ID

VAR-201201-0169


CVE

CVE-2011-4108


TITLE

Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL

Trust: 0.8

sources: CERT/CC: VU#737740

DESCRIPTION

The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL (0.9.8o). OpenSSL prone to multiple security vulnerabilities. An attacker may leverage these issues to obtain sensitive information, cause a denial-of-service condition and perform unauthorized actions. Multiple numeric conversion errors, leading to a buffer overflow, were found in the way OpenSSL parsed ASN.1 (Abstract Syntax Notation One) data from BIO (OpenSSL's I/O abstraction) inputs. Specially-crafted DER (Distinguished Encoding Rules) encoded data read from a file or other BIO input could cause an application using the OpenSSL library to crash or, potentially, execute arbitrary code. (CVE-2012-2110) A double free flaw was discovered in the policy checking code in OpenSSL. Warning: Before applying this update, back up your JBoss Enterprise Application Platform's "server/[PROFILE]/deploy/" directory, along with all other customized configuration files. All users of JBoss Enterprise Application Platform 5.1.2 for Solaris and Microsoft Windows as provided from the Red Hat Customer Portal are advised to apply this update. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing JBoss Enterprise Application Platform installation (including all applications and configuration files). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03360041 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03360041 Version: 1 HPSBMU02786 SSRT100877 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-06-26 Last Updated: 2012-06-26 Potential Security Impact: Remote unauthorized access, disclosure of information, data modification, Denial of Service (DoS), execution of arbitrary code Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. References: CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012 (AUTOCOMPLETE enabled), CVE-2012-2013 (DoS), CVE-2012-2014 (Improper input validation), CVE-2012-2015 (Privilege Elevation), CVE-2012-2016 (Information disclosure), SSRT100336, SSRT100753, SSRT100669, SSRT100676, SSRT100695, SSRT100714, SSRT100760, SSRT100786, SSRT100787, SSRT100815, SSRT100840, SSRT100843, SSRT100869 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) before v7.1.1 running on Linux and Windows. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-2012 (AV:N/AC:L/Au:N/C:C/I:C/A:P) 9.7 CVE-2012-2013 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2012-2014 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 6.8 CVE-2012-2015 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 6.5 CVE-2012-2016 (AV:L/AC:M/Au:S/C:C/I:N/A:N) 4.4 CVE-2011-1944 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2011-2821 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-2834 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2011-3379 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-3607 (AV:L/AC:M/Au:N/C:P/I:P/A:P) 4.4 CVE-2011-4078 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4108 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-4153 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4317 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-4415 (AV:L/AC:H/Au:N/C:N/I:N/A:P) 1.2 CVE-2011-4576 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-4577 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-4619 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-4885 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0021 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2012-0027 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0031 (AV:L/AC:L/Au:N/C:P/I:P/A:P) 4.6 CVE-2012-0036 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0053 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2012-0057 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-0830 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-1165 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-1823 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided HP System Management Homepage v7.1.1 or subsequent to resolve the vulnerabilities. HP System Management Homepage v7.1.1 is available here: HP System Management Homepage for Windows x64 [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4064%257CswLang%253D8%257CswItem%253DMTX-ab 0d4e9bb4654a8da503eccfd9%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Windows x86 [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4022%257CswLang%253D8%257CswItem%253DMTX-f7 c0d15d28474255bd0ec23136%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Linux (AMD64/EM64T) [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4035%257CswLang%253D8%257CswItem%253DMTX-18 d373dd1361400fbaca892942%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HP System Management Homepage for Linux (x86) [Download here] or enter the following URL into the browser address window. http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa meId%253D4091409%257CswEnvOID%253D4006%257CswLang%253D8%257CswItem%253DMTX-9e 8a0188f97d48139dcb466509%257Cmode%253D3%257Caction%253DdriverDocument&javax.p ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign ette.cachetoken HISTORY Version:1 (rev.1) 26 June 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201203-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: March 06, 2012 Bugs: #397695, #399365 ID: 201203-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to cause a Denial of Service or obtain sensitive information. