ID

VAR-201201-0049


CVE

CVE-2012-0027


TITLE

Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL

Trust: 0.8

sources: CERT/CC: VU#737740

DESCRIPTION

The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client. Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL (0.9.8o). OpenSSL prone to multiple security vulnerabilities. An attacker may leverage these issues to obtain sensitive information, cause a denial-of-service condition and perform unauthorized actions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03360041 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03360041 Version: 1 HPSBMU02786 SSRT100877 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-06-26 Last Updated: 2012-06-26 Potential Security Impact: Remote unauthorized access, disclosure of information, data modification, Denial of Service (DoS), execution of arbitrary code Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. References: CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012 (AUTOCOMPLETE enabled), CVE-2012-2013 (DoS), CVE-2012-2014 (Improper input validation), CVE-2012-2015 (Privilege Elevation), CVE-2012-2016 (Information disclosure), SSRT100336, SSRT100753, SSRT100669, SSRT100676, SSRT100695, SSRT100714, SSRT100760, SSRT100786, SSRT100787, SSRT100815, SSRT100840, SSRT100843, SSRT100869 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) before v7.1.1 running on Linux and Windows. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-2012 (AV:N/AC:L/Au:N/C:C/I:C/A:P) 9.7 CVE-2012-2013 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2012-2014 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 6.8 CVE-2012-2015 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 6.5 CVE-2012-2016 (AV:L/AC:M/Au:S/C:C/I:N/A:N) 4.4 CVE-2011-1944 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2011-2821 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-2834 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2011-3379 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-3607 (AV:L/AC:M/Au:N/C:P/I:P/A:P) 4.4 CVE-2011-4078 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4108 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-4153 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4317 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-4415 (AV:L/AC:H/Au:N/C:N/I:N/A:P) 1.2 CVE-2011-4576 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-4577 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-4619 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4885 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0021 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2012-0027 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0031 (AV:L/AC:L/Au:N/C:P/I:P/A:P) 4.6 CVE-2012-0036 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0053 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2012-0057 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-0830 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-1165 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-1823 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided HP System Management Homepage v7.1.1 or subsequent to resolve the vulnerabilities. HP System Management Homepage v7.1.1 is available here: HP System Management Homepage for Windows x64 [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4064%257CswLang%253D8%257CswItem%253DMTX-ab 0d4e9bb4654a8da503eccfd9%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Windows x86 [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4022%257CswLang%253D8%257CswItem%253DMTX-f7 c0d15d28474255bd0ec23136%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Linux (AMD64/EM64T) [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4035%257CswLang%253D8%257CswItem%253DMTX-18 d373dd1361400fbaca892942%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Linux (x86) [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4006%257CswLang%253D8%257CswItem%253DMTX-9e 8a0188f97d48139dcb466509%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HISTORY Version:1 (rev.1) 26 June 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk/p5ksACgkQ4B86/C0qfVkQpwCfbOEZmoo7myCkxQAdqQHevKG5 6IwAoPw4DI3YBCclyWuRekae7EFscAy0 =zd3u -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201203-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: March 06, 2012 Bugs: #397695, #399365 ID: 201203-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to cause a Denial of Service or obtain sensitive information. Background ========== OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 1.0.0g *>= 0.9.8t >= 1.0.0g Description =========== Multiple vulnerabilities have been found in OpenSSL: * Timing differences for decryption are exposed by CBC mode encryption in OpenSSL's implementation of DTLS (CVE-2011-4108). * An incorrect fix for CVE-2011-4108 creates an unspecified vulnerability for DTLS applications using OpenSSL (CVE-2012-0050). Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.0g" References ========== [ 1 ] CVE-2011-4108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4108 [ 2 ] CVE-2011-4109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4109 [ 3 ] CVE-2011-4576 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4576 [ 4 ] CVE-2011-4577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4577 [ 5 ] CVE-2011-4619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4619 [ 6 ] CVE-2012-0027 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0027 [ 7 ] CVE-2012-0050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0050 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201203-12.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Content-Disposition: inline ==========================================================================Ubuntu Security Notice USN-1357-1 February 09, 2012 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: Multiple vulnerabilities exist in OpenSSL that could expose sensitive information or cause applications to crash. Software Description: - openssl: Secure Socket Layer (SSL) binary and related cryptographic tools Details: It was discovered that the elliptic curve cryptography (ECC) subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm (ECDSA) for the ECDHE_ECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timing attack. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1945) Adam Langley discovered that the ephemeral Elliptic Curve Diffie-Hellman (ECDH) functionality in OpenSSL did not ensure thread safety while processing handshake messages from clients. This could allow a remote attacker to cause a denial of service via out-of-order messages that violate the TLS protocol. