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ | Trust: 0.1 |
| url: | https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/ | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3508 | Trust: 0.1 |
| url: | http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3510 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3509 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3507 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-0195 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3506 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-0160 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3511 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-3566 | Trust: 0.1 |
| url: | https://ca.secunia.com/?page=viewadvisory&vuln_id=44293 | Trust: 0.1 |
| url: | http://secunia.com/advisories/44293/ | Trust: 0.1 |
| url: | http://secunia.com/research/ | Trust: 0.1 |
| url: | http://secunia.com/products/corporate/evm/ | Trust: 0.1 |
| url: | http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html#appendixas | Trust: 0.1 |
| url: | http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ | Trust: 0.1 |
| url: | http://secunia.com/advisories/secunia_security_advisories/ | Trust: 0.1 |
| url: | http://secunia.com/vulnerability_scanning/personal/ | Trust: 0.1 |
| url: | http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org | Trust: 0.1 |
| url: | http://secunia.com/advisories/44293/#comments | Trust: 0.1 |
| url: | http://secunia.com/company/jobs/open_positions/reverse_engineer | Trust: 0.1 |
| url: | http://secunia.com/advisories/about_secunia_advisories/ | Trust: 0.1 |
| url: | http://icedtea.classpath.org/hg/release/icedtea6-1.8/rev/a6a02193b073 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3728 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3874 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3728 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3875 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3876 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3884 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3873 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3881 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-2409 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2409 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3883 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3884 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3869 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3882 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3879 | Trust: 0.1 |
| url: | http://blogs.sun.com/darcy/resource/openjdk_6/openjdk6-b18-changes-summary.html | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3881 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3877 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3883 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3869 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3871 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3882 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3873 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3875 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3874 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3885 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3871 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3877 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3876 | Trust: 0.1 |
| url: | http://article.gmane.org/gmane.comp.java.openjdk.distro-packaging.devel/8938 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3880 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3885 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3880 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3879 | Trust: 0.1 |
| url: | http://bugs.proftpd.org/show_bug.cgi?id=3324 | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:16/rtld.patch.asc | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4146 | Trust: 0.1 |
| url: | http://security.freebsd.org/>. | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4147 | Trust: 0.1 |
| url: | http://security.freebsd.org/advisories/freebsd-sa-09:16.rtld.asc | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:16/rtld7.patch | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:16/rtld7.patch.asc | Trust: 0.1 |
| url: | http://security.freebsd.org/patches/sa-09:16/rtld.patch | Trust: 0.1 |
| url: | http://www.freebsd.org/handbook/makeworld.html> | Trust: 0.1 |
| url: | http://www.debian.org/security/faq | Trust: 0.1 |
| url: | http://www.debian.org/security/ | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-4476 | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.8.04.1.diff.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.8.04.1.dsc | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6.orig.tar.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_powerpc.deb | Trust: 0.1 |
| url: | http://www.mandriva.com/en/support/security/ | Trust: 0.1 |
| url: | http://www.mandriva.com/en/support/security/advisories/ | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2013-1619 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1619 | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b16-1.6.1-3ubuntu3.dsc | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b12-0ubuntu6.7_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-source-files_6b12-0ubuntu6.7_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b16-1.6.1-3ubuntu3_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-lib_6b11-2ubuntu2.2_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b14-1.4.1-0ubuntu13_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b12.orig.tar.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b14-1.4.1-0ubuntu13_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b14-1.4.1-0ubuntu13.diff.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_amd64.deb | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0840 | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b14-1.4.1-0ubuntu13.dsc | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b16-1.6.1.orig.tar.gz | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0848 | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b12-0ubuntu6.7.dsc | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6_6b11.orig.tar.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b16-1.6.1-3ubuntu3.diff.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-source-files_6b14-1.4.1-0ubuntu13_all.deb | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0845 | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b12-0ubuntu6.7.diff.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-doc_6b11-2ubuntu2.2_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6_6b11-2ubuntu2.2.diff.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b14-1.4.1-0ubuntu13_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b14-1.4.1-0ubuntu13_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-dbg_6b11-2ubuntu2.2_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b12-0ubuntu6.7_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b16-1.6.1-3ubuntu3_all.