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 1.0.0g *>= 0.9.8t >= 1.0.0g Description =========== Multiple vulnerabilities have been found in OpenSSL: * Timing differences for decryption are exposed by CBC mode encryption in OpenSSL's implementation of DTLS (CVE-2011-4108). * A policy check failure can result in a double-free error when X509_V_FLAG_POLICY_CHECK is set (CVE-2011-4109). * Assertion errors can occur during the handling of malformed X.509 certificates when OpenSSL is built with RFC 3779 support (CVE-2011-4577). * Invalid parameters in the GOST block cipher are not properly handled by the GOST ENGINE(CVE-2012-0027). * An incorrect fix for CVE-2011-4108 creates an unspecified vulnerability for DTLS applications using OpenSSL (CVE-2012-0050). Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.0g" References ========== [ 1 ] CVE-2011-4108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4108 [ 2 ] CVE-2011-4109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4109 [ 3 ] CVE-2011-4576 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4576 [ 4 ] CVE-2011-4577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4577 [ 5 ] CVE-2011-4619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4619 [ 6 ] CVE-2012-0027 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0027 [ 7 ] CVE-2012-0050 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0050 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201203-12.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security update Advisory ID: RHSA-2012:0059-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0059.html Issue date: 2012-01-24 CVE Names: CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 ===================================================================== 1. Summary: Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. It was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108) An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576) A denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially-crafted X.509 certificate that has malformed RFC 3779 extension data. (CVE-2011-4577) It was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619) All OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 771770 - CVE-2011-4108 openssl: DTLS plaintext recovery attack 771775 - CVE-2011-4576 openssl: uninitialized SSL 3.0 padding 771778 - CVE-2011-4577 openssl: malformed RFC 3779 data can cause assertion failures 771780 - CVE-2011-4619 openssl: SGC restart DoS attack 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm x86_64: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-1.0.0-20.el6_2.1.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-perl-1.0.0-20.el6_2.1.i686.rpm openssl-static-1.0.0-20.el6_2.1.i686.rpm x86_64: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm openssl-static-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm x86_64: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-1.0.0-20.el6_2.1.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm x86_64: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm openssl-static-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm ppc64: openssl-1.0.0-20.el6_2.1.ppc.rpm openssl-1.0.0-20.el6_2.1.ppc64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.ppc.rpm openssl-debuginfo-1.0.0-20.el6_2.1.ppc64.rpm openssl-devel-1.0.0-20.el6_2.1.ppc.rpm openssl-devel-1.0.0-20.el6_2.1.ppc64.rpm s390x: openssl-1.0.0-20.el6_2.1.s390.rpm openssl-1.0.0-20.el6_2.1.s390x.rpm openssl-debuginfo-1.0.0-20.el6_2.1.s390.rpm openssl-debuginfo-1.0.0-20.el6_2.1.s390x.rpm openssl-devel-1.0.0-20.el6_2.1.s390.rpm openssl-devel-1.0.0-20.el6_2.1.s390x.rpm x86_64: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-1.0.0-20.el6_2.1.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-perl-1.0.0-20.el6_2.1.i686.rpm openssl-static-1.0.0-20.el6_2.1.i686.rpm ppc64: openssl-debuginfo-1.0.0-20.el6_2.1.ppc64.rpm openssl-perl-1.0.0-20.el6_2.1.ppc64.rpm openssl-static-1.0.0-20.el6_2.1.ppc64.rpm s390x: openssl-debuginfo-1.0.0-20.el6_2.1.s390x.rpm openssl-perl-1.0.0-20.el6_2.1.s390x.rpm openssl-static-1.0.0-20.el6_2.1.s390x.rpm x86_64: openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm openssl-static-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm x86_64: openssl-1.0.0-20.el6_2.1.i686.rpm openssl-1.0.0-20.el6_2.1.x86_64.rpm openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-devel-1.0.0-20.el6_2.1.i686.rpm openssl-devel-1.0.0-20.el6_2.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/openssl-1.0.0-20.el6_2.1.src.rpm i386: openssl-debuginfo-1.0.0-20.el6_2.1.i686.rpm openssl-perl-1.0.0-20.el6_2.1.i686.rpm openssl-static-1.0.0-20.el6_2.1.i686.rpm x86_64: openssl-debuginfo-1.0.0-20.el6_2.1.x86_64.rpm openssl-perl-1.0.0-20.el6_2.1.x86_64.rpm openssl-static-1.0.0-20.el6_2.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-4108.html https://www.redhat.com/security/data/cve/CVE-2011-4576.html https://www.redhat.com/security/data/cve/CVE-2011-4577.html https://www.redhat.com/security/data/cve/CVE-2011-4619.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFPHySOXlSAg2UNWIIRAlYpAKCQCY5k4gZ5VKOHZekEaWFHDNjGZwCZAdR3 CJl5iUxU4cxJLOsSBESSRVs= =PMiS -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Only DTLS applications using OpenSSL 1.0.0f and 0.9.8s are affected. Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv_20120118.txt