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-3210) Nadhem Alfardan and Kenny Paterson discovered that the Datagram Transport Layer Security (DTLS) implementation in OpenSSL performed a MAC check only if certain padding is valid. This could allow a remote attacker to recover plaintext. This could allow a remote attacker to cause a denial of service. This could allow a remote attacker to cause a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-4109) It was discovered that OpenSSL, in certain circumstances involving ECDH or ECDHE cipher suites, used an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves. This could allow a remote attacker to obtain the private key of a TLS server via multiple handshake attempts. This issue only affected Ubuntu 8.04 LTS. (CVE-2011-4576) Andrew Chi discovered that OpenSSL, when RFC 3779 support is enabled, could trigger an assert when handling an X.509 certificate containing certificate-extension data associated with IP address blocks or Autonomous System (AS) identifiers. This could allow a remote attacker to cause a denial of service. This could allow a remote attacker to cause a denial of service. This issue only affected Ubuntu 11.10. (CVE-2012-0027) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libssl1.0.0 1.0.0e-2ubuntu4.2 openssl 1.0.0e-2ubuntu4.2 Ubuntu 11.04: libssl0.9.8 0.9.8o-5ubuntu1.2 openssl 0.9.8o-5ubuntu1.2 Ubuntu 10.10: libssl0.9.8 0.9.8o-1ubuntu4.6 openssl 0.9.8o-1ubuntu4.6 Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.8 openssl 0.9.8k-7ubuntu8.8 Ubuntu 8.04 LTS: libssl0.9.8 0.9.8g-4ubuntu3.15 openssl 0.9.8g-4ubuntu3.15 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1357-1 CVE-2011-1945, CVE-2011-3210, CVE-2011-4108, CVE-2011-4109, CVE-2011-4354, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0027, CVE-2012-0050 Package Information: https://launchpad.net/ubuntu/+source/openssl/1.0.0e-2ubuntu4.2 https://launchpad.net/ubuntu/+source/openssl/0.9.8o-5ubuntu1.2 https://launchpad.net/ubuntu/+source/openssl/0.9.8o-1ubuntu4.6 https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.8 https://launchpad.net/ubuntu/+source/openssl/0.9.8g-4ubuntu3.15 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2012:007 http://www.mandriva.com/security/ _______________________________________________________________________ Package : openssl Date : January 16, 2012 Affected: 2011. The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4109 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4576 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0027 http://www.openssl.org/news/secadv_20120104.txt _______________________________________________________________________ Updated Packages: Mandriva Linux 2011: 2291c13c44539a5e25f58750a5d6bf8f 2011/i586/libopenssl1.0.0-1.0.0d-2.2-mdv2011.0.i586.rpm c610330d2c4c7397feb126247b1fa94f 2011/i586/libopenssl-devel-1.0.0d-2.2-mdv2011.0.i586.rpm 36c86a84320e1c8a17a74e4e68bc7d5a 2011/i586/libopenssl-engines1.0.0-1.0.0d-2.2-mdv2011.0.i586.rpm 4b8054f2c169d2b3223195053bd15802 2011/i586/libopenssl-static-devel-1.0.0d-2.2-mdv2011.0.i586.rpm 3c48b209b941a83a6acfef439c3f78b7 2011/i586/openssl-1.0.0d-2.2-mdv2011.0.i586.rpm 7af9d175d066db069aeb82248df9772b 2011/SRPMS/openssl-1.0.0d-2.2.src.rpm Mandriva Linux 2011/X86_64: 21a50bd2be83839266f033c9a0f0fabc 2011/x86_64/lib64openssl1.0.0-1.0.0d-2.2-mdv2011.0.x86_64.rpm 7e80ee8e2d445c5f1985cd52d2316658 2011/x86_64/lib64openssl-devel-1.0.0d-2.2-mdv2011.0.x86_64.rpm e1f4faa3162a6bbc14b37e4cb8d1e8e2 2011/x86_64/lib64openssl-engines1.0.0-1.0.0d-2.2-mdv2011.0.x86_64.rpm 6e3ac6d57cf0f4e13ed8e275a9bd2ff8 2011/x86_64/lib64openssl-static-devel-1.0.0d-2.2-mdv2011.0.x86_64.rpm e9e0306f8dc9f398915a646547e262e2 2011/x86_64/openssl-1.0.0d-2.2-mdv2011.0.x86_64.rpm 7af9d175d066db069aeb82248df9772b 2011/SRPMS/openssl-1.0.0d-2.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFPFFiBmqjQ0CJFipgRAkIUAJ9foScZELNgGkHUEaaSx9sgdWNMFwCgnsst eph27yO3eEECVX28+SNUKyw= =wTFq -----END PGP SIGNATURE----- . DTLS Plaintext Recovery Attack (CVE-2011-4108) ============================================== Nadhem Alfardan and Kenny Paterson have discovered an extension of the Vaudenay padding oracle attack on CBC mode encryption which enables an efficient plaintext recovery attack against the OpenSSL implementation of DTLS. Their attack exploits timing differences arising during decryption processing. A research paper describing this attack can be found at http://www.isg.rhul.ac.uk/~kp/dtls.pdf Thanks go to Nadhem Alfardan and Kenny Paterson of the Information Security Group at Royal Holloway, University of London (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann <seggelmann@fh-muenster.de> and Michael Tuexen <tuexen@fh-muenster.de> for preparing the fix. Affected users should upgrade to OpenSSL 1.0.0f or 0.9.8s. Double-free in Policy Checks (CVE-2011-4109) ============================================ If X509_V_FLAG_POLICY_CHECK is set in OpenSSL 0.9.8, then a policy check failure can lead to a double-free. The bug does not occur unless this flag is set. Users of OpenSSL 1.0.0 are not affected. This flaw was discovered by Ben Laurie and a fix provided by Emilia Kasper <ekasper@google.com> of Google. Affected users should upgrade to OpenSSL 0.9.8s. Uninitialized SSL 3.0 Padding (CVE-2011-4576) ============================================= OpenSSL prior to 1.0.0f and 0.9.8s failed to clear the bytes used as block cipher padding in SSL 3.0 records. This affects both clients and servers that accept SSL 3.0 handshakes: those that call SSL_CTX_new with SSLv3_{server|client}_method or SSLv23_{server|client}_method. It does not affect TLS. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. This could include sensitive contents of previously freed memory. However, in practice, most deployments do not use SSL_MODE_RELEASE_BUFFERS and therefore have a single write buffer per connection. That write buffer is partially filled with non-sensitive, handshake data at the beginning of the connection and, thereafter, only records which are longer any any previously sent record leak any non-encrypted data. This, combined with the small number of bytes leaked per record, serves to limit to severity of this issue. Thanks to Adam Langley <agl@chromium.org> for identifying and fixing this issue. Affected users should upgrade to OpenSSL 1.0.0f or 0.9.8s. Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577) ==================================================================== RFC 3779 data can be included in certificates, and if it is malformed, may trigger an assertion failure. This could be used in a denial-of-service attack. Note, however, that in the standard release of OpenSSL, RFC 3779 support is disabled by default, and in this case OpenSSL is not vulnerable. Builds of OpenSSL are vulnerable if configured with "enable-rfc3779". Thanks to Andrew Chi, BBN Technologies, for discovering the flaw, and Rob Austein <sra@hactrn.net> for fixing it. Affected users should upgrade to OpenSSL 1.0.0f or 0.9.8s. SGC Restart DoS Attack (CVE-2011-4619) ====================================== Support for handshake restarts for server gated cryptograpy (SGC) can be used in a denial-of-service attack. Thanks to George Kadianakis <desnacked@gmail.com> for identifying this issue and to Adam Langley <agl@chromium.org> for fixing it. Affected users should upgrade to OpenSSL 1.0.0f or 0.9.8s. This could be used in a denial-of-service attack. Only users of the OpenSSL GOST ENGINE are affected by this bug. Thanks to Andrey Kulikov <amdeich@gmail.com> for identifying and fixing this issue. Affected users should upgrade to OpenSSL 1.0.0f. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv_20120104.txt