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b14-1.4.1-0ubuntu13_all.deb | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0847 | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b12-0ubuntu6.7_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b16-1.6.1-3ubuntu3_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b14-1.4.1.orig.tar.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b12-0ubuntu6.7_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jdk_6b11-2ubuntu2.2_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-headless_6b11-2ubuntu2.2_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b14-1.4.1-0ubuntu13_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b14-1.4.1-0ubuntu13_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6_6b11-2ubuntu2.2.dsc | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b14-1.4.1-0ubuntu13_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b12-0ubuntu6.7_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b16-1.6.1-3ubuntu3_amd64.deb | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0838 | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b16-1.6.1-3ubuntu3_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b16-1.6.1-3ubuntu3_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b16-1.6.1-3ubuntu3_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b14-1.4.1-0ubuntu13_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b12-0ubuntu6.7_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b12-0ubuntu6.7_all.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b16-1.6.1-3ubuntu3_powerpc.deb | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0837 | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b14-1.4.1-0ubuntu13_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre_6b11-2ubuntu2.2_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b12-0ubuntu6.7_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b12-0ubuntu6.7_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b16-1.6.1-3ubuntu3_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b14-1.4.1-0ubuntu13_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-source_6b11-2ubuntu2.2_all.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b16-1.6.1-3ubuntu3_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b14-1.4.1-0ubuntu13_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-demo_6b11-2ubuntu2.2_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b16-1.6.1-3ubuntu3_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b14-1.4.1-0ubuntu13_i386.deb | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0740 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2010-0433 | Trust: 0.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3245 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-3245 | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.12_powerpc.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.10_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.12_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.1_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.10_powerpc.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.12_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-16ubuntu3.2_lpia.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-16ubuntu3.2_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-16ubuntu3.2_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-16ubuntu3.2.dsc | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.10_amd64.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.10_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8k-7ubuntu8.1_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.12_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.1.dsc | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.10_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.10_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.5.dsc | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.1_sparc.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.5_amd64.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.1_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.12_sparc.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.10_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.5.diff.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.10_lpia.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-16ubuntu3.2_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8k-7ubuntu8.1_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.12_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl-doc_0.9.8k-7ubuntu8.1_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl-doc_0.9.8g-15ubuntu3.5_all.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-16ubuntu3.2_powerpc.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.10_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.10_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-16ubuntu3.2_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a.orig.tar.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-16ubuntu3.2_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.10_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8k-7ubuntu8.1_i386.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.12_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8k-7ubuntu8.1_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.10_sparc.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.10_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.10.dsc | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.10_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-16ubuntu3.2_amd64.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.10_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.5_sparc.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.10_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g.orig.tar.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.10_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-16ubuntu3.2_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k.orig.tar.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.12_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.12_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.5_i386.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.12_i386.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-16ubuntu3.2_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.12_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-16ubuntu3.2_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8k-7ubuntu8.1_powerpc.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.12_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-16ubuntu3.2_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-16ubuntu3.2_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.1_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-4ubuntu3.10_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-16ubuntu3.2_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-16ubuntu3.2_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.12_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.12.diff.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.12_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-16ubuntu3.2_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-16ubuntu3.2_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.1_powerpc.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8k-7ubuntu8.1_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8k-7ubuntu8.1_amd64.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl-doc_0.9.8g-4ubuntu3.10_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-16ubuntu3.2_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8k-7ubuntu8.1_amd64.deb | Trust: 0.1 |