Trust: 3.24

sources: NVD: CVE-2011-4108 // CERT/CC: VU#737740 // JVNDB: JVNDB-2012-001017 // BID: 51281 // VULMON: CVE-2011-4108 // PACKETSTORM: 116824 // PACKETSTORM: 116826 // PACKETSTORM: 114272 // PACKETSTORM: 110482 // PACKETSTORM: 109053 // PACKETSTORM: 169673

AFFECTED PRODUCTS

vendor:opensslmodel:opensslscope:eqversion:0.9.8d

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.8c

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.7m

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.8h

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.8e

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.7l

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.8f

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.8b

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.8

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:0.9.8a

Trust: 1.6

vendor:vmwaremodel:esxscope:eqversion:3.5

Trust: 1.1

vendor:vmwaremodel:esxiscope:eqversion:5.0

Trust: 1.1

vendor:vmwaremodel:esxiscope:eqversion:3.5

Trust: 1.1

vendor:vmwaremodel:esxscope:eqversion:4.0

Trust: 1.1

vendor:vmwaremodel:esxscope:eqversion:4.1

Trust: 1.1

vendor:vmwaremodel:esxiscope:eqversion:4.1

Trust: 1.1

vendor:vmwaremodel:esxiscope:eqversion:4.0

Trust: 1.1

vendor:opensslmodel:opensslscope:eqversion:0.9.8o

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8q

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8i

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6b

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6c

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8j

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7g

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6a

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.5

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6e

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8m

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0c

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.4

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7h

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7i

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.1c

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6k

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6d

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6l

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8k

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0b

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6j

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7j

Trust: 1.0

vendor:opensslmodel:opensslscope:lteversion:0.9.8r

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.5a

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7a

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6m

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6g

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0d

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7k

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8n

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8p

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6f

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7c

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8g

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.2b

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6i

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7d

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7e

Trust: 1.0

vendor:opensslmodel:opensslscope:lteversion:1.0.0e

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.6h

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7b

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.7f

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.0a

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:0.9.8l

Trust: 1.0

vendor:efimodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.6.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.7 to v10.7.5

Trust: 0.8

vendor:opensslmodel:opensslscope:ltversion:1.x

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.8 to v10.8.3

Trust: 0.8

vendor:opensslmodel:opensslscope:eqversion:1.0.0f

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:10.6.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.7 to v10.7.5

Trust: 0.8

vendor:opensslmodel:project openssl 0.9.8mscope: - version: -

Trust: 0.6

vendor:opensslmodel:project openssl 0.9.8nscope: - version: -

Trust: 0.6

vendor:opensslmodel:project openssl 0.9.8oscope: - version: -

Trust: 0.6

vendor:ibmmodel:informix generoscope:eqversion:2.32

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.1

Trust: 0.3

vendor:f5model:big-ip wom hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:ip deskphonescope:eqversion:96x16.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:neversion:6.2.1.0.9

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.7.0scope:neversion: -

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8fscope: - version: -

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.4.1

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp1scope:eqversion:11

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0dscope: - version: -

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:ibmmodel:informix generoscope:eqversion:2.41

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.1.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.3.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:neversion:6.3

Trust: 0.3

vendor:opensslmodel:project openssl bscope:eqversion:0.9.8

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.10

Trust: 0.3

vendor:redhatmodel:enterprise linux esscope:eqversion:4

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.1

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.2.0scope: - version: -

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.1.0 sp4scope: - version: -

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.0

Trust: 0.3

vendor:freebsdmodel:8.1-stablescope: - version: -

Trust: 0.3

vendor:ibmmodel:ds8870scope:eqversion:7.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.1