Trust: 3.24

sources: NVD: CVE-2012-0027 // CERT/CC: VU#737740 // JVNDB: JVNDB-2012-001022 // BID: 51281 // VULMON: CVE-2012-0027 // PACKETSTORM: 121573 // PACKETSTORM: 114272 // PACKETSTORM: 110482 // PACKETSTORM: 109614 // PACKETSTORM: 108735 // PACKETSTORM: 169679

AFFECTED PRODUCTS

vendor:opensslmodel:opensslscope:eqversion:0.9.3

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.1c

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.6b

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.6

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.5

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.3a

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.5a

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.2b

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.4

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.6a

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.6i

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6e

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6d

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7a

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8m

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8f

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8r

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7m

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6f

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8p

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7l

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6m

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6g

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7i

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8b

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0b

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7h

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8c

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0c

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7f

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8s

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8g

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8q

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6k

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8k

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6h

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8i

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7g

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7e

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8e

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7j

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8n

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0d

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7c

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8a

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6l

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8d

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6j

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6c

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7d

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8h

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8o

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7k

Trust: 1.0

vendor:opensslmodel:opensslscope:lteversion:1.0.0e

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8l

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8j

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7b

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0a

Trust: 1.0

vendor:efimodel: - scope: - version: -

Trust: 0.8

vendor:opensslmodel:opensslscope:ltversion:1.0.0f

Trust: 0.8

vendor:opensslmodel:project openssl 0.9.8mscope: - version: -

Trust: 0.6

vendor:opensslmodel:project openssl 0.9.8nscope: - version: -

Trust: 0.6

vendor:opensslmodel:project openssl 0.9.8oscope: - version: -

Trust: 0.6

vendor:ibmmodel:informix generoscope:eqversion:2.32

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.1

Trust: 0.3

vendor:f5model:big-ip wom hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:ip deskphonescope:eqversion:96x16.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:neversion:6.2.1.0.9

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.7.0scope:neversion: -

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8fscope: - version: -

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.4.1

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp1scope:eqversion:11

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0dscope: - version: -

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:ibmmodel:informix generoscope:eqversion:2.41

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.1.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.3.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:neversion:6.3

Trust: 0.3

vendor:opensslmodel:project openssl bscope:eqversion:0.9.8

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.10

Trust: 0.3

vendor:redhatmodel:enterprise linux esscope:eqversion:4

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.1

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.2.0scope: - version: -

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.1.0 sp4scope: - version: -

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.0

Trust: 0.3

vendor:freebsdmodel:8.1-stablescope: - version: -

Trust: 0.3

vendor:ibmmodel:ds8870scope:eqversion:7.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.1