| url: | http://www.openssl.org/docs/ssl/ssl_ctx_set_options.html#secure_renegotiation | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.10_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.12_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.1_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.5_lpia.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-16ubuntu3.2_sparc.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8k-7ubuntu8.1_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.10.diff.gz | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.5_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.1_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.1_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.1.diff.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.12.dsc | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15ubuntu3.5_powerpc.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.10_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.10_i386.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-4ubuntu3.10_amd64.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.5_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8k-7ubuntu8.1_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.12_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8k-7ubuntu8.1_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.12_sparc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-16ubuntu3.2_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.12_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-16ubuntu3.2_i386.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-15ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-16ubuntu3.2_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.5_amd64.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8g-16ubuntu3.2.diff.gz | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.1_i386.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.10_i386.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.12_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/openssl_0.9.8g-4ubuntu3.10_lpia.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-16ubuntu3.2_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8g-16ubuntu3.2_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8k-7ubuntu8.1_powerpc.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl-dev_0.9.8g-15ubuntu3.5_sparc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl-doc_0.9.8g-16ubuntu3.2_all.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.1_i386.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-15ubuntu3.5_lpia.deb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-16ubuntu3.2_powerpc.deb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.12_amd64.udeb | Trust: 0.1 |
| url: | http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.1_amd64.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8-udeb_0.9.8k-7ubuntu8.1_sparc.udeb | Trust: 0.1 |
| url: | http://ports.ubuntu.com/pool/main/o/openssl/libssl0.9.8_0.9.8g-4ubuntu3.10_lpia.deb | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2009-2730 | Trust: 0.1 |
| url: | http://creativecommons.org/licenses/by-sa/2.5 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2012-1573 | Trust: 0.1 |
| url: | https://bugs.gentoo.org. | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2730 | Trust: 0.1 |
| url: | http://security.gentoo.org/ | Trust: 0.1 |
| url: | http://security.gentoo.org/glsa/glsa-201206-18.xml | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1573 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555 | Trust: 0.1 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2011-4128 | Trust: 0.1 |
| url: | http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4128 | Trust: 0.1 |
| url: | http://www.itrc.hp.com/service/cki/secbullarchive.do | Trust: 0.1 |
| url: | http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&langcode=useng&jumpid=in_sc-gen__driveritrc&topiccode=itrc | Trust: 0.1 |
| url: | https://www.hp.com/go/swa | Trust: 0.1 |
| url: | http://h30046.www3.hp.com/subsignin.php | Trust: 0.1 |
CREDITS
Ubuntu
Trust: 0.4
SOURCES
| db: | CERT/CC | id: | VU#120541 |
| db: | VULHUB | id: | VHN-41001 |
| db: | PACKETSTORM | id: | 82799 |
| db: | PACKETSTORM | id: | 98419 |
| db: | PACKETSTORM | id: | 130868 |
| db: | PACKETSTORM | id: | 100761 |
| db: | PACKETSTORM | id: | 89026 |
| db: | PACKETSTORM | id: | 84181 |
| db: | PACKETSTORM | id: | 83415 |
| db: | PACKETSTORM | id: | 98469 |
| db: | PACKETSTORM | id: | 91309 |
| db: | PACKETSTORM | id: | 120714 |
| db: | PACKETSTORM | id: | 88173 |
| db: | PACKETSTORM | id: | 88698 |
| db: | PACKETSTORM | id: | 94087 |
| db: | PACKETSTORM | id: | 114128 |
| db: | PACKETSTORM | id: | 83271 |
| db: | PACKETSTORM | id: | 169645 |
| db: | NVD | id: | CVE-2009-3555 |
LAST UPDATE DATE
2024-09-17T22:35:11.319000+00:00
SOURCES UPDATE DATE
| db: | CERT/CC | id: | VU#120541 | date: | 2011-07-22T00:00:00 |
| db: | VULHUB | id: | VHN-41001 | date: | 2023-02-13T00:00:00 |
| db: | NVD | id: | CVE-2009-3555 | date: | 2023-02-13T02:20:27.983 |
SOURCES RELEASE DATE
| db: | CERT/CC | id: | VU#120541 | date: | 2009-11-11T00:00:00 |
| db: | VULHUB | id: | VHN-41001 | date: | 2009-11-09T00:00:00 |
| db: | PACKETSTORM | id: | 82799 | date: | 2009-11-19T18:46:00 |
| db: | PACKETSTORM | id: | 98419 | date: | 2011-02-11T13:13:00 |
| db: | PACKETSTORM | id: | 130868 | date: | 2015-03-18T00:44:34 |
| db: | PACKETSTORM | id: | 100761 | date: | 2011-04-24T07:03:07 |
| db: | PACKETSTORM | id: | 89026 | date: | 2010-04-28T20:44:54 |
| db: | PACKETSTORM | id: | 84181 | date: | 2009-12-22T20:42:09 |
| db: | PACKETSTORM | id: | 83415 | date: | 2009-12-03T21:03:04 |
| db: | PACKETSTORM | id: | 98469 | date: | 2011-02-14T21:33:52 |
| db: | PACKETSTORM | id: | 91309 | date: | 2010-06-30T03:23:55 |
| db: | PACKETSTORM | id: | 120714 | date: | 2013-03-08T04:15:53 |
| db: | PACKETSTORM | id: | 88173 | date: | 2010-04-07T22:23:17 |
| db: | PACKETSTORM | id: | 88698 | date: | 2010-04-20T15:07:58 |
| db: | PACKETSTORM | id: | 94087 | date: | 2010-09-21T22:54:11 |
| db: | PACKETSTORM | id: | 114128 | date: | 2012-06-23T19:34:19 |
| db: | PACKETSTORM | id: | 83271 | date: | 2009-11-30T21:44:08 |
| db: | PACKETSTORM | id: | 169645 | date: | 2009-11-11T12:12:12 |
| db: | NVD | id: | CVE-2009-3555 | date: | 2009-11-09T17:30:00.407 |