Trust: 0.3

vendor:opensslmodel:project openssl kscope:eqversion:0.9.8

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.1

Trust: 0.3

vendor:junipermodel:junos space ja1500 appliancescope:eqversion: -

Trust: 0.3

vendor:ibmmodel:sterling connect:enterprise for unixscope:eqversion:2.5

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip asm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:proactive contactscope:neversion:5.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.1

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.3

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.8

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:1.1

Trust: 0.3

vendor:f5model:big-ip apm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0.1

Trust: 0.3

vendor:avayamodel:ip deskphonescope:eqversion:96x16

Trust: 0.3

vendor:avayamodel:aura system platform sp2scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:2.5

Trust: 0.3

vendor:f5model:big-ip ltm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.10

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.2

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.1

Trust: 0.3

vendor:avayamodel:voice portalscope:neversion:5.1.3

Trust: 0.3

vendor:f5model:big-ip psm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:5.1

Trust: 0.3

vendor:junipermodel:junos space ja2500 appliancescope:eqversion: -

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:neversion:2812-11411.2

Trust: 0.3

vendor:susemodel:linux enterprise server sp4scope:eqversion:10

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:tivoli endpoint manager for remote controlscope:eqversion:8.2.1

Trust: 0.3

vendor:attachmatemodel:reflection sp1scope:eqversion:14.0

Trust: 0.3

vendor:avayamodel:aura communication manager sp4scope:neversion:5.2.1

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2010.1

Trust: 0.3

vendor:opensslmodel:project openssl jscope:eqversion:0.9.8

Trust: 0.3

vendor:ibmmodel:security virtual server protection for vmwarescope:eqversion:1.1.0.1

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:meeting exchange sp2scope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip apm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.0

Trust: 0.3

vendor:f5model:big-ip ltm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:3.3

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0.0.52

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp11scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:freebsdmodel:8.2-stablescope: - version: -

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtm 11.1.0.ascope:eqversion:2810-114

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:13.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.3

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp12scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:eqversion:1.4.6

Trust: 0.3

vendor:ibmmodel:sterling connect:enterprise for unixscope:eqversion:2.44

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.1.0 sp3scope: - version: -

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.40

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.4

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8rscope: - version: -

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.1.0

Trust: 0.3

vendor:junipermodel:junos space 14.1r1scope:neversion: -

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analytics hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controller hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:freebsdmodel:8.3-stablescope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.4

Trust: 0.3

vendor:ibmmodel:tivoli network manager fp7scope:eqversion:3.8

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2

Trust: 0.3

vendor:bsdperimetermodel:pfsensescope:neversion:2.0.2

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.3

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.1

Trust: 0.3

vendor:f5model:big-ip asm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.1

Trust: 0.3

vendor:f5model:big-ip ltm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp2scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.4

Trust: 0.3

vendor:junipermodel:junos space 13.1p1.14scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.2.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2.2

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.0

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8pscope: - version: -

Trust: 0.3

vendor:attachmatemodel:reflection for ibmscope:eqversion:20070

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.0

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.3

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.3.0scope: - version: -

Trust: 0.3

vendor:hpmodel:ssl for openvmsscope:eqversion:1.3

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:cloudburstscope:eqversion:2.1

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip ltm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:neversion:5.2.14

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8sscope:neversion: -

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1

Trust: 0.3

vendor:susemodel:linux enterprise server sp3 ltssscope:eqversion:10

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.1

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for microsoft windowsscope:eqversion:4.5.01

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.5

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.3.0

Trust: 0.3

vendor:ibmmodel:cloudburstscope:eqversion:2.1.1

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop versionscope:eqversion:4

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2011

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.10

Trust: 0.3

vendor:avayamodel:meeting exchange sp2scope:eqversion:5.2

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.4

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8qscope: - version: -

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.4

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.4

Trust: 0.3

vendor:hpmodel:ssl for openvmsscope:eqversion:1.4-453

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0fscope:neversion: -

Trust: 0.3

vendor:ubuntumodel:linux lts sparcscope:eqversion:8.04

Trust: 0.3

vendor:hpmodel:onboard administratorscope:eqversion:3.50

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp10scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.1