Trust: 0.3

vendor:opensslmodel:project openssl kscope:eqversion:0.9.8

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.1

Trust: 0.3

vendor:junipermodel:junos space ja1500 appliancescope:eqversion: -

Trust: 0.3

vendor:ibmmodel:sterling connect:enterprise for unixscope:eqversion:2.5

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip asm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:proactive contactscope:neversion:5.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.1

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.3

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.8

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:1.1

Trust: 0.3

vendor:f5model:big-ip apm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0.1

Trust: 0.3

vendor:avayamodel:ip deskphonescope:eqversion:96x16

Trust: 0.3

vendor:avayamodel:aura system platform sp2scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:2.5

Trust: 0.3

vendor:f5model:big-ip ltm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.10

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.2

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.1

Trust: 0.3

vendor:avayamodel:voice portalscope:neversion:5.1.3

Trust: 0.3

vendor:f5model:big-ip psm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:5.1

Trust: 0.3

vendor:junipermodel:junos space ja2500 appliancescope:eqversion: -

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:neversion:2812-11411.2

Trust: 0.3

vendor:susemodel:linux enterprise server sp4scope:eqversion:10

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:tivoli endpoint manager for remote controlscope:eqversion:8.2.1

Trust: 0.3

vendor:attachmatemodel:reflection sp1scope:eqversion:14.0

Trust: 0.3

vendor:avayamodel:aura communication manager sp4scope:neversion:5.2.1

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2010.1

Trust: 0.3

vendor:opensslmodel:project openssl jscope:eqversion:0.9.8

Trust: 0.3

vendor:ibmmodel:security virtual server protection for vmwarescope:eqversion:1.1.0.1

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:meeting exchange sp2scope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip apm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.0

Trust: 0.3

vendor:f5model:big-ip ltm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:3.3

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0.0.52

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp11scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:freebsdmodel:8.2-stablescope: - version: -

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtm 11.1.0.ascope:eqversion:2810-114

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:13.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.3

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp12scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:eqversion:1.4.6

Trust: 0.3

vendor:ibmmodel:sterling connect:enterprise for unixscope:eqversion:2.44

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:3.5

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.1.0 sp3scope: - version: -

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.40

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.4

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8rscope: - version: -

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.1.0

Trust: 0.3

vendor:junipermodel:junos space 14.1r1scope:neversion: -

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analytics hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controller hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:freebsdmodel:8.3-stablescope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.4

Trust: 0.3

vendor:ibmmodel:tivoli network manager fp7scope:eqversion:3.8

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2

Trust: 0.3

vendor:bsdperimetermodel:pfsensescope:neversion:2.0.2

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.3

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.1

Trust: 0.3

vendor:f5model:big-ip asm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.1

Trust: 0.3

vendor:f5model:big-ip ltm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp2scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.4

Trust: 0.3

vendor:junipermodel:junos space 13.1p1.14scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.2.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2.2

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.0

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8pscope: - version: -

Trust: 0.3

vendor:attachmatemodel:reflection for ibmscope:eqversion:20070

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.0

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.3

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.3.0scope: - version: -

Trust: 0.3

vendor:hpmodel:ssl for openvmsscope:eqversion:1.3

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:cloudburstscope:eqversion:2.1

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip ltm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:neversion:5.2.14

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8sscope:neversion: -

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1

Trust: 0.3

vendor:vmwaremodel:esxiscope:eqversion:5.0

Trust: 0.3

vendor:susemodel:linux enterprise server sp3 ltssscope:eqversion:10

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.1

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for microsoft windowsscope:eqversion:4.5.01

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.5

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.3.0

Trust: 0.3

vendor:ibmmodel:cloudburstscope:eqversion:2.1.1

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop versionscope:eqversion:4

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2011

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.10

Trust: 0.3

vendor:avayamodel:meeting exchange sp2scope:eqversion:5.2

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.4

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8qscope: - version: -

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.4

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.4

Trust: 0.3

vendor:hpmodel:ssl for openvmsscope:eqversion:1.4-453

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0fscope:neversion: -

Trust: 0.3

vendor:ubuntumodel:linux lts sparcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:onboard administratorscope:eqversion:3.50

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp10scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.1

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:8.04

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.00

Trust: 0.3

vendor:hpmodel:onboard administratorscope:eqversion:3.55

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.0.0

Trust: 0.3

vendor:avayamodel:messaging storage server sp2scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:messaging storage server sp1scope:eqversion:5.1

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:56001

Trust: 0.3

vendor:vmwaremodel:esxiscope:eqversion:3.5

Trust: 0.3

vendor:f5model:big-ip psm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip apm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for microsoft windowsscope:eqversion:4.5.00

Trust: 0.3

vendor:ibmmodel:infosphere balanced warehouse c4000scope: - version: -

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip asm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.4

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0.1

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8gscope: - version: -

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.1

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.2

Trust: 0.3

vendor:redhatmodel:jboss enterprise application platformscope:eqversion:5.1.2

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.2

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler for applications fp02scope:eqversion:8.4

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:11.04

Trust: 0.3

vendor:f5model:big-ip asm hf4scope:eqversion:10.2.4

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:eqversion:2812-11411.1.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:2.4

Trust: 0.3

vendor:avayamodel:meeting exchangescope:neversion:6.2

Trust: 0.3

vendor:redhatmodel:jboss enterprise web server for solarisscope:eqversion:1.0.2

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0.2

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:neversion:2810-11411.2

Trust: 0.3

vendor:f5model:big-ip wom hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:13.3

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp13scope:eqversion:4.0.0

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli remote controlscope:eqversion:5.1.2

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:1.4

Trust: 0.3

vendor:f5model:big-ip edge gateway hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.2

Trust: 0.3

vendor:avayamodel:message networking sp1scope:eqversion:5.2

Trust: 0.3

vendor:susemodel:linux enterprise server for vmware sp1scope:eqversion:11

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.1.0

Trust: 0.3

vendor:ibmmodel:infosphere balanced warehouse d5100scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux wsscope:eqversion:4

Trust: 0.3

vendor:f5model:big-ip psm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp6scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:cloudburstscope:eqversion:1.2

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.2.0 sp2scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:1.7

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura system manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8lscope: - version: -

Trust: 0.3

vendor:f5model:big-ip wom hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:messaging storage server sp3scope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip analytics 11.0.0-hf2scope: - version: -

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2.1

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:0

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:4.0

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:5.2

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:2.1

Trust: 0.3

vendor:opensslmodel:project openssl hscope:eqversion:0.9.8

Trust: 0.3

vendor:f5model:big-ip afm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:1.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.2

Trust: 0.3

vendor:f5model:big-ip asm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:opensslmodel:project openssl iscope:eqversion:0.9.8

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2010.1

Trust: 0.3

vendor:f5model:big-ip analytics hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:redhatmodel:jboss enterprise application platformscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip apm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:hpmodel:onboard administratorscope:neversion:3.56

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.12

Trust: 0.3

vendor:ibmmodel:tivoli endpoint manager for remote controlscope:eqversion:9.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler for applicationsscope:eqversion:8.6

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.3

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:f5model:big-ip psm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:security virtual server protection for vmwarescope:eqversion:1.1

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0escope: - version: -

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1

Trust: 0.3

vendor:hpmodel:ssl for openvmsscope:neversion:1.4-467

Trust: 0.3

vendor:opensslmodel:project openssl ascope:eqversion:0.9.8

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:4.1

Trust: 0.3

vendor:attachmatemodel:reflectionscope:eqversion:14.1

Trust: 0.3

vendor:ibmmodel:infosphere balanced warehouse c3000scope: - version: -

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:5.3

Trust: 0.3

vendor:opensslmodel:project openssl cscope:eqversion:0.9.8

Trust: 0.3

vendor:hpmodel:ssl for openvmsscope:eqversion:1.4

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.3

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtm 11.0.1.ascope:eqversion:2810-114

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.04

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:efimodel:fiery print controllerscope:eqversion:2.0

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.2

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:4.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2

Trust: 0.3

vendor:xeroxmodel:docucolor dc260scope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp8scope:eqversion:4.0.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.3

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.1.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.10

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.00

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.2

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.2

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.04

Trust: 0.3

vendor:xeroxmodel:docucolor dc242scope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0cscope: - version: -

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.1

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler distributed fp03scope:eqversion:8.5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.0

Trust: 0.3

vendor:susemodel:linux enterprise server sp1scope:eqversion:11

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:20500

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:4.1

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.10

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.13

Trust: 0.3

vendor:avayamodel:aura sip enablement services sp4scope:neversion:5.2.1

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.1

Trust: 0.3

vendor:attachmatemodel:reflection for ibmscope:eqversion:20080

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:neversion:6.2.5.0.15

Trust: 0.3

vendor:opensslmodel:project openssl dscope:eqversion:0.9.8

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2.1

Trust: 0.3

vendor:freebsdmodel:7.4-stablescope: - version: -

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.9

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp4scope:eqversion:4.0.0

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for unixscope:eqversion:4.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2011

Trust: 0.3

vendor:f5model:big-ip asm hf2scope:eqversion:11.2.00

Trust: 0.3

vendor:ubuntumodel:linux lts lpiascope:eqversion:8.04

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0bscope: - version: -

Trust: 0.3

vendor:f5model:big-ip analytics hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:57100

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.0

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.4

Trust: 0.3

vendor:redhatmodel:enterprise linux asscope:eqversion:4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.3

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:bsdperimetermodel:pfsensescope:eqversion:2.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp9scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.3.0

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler distributed fp07scope:eqversion:8.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.3

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:4.0

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.2

Trust: 0.3

vendor:ibmmodel:sterling connect:directscope:eqversion:3.5

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip asm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.1