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:8.04

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.00

Trust: 0.3

vendor:hpmodel:onboard administratorscope:eqversion:3.55

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.0.0

Trust: 0.3

vendor:avayamodel:messaging storage server sp2scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:messaging storage server sp1scope:eqversion:5.1

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:56001

Trust: 0.3

vendor:f5model:big-ip psm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip apm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for microsoft windowsscope:eqversion:4.5.00

Trust: 0.3

vendor:ibmmodel:infosphere balanced warehouse c4000scope: - version: -

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip asm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.4

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0.1

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8gscope: - version: -

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.1

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.2

Trust: 0.3

vendor:redhatmodel:jboss enterprise application platformscope:eqversion:5.1.2

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.2

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler for applications fp02scope:eqversion:8.4

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:11.04

Trust: 0.3

vendor:f5model:big-ip asm hf4scope:eqversion:10.2.4

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:eqversion:2812-11411.1.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:2.4

Trust: 0.3

vendor:avayamodel:meeting exchangescope:neversion:6.2

Trust: 0.3

vendor:redhatmodel:jboss enterprise web server for solarisscope:eqversion:1.0.2

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0.2

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:neversion:2810-11411.2

Trust: 0.3

vendor:f5model:big-ip wom hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:13.3

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp13scope:eqversion:4.0.0

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli remote controlscope:eqversion:5.1.2

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:1.4

Trust: 0.3

vendor:f5model:big-ip edge gateway hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.2

Trust: 0.3

vendor:avayamodel:message networking sp1scope:eqversion:5.2

Trust: 0.3

vendor:susemodel:linux enterprise server for vmware sp1scope:eqversion:11

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.1.0

Trust: 0.3

vendor:ibmmodel:infosphere balanced warehouse d5100scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux wsscope:eqversion:4

Trust: 0.3

vendor:f5model:big-ip psm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp6scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:cloudburstscope:eqversion:1.2

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.2.0 sp2scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:1.7

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura system manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:opensslmodel:project openssl 0.9.8lscope: - version: -

Trust: 0.3

vendor:f5model:big-ip wom hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:messaging storage server sp3scope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip analytics 11.0.0-hf2scope: - version: -

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2.1

Trust: 0.3

vendor:junipermodel:junos spacescope:eqversion:0

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:5.2

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:2.1

Trust: 0.3

vendor:opensslmodel:project openssl hscope:eqversion:0.9.8

Trust: 0.3

vendor:f5model:big-ip afm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:1.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.2

Trust: 0.3

vendor:f5model:big-ip asm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:opensslmodel:project openssl iscope:eqversion:0.9.8

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2010.1

Trust: 0.3

vendor:f5model:big-ip analytics hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:redhatmodel:jboss enterprise application platformscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip apm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:hpmodel:onboard administratorscope:neversion:3.56

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.12

Trust: 0.3

vendor:ibmmodel:tivoli endpoint manager for remote controlscope:eqversion:9.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler for applicationsscope:eqversion:8.6

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.3

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:f5model:big-ip psm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:security virtual server protection for vmwarescope:eqversion:1.1

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0escope: - version: -

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1

Trust: 0.3

vendor:hpmodel:ssl for openvmsscope:neversion:1.4-467

Trust: 0.3

vendor:opensslmodel:project openssl ascope:eqversion:0.9.8

Trust: 0.3

vendor:attachmatemodel:reflectionscope:eqversion:14.1

Trust: 0.3

vendor:ibmmodel:infosphere balanced warehouse c3000scope: - version: -

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:5.3

Trust: 0.3

vendor:opensslmodel:project openssl cscope:eqversion:0.9.8

Trust: 0.3

vendor:hpmodel:ssl for openvmsscope:eqversion:1.4

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.3

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtm 11.0.1.ascope:eqversion:2810-114

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.04

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:efimodel:fiery print controllerscope:eqversion:2.0

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.2

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:4.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2

Trust: 0.3

vendor:xeroxmodel:docucolor dc260scope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp8scope:eqversion:4.0.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.3

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.1.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.10

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.00

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.2

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.2

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.04

Trust: 0.3

vendor:xeroxmodel:docucolor dc242scope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0cscope: - version: -

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.1

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler distributed fp03scope:eqversion:8.5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.0