Trust: 0.3

vendor:avayamodel:messaging storage server sp1scope:eqversion:5.2

Trust: 0.3

vendor:opensslmodel:project openssl fscope:eqversion:0.9.8

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp5scope:eqversion:4.0.0

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.8.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.0

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.3

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler for applications fp01scope:eqversion:8.5

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:vmwaremodel:esxiscope:eqversion:4.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.4

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for unixscope:eqversion:4.1

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler distributed fp02scope:eqversion:8.6

Trust: 0.3

vendor:ibmmodel:ds8870scope:eqversion:7.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.2

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.1.2

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.10

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip apm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip analytics hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:eqversion:2810-11411.1.1

Trust: 0.3

vendor:attachmatemodel:reflection sp1scope:eqversion:14.1

Trust: 0.3

vendor:f5model:big-ip psm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:avayamodel:aura application server sip core pb26scope:neversion:53002.0

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.3

Trust: 0.3

vendor:ibmmodel:sterling connect:directscope:eqversion:3.6

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.2

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:1.5

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.0

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtm 11.1.0.ascope:eqversion:2812-114

Trust: 0.3

vendor:freebsdmodel:9.0-stablescope: - version: -

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:2.0

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:8.04

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.1

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:eqversion:2810-11411

Trust: 0.3

vendor:ibmmodel:sterling connect:directscope:neversion:3.61

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.5

Trust: 0.3

vendor:ubuntumodel:linux lts powerpcscope:eqversion:8.04

Trust: 0.3

vendor:redhatmodel:enterprise virtualization hypervisor for rhelscope:eqversion:60

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp4scope:eqversion:10

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:56002

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:76000

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.1

Trust: 0.3

vendor:avayamodel:aura experience portal sp1scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp3scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.1

Trust: 0.3

vendor:junipermodel:junos space r1.8scope:eqversion:13.1

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.4

Trust: 0.3

vendor:ibmmodel:informix generoscope:eqversion:2.40

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.0.00

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.1

Trust: 0.3

vendor:opensslmodel:project openssl escope:eqversion:0.9.8

Trust: 0.3

vendor:avayamodel:aura system platform sp3scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1scope:eqversion:11

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.2

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:2.3

Trust: 0.3

vendor:attachmatemodel:reflection for unix and openvmsscope:eqversion:20080

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for microsoft windowsscope:eqversion:4.6.0

Trust: 0.3

vendor:redhatmodel:enterprise virtualization hypervisor for rhelscope:eqversion:50

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip psm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp1scope:eqversion:4.0.0

Trust: 0.3

vendor:ibmmodel:tivoli network manager fp3scope:eqversion:3.9

Trust: 0.3

vendor:redhatmodel:jboss enterprise web server for windowsscope:eqversion:1.0.2

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.0

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:eqversion:1.5.0

Trust: 0.3

vendor:f5model:big-ip ltm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp7scope:eqversion:4.0.0

Trust: 0.3

vendor:freebsdmodel:9.0-releasescope: - version: -

Trust: 0.3

vendor:f5model:big-ip apm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip wom hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:7.4

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:77100

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.1.0scope: - version: -

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtm 11.0.1.ascope:eqversion:2812-114

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:10500

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:7.0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.4

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:f5model:big-ip analytics hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:77000

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.4

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:ip deskphonescope:eqversion:96x16.3

Trust: 0.3

vendor:attachmatemodel:reflectionscope:eqversion:14.0

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0.2

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:11.04

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.0.00

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.0

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:3.2

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.5

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler distributed fp04scope:eqversion:8.5.1

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop workstation clientscope:eqversion:5

Trust: 0.3

vendor:xeroxmodel:docucolor dc252scope:eqversion:0

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.0.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:neversion:6.2

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.4

Trust: 0.3

vendor:ibmmodel:ds8870scope:neversion:7.2

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp4scope:eqversion:10

Trust: 0.3

vendor:f5model:big-ip pem hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:aura conferencing standardscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.2

Trust: 0.3

vendor:vmwaremodel:esxiscope:eqversion:4.0

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.2.0 sp1scope: - version: -

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.2

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.3

Trust: 0.3

vendor:bsdperimetermodel:pfsensescope:eqversion:2.0.1

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.2

Trust: 0.3

vendor:avayamodel:message networkingscope:neversion:5.2.5

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.1

Trust: 0.3

vendor:hpmodel:system management homepagescope:neversion:7.1.1

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.5

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.1

Trust: 0.3

vendor:avayamodel:messaging storage server sp2scope:eqversion:5.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0ascope: - version: -

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:eqversion:2812-11411

Trust: 0.3

sources: CERT/CC: VU#737740 // BID: 51281 // JVNDB: JVNDB-2012-001022 // CNNVD: CNNVD-201201-062 // NVD: CVE-2012-0027

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-0027
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-0027
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201201-062
value: MEDIUM

Trust: 0.6

VULMON: CVE-2012-0027
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-0027
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2012-0027 // JVNDB: JVNDB-2012-001022 // CNNVD: CNNVD-201201-062 // NVD: CVE-2012-0027

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.8

sources: JVNDB: JVNDB-2012-001022 // NVD: CVE-2012-0027

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 110482 // PACKETSTORM: 109614 // PACKETSTORM: 108735 // CNNVD: CNNVD-201201-062

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201201-062

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001022

PATCH

title:DTLS Plaintext Recovery Attackurl:http://www.openssl.org/news/secadv_20120104.txt

Trust: 0.8

title:Multiple vulnerabilities in OpenSSLurl:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl

Trust: 0.8

title:openssl-1.0.0furl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42348

Trust: 0.6

title:openssl-0.9.8surl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42347

Trust: 0.6

title:Ubuntu Security Notice: openssl vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1357-1

Trust: 0.1

title: - url:https://github.com/hrbrmstr/internetdb

Trust: 0.1

sources: VULMON: CVE-2012-0027 // JVNDB: JVNDB-2012-001022 // CNNVD: CNNVD-201201-062

EXTERNAL IDS

db:NVDid:CVE-2012-0027

Trust: 3.4

db:CERT/CCid:VU#737740

Trust: 1.1

db:OSVDBid:78191

Trust: 1.1

db:SECUNIAid:57353

Trust: 1.1

db:JVNDBid:JVNDB-2012-001022

Trust: 0.8

db:AUSCERTid:ESB-2022.0696

Trust: 0.6

db:LENOVOid:LEN-24443

Trust: 0.6

db:CNNVDid:CNNVD-201201-062

Trust: 0.6

db:BIDid:51281

Trust: 0.4

db:JUNIPERid:JSA10659

Trust: 0.3

db:VULMONid:CVE-2012-0027

Trust: 0.1

db:PACKETSTORMid:121573

Trust: 0.1

db:PACKETSTORMid:114272

Trust: 0.1

db:PACKETSTORMid:110482

Trust: 0.1

db:PACKETSTORMid:109614

Trust: 0.1

db:PACKETSTORMid:108735

Trust: 0.1

db:PACKETSTORMid:169679

Trust: 0.1

sources: CERT/CC: VU#737740 // VULMON: CVE-2012-0027 // BID: 51281 // JVNDB: JVNDB-2012-001022 // PACKETSTORM: 121573 // PACKETSTORM: 114272 // PACKETSTORM: 110482 // PACKETSTORM: 109614 // PACKETSTORM: 108735 // PACKETSTORM: 169679 // CNNVD: CNNVD-201201-062 // NVD: CVE-2012-0027

REFERENCES

url:http://www.openssl.org/news/secadv_20120104.txt

Trust: 1.6

url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03360041

Trust: 1.4

url:http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004564

Trust: 1.4

url:http://w3.efi.com/fiery

Trust: 1.1

url:http://www.mandriva.com/security/advisories?name=mdvsa-2012:007

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00017.html

Trust: 1.1

url:http://osvdb.org/78191

Trust: 1.1

url:http://secunia.com/advisories/57353

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0027

Trust: 0.9

url:http://www.support.xerox.com/support/docucolor-242-252-260/downloads/enus.html?associatedproduct=fiery-exp260&operatingsystem=win7x64

Trust: 0.8

url:https://www.openssl.org/news/vulnerabilities.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0027

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2011-4108

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2011-4619

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2012-0027

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2011-4576

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0696

Trust: 0.6

url:https://support.lenovo.com/us/en/solutions/len-24443

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2011-4577

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2011-4109

Trust: 0.4

url:http://www.attachmate.com/

Trust: 0.3

url:http://www.ibm.com/support/docview.wss?uid=isg400001530

Trust: 0.3

url:http://www.ibm.com/support/docview.wss?uid=isg400001529

Trust: 0.3

url:https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_potential_security_exposure_when_using_ibm_infosphere_streams_due_to_vulnerabilities_in_ibm_java_se_version_6_sdk6?lang=en_us

Trust: 0.3

url:https://www14.software.ibm.com/webapp/iwm/web/prelogin.do?source=aixbp

Trust: 0.3

url:http://www.openssl.org

Trust: 0.3

url:http://support.avaya.com/css/p8/documents/100157565

Trust: 0.3

url:http://blog.pfsense.org/?p=676

Trust: 0.3

url:http://www.ibm.com/support/docview.wss?uid=swg21637929

Trust: 0.3

url:https://www.ibm.com/connections/blogs/psirt/entry/security_bulletin_ibm_tivoli_netcool_system_service_monitors_application_service_monitors_is_affected_by_multiple_openssl_vulnerabilities?lang=en_us

Trust: 0.3

url:http://support.attachmate.com/techdocs/1708.html

Trust: 0.3

url:http://support.attachmate.com/techdocs/2502.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21631429

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21626257

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21651196

Trust: 0.3

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10659

Trust: 0.3

url:http://support.apple.com/kb/ht5784

Trust: 0.3

url:http://support.avaya.com/css/p8/documents/100156631

Trust: 0.3

url:http://support.avaya.com/css/p8/documents/100156392

Trust: 0.3

url:http://support.avaya.com/css/p8/documents/100157969

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100161892

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100161590

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21650623

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643698

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas12088ececb530423186257b410072035e