Trust: 0.3

vendor:susemodel:linux enterprise server sp1scope:eqversion:11

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:20500

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:4.1

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.10

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.13

Trust: 0.3

vendor:avayamodel:aura sip enablement services sp4scope:neversion:5.2.1

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.1

Trust: 0.3

vendor:attachmatemodel:reflection for ibmscope:eqversion:20080

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:neversion:6.2.5.0.15

Trust: 0.3

vendor:opensslmodel:project openssl dscope:eqversion:0.9.8

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2.1

Trust: 0.3

vendor:freebsdmodel:7.4-stablescope: - version: -

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.9

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp4scope:eqversion:4.0.0

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for unixscope:eqversion:4.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2011

Trust: 0.3

vendor:f5model:big-ip asm hf2scope:eqversion:11.2.00

Trust: 0.3

vendor:ubuntumodel:linux lts lpiascope:eqversion:8.04

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0bscope: - version: -

Trust: 0.3

vendor:f5model:big-ip analytics hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:57100

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.0

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.4

Trust: 0.3

vendor:redhatmodel:enterprise linux asscope:eqversion:4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.3

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:bsdperimetermodel:pfsensescope:eqversion:2.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp9scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.3.0

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler distributed fp07scope:eqversion:8.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.3

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:4.0

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.2

Trust: 0.3

vendor:ibmmodel:sterling connect:directscope:eqversion:3.5

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip asm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.1

Trust: 0.3

vendor:avayamodel:messaging storage server sp1scope:eqversion:5.2

Trust: 0.3

vendor:opensslmodel:project openssl fscope:eqversion:0.9.8

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp5scope:eqversion:4.0.0

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.8.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.0

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.3

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler for applications fp01scope:eqversion:8.5

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.4

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for unixscope:eqversion:4.1

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler distributed fp02scope:eqversion:8.6

Trust: 0.3

vendor:ibmmodel:ds8870scope:eqversion:7.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.2

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.1.2

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.10

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip apm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip analytics hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:eqversion:2810-11411.1.1

Trust: 0.3

vendor:attachmatemodel:reflection sp1scope:eqversion:14.1

Trust: 0.3

vendor:f5model:big-ip psm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:avayamodel:aura application server sip core pb26scope:neversion:53002.0

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.3

Trust: 0.3

vendor:ibmmodel:sterling connect:directscope:eqversion:3.6

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.2

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:1.5

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.0

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtm 11.1.0.ascope:eqversion:2812-114

Trust: 0.3

vendor:freebsdmodel:9.0-stablescope: - version: -

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:2.0

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:8.04

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.1

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:eqversion:2810-11411

Trust: 0.3

vendor:ibmmodel:sterling connect:directscope:neversion:3.61

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.5

Trust: 0.3

vendor:ubuntumodel:linux lts powerpcscope:eqversion:8.04

Trust: 0.3

vendor:redhatmodel:enterprise virtualization hypervisor for rhelscope:eqversion:60

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2

Trust: 0.3

vendor:susemodel:linux enterprise sdk sp4scope:eqversion:10

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:56002

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:76000

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.1

Trust: 0.3

vendor:avayamodel:aura experience portal sp1scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp3scope:eqversion:4.0.0

Trust: 0.3

vendor:f5model:arxscope:eqversion:6.1

Trust: 0.3

vendor:junipermodel:junos space r1.8scope:eqversion:13.1

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.4

Trust: 0.3

vendor:ibmmodel:informix generoscope:eqversion:2.40

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.0.00

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.1

Trust: 0.3

vendor:opensslmodel:project openssl escope:eqversion:0.9.8

Trust: 0.3

vendor:avayamodel:aura system platform sp3scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1scope:eqversion:11

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.2

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:2.3

Trust: 0.3

vendor:attachmatemodel:reflection for unix and openvmsscope:eqversion:20080

Trust: 0.3

vendor:ibmmodel:sterling connect:direct for microsoft windowsscope:eqversion:4.6.0

Trust: 0.3

vendor:redhatmodel:enterprise virtualization hypervisor for rhelscope:eqversion:50

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip psm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp1scope:eqversion:4.0.0