Trust: 0.3

url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03315912

Trust: 0.3

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03383940

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21638022

Trust: 0.3

url:https://www.ibm.com/support/docview.wss?uid=swg21619837

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21631322

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg400001560

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24030251

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24033501

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004323

Trust: 0.3

url:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc

Trust: 0.3

url:https://rhn.redhat.com/errata/rhsa-2012-1306.html

Trust: 0.3

url:https://rhn.redhat.com/errata/rhsa-2012-1307.html

Trust: 0.3

url:https://rhn.redhat.com/errata/rhsa-2012-1308.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643442

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=swg21625170

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21651176

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=swg21627934

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21633107

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21635888

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21638669

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21638670

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643439

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643437

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15314.html

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15388.html?ref=rss

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15389.html?ref=rss

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15395.html?ref=rss

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15460.html?ref=rss

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15461.html?ref=rss

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643316

Trust: 0.3

url:http://www.vmware.com/security/advisories/vmsa-2012-0013.html

Trust: 0.3

url:http://www.kb.cert.org/vuls/id/737740

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100158312

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100150578

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100156392

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2012-0036

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2016

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0057

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4078

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0031

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-1165

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4885

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2834

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4317

Trust: 0.2

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.2

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-1944

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2014

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0830

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4153

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-1823

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2013

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-4415

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3607

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0021

Trust: 0.2

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0053

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2012

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2015

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3379

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2821

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0050

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/399.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://usn.ubuntu.com/1357-1/

Trust: 0.1

url:https://www.securityfocus.com/bid/51281

Trust: 0.1

url:http://www.hp.com/swpublishing/mtx-ac3d1f80b8dd48b792bfc01a08

Trust: 0.1

url:http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/psi/swddetail

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4577

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4576

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0027

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4619

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0050

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-201203-12.xml

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4109

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4108

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssl/0.9.8g-4ubuntu3.15

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3210

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-1357-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1945

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssl/0.9.8o-1ubuntu4.6

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4354

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssl/0.9.8o-5ubuntu1.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.8

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssl/1.0.0e-2ubuntu4.2

Trust: 0.1

url:http://www.mandriva.com/security/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4108

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4576

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4619

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4109

Trust: 0.1

url:http://www.mandriva.com/security/advisories

Trust: 0.1

url:http://www.isg.rhul.ac.uk/~kp/dtls.pdf

Trust: 0.1

url:https://www.isg.rhul.ac.uk)

Trust: 0.1

sources: CERT/CC: VU#737740 // VULMON: CVE-2012-0027 // BID: 51281 // JVNDB: JVNDB-2012-001022 // PACKETSTORM: 121573 // PACKETSTORM: 114272 // PACKETSTORM: 110482 // PACKETSTORM: 109614 // PACKETSTORM: 108735 // PACKETSTORM: 169679 // CNNVD: CNNVD-201201-062 // NVD: CVE-2012-0027

CREDITS

Nadhem Alfardan and Kenny Paterson, Information Security Group at Royal Holloway, University of London, Ben Laurie, Adam Langley, Andrew Chi, BBN Technologies and Andrey Kulikov

Trust: 0.3

sources: BID: 51281

SOURCES

db:CERT/CCid:VU#737740
db:VULMONid:CVE-2012-0027
db:BIDid:51281
db:JVNDBid:JVNDB-2012-001022
db:PACKETSTORMid:121573
db:PACKETSTORMid:114272
db:PACKETSTORMid:110482
db:PACKETSTORMid:109614
db:PACKETSTORMid:108735
db:PACKETSTORMid:169679
db:CNNVDid:CNNVD-201201-062
db:NVDid:CVE-2012-0027

LAST UPDATE DATE

2024-08-14T13:12:04.195000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#737740date:2013-05-02T00:00:00
db:VULMONid:CVE-2012-0027date:2014-03-26T00:00:00
db:BIDid:51281date:2015-04-13T21:31:00
db:JVNDBid:JVNDB-2012-001022date:2012-04-17T00:00:00
db:CNNVDid:CNNVD-201201-062date:2022-02-18T00:00:00
db:NVDid:CVE-2012-0027date:2014-03-26T04:27:05.177

SOURCES RELEASE DATE

db:CERT/CCid:VU#737740date:2013-03-18T00:00:00
db:VULMONid:CVE-2012-0027date:2012-01-06T00:00:00
db:BIDid:51281date:2012-01-05T00:00:00
db:JVNDBid:JVNDB-2012-001022date:2012-01-10T00:00:00
db:PACKETSTORMid:121573date:2013-05-09T14:44:00
db:PACKETSTORMid:114272date:2012-06-28T03:39:12
db:PACKETSTORMid:110482date:2012-03-06T23:57:33
db:PACKETSTORMid:109614date:2012-02-10T07:44:13
db:PACKETSTORMid:108735date:2012-01-17T01:20:23
db:PACKETSTORMid:169679date:2012-01-04T12:12:12
db:CNNVDid:CNNVD-201201-062date:2012-01-10T00:00:00
db:NVDid:CVE-2012-0027date:2012-01-06T01:55:01.050