Trust: 0.3

vendor:ibmmodel:tivoli network manager fp3scope:eqversion:3.9

Trust: 0.3

vendor:redhatmodel:jboss enterprise web server for windowsscope:eqversion:1.0.2

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.0

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:eqversion:1.5.0

Trust: 0.3

vendor:f5model:big-ip ltm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/system service monitor fp7scope:eqversion:4.0.0

Trust: 0.3

vendor:freebsdmodel:9.0-releasescope: - version: -

Trust: 0.3

vendor:f5model:big-ip apm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip wom hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:7.4

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:77100

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.1.0scope: - version: -

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtm 11.0.1.ascope:eqversion:2812-114

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:10500

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:7.0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.4

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:f5model:big-ip analytics hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:77000

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.4

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:ip deskphonescope:eqversion:96x16.3

Trust: 0.3

vendor:attachmatemodel:reflectionscope:eqversion:14.0

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0.2

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:11.04

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.0.00

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.0

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:3.2

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.5

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:tivoli workload scheduler distributed fp04scope:eqversion:8.5.1

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop workstation clientscope:eqversion:5

Trust: 0.3

vendor:xeroxmodel:docucolor dc252scope:eqversion:0

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.0.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:neversion:6.2

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.4

Trust: 0.3

vendor:ibmmodel:ds8870scope:neversion:7.2

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp4scope:eqversion:10

Trust: 0.3

vendor:f5model:big-ip pem hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:aura conferencing standardscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:security network intrusion prevention systemscope:eqversion:4.2

Trust: 0.3

vendor:ibmmodel:hardware management console 7r7.2.0 sp1scope: - version: -

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:8.2

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.3

Trust: 0.3

vendor:bsdperimetermodel:pfsensescope:eqversion:2.0.1

Trust: 0.3

vendor:avayamodel:messaging storage serverscope:eqversion:5.2.2

Trust: 0.3

vendor:avayamodel:message networkingscope:neversion:5.2.5

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.1

Trust: 0.3

vendor:hpmodel:system management homepagescope:neversion:7.1.1

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.5

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.1

Trust: 0.3

vendor:avayamodel:messaging storage server sp2scope:eqversion:5.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.0ascope: - version: -

Trust: 0.3

vendor:ibmmodel:xiv storage system gen3 mtmscope:eqversion:2812-11411

Trust: 0.3

sources: CERT/CC: VU#737740 // BID: 51281 // JVNDB: JVNDB-2012-001017 // CNNVD: CNNVD-201201-057 // NVD: CVE-2011-4108

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4108
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-4108
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201201-057
value: MEDIUM

Trust: 0.6

VULMON: CVE-2011-4108
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-4108
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2011-4108 // JVNDB: JVNDB-2012-001017 // CNNVD: CNNVD-201201-057 // NVD: CVE-2011-4108

PROBLEMTYPE DATA

problemtype:CWE-310

Trust: 1.8

sources: JVNDB: JVNDB-2012-001017 // NVD: CVE-2011-4108

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 110482 // PACKETSTORM: 109053 // CNNVD: CNNVD-201201-057

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201201-057

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001017

PATCH

title:APPLE-SA-2013-06-04-1url:http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html

Trust: 0.8

title:HT5784url:http://support.apple.com/kb/HT5784

Trust: 0.8

title:HT5784url:http://support.apple.com/kb/HT5784?viewlocale=ja_JP

Trust: 0.8

title:DTLS Plaintext Recovery Attackurl:http://www.openssl.org/news/secadv_20120104.txt

Trust: 0.8

title:Multiple vulnerabilities in OpenSSLurl:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl

Trust: 0.8

title:TLSA-2014-1url:http://www.turbolinux.co.jp/security/2014/TLSA-2014-1j.html

Trust: 0.8

title:VMSA-2012-0013url:http://www.vmware.com/jp/support/support-resources/advisories/VMSA-2012-0013.html

Trust: 0.8

title:openssl-1.0.0furl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42348

Trust: 0.6

title:openssl-0.9.8surl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42347

Trust: 0.6

title:Red Hat: Moderate: openssl security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120059 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: openssl security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120060 - Security Advisory

Trust: 0.1

title:Debian CVElist Bug Report Logs: CVE-2011-4354: OpenSSL 0.9.8g (32-bit builds) bug leaks ECC private keysurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=ea25fd33228ddfe870d0eb9177265369

Trust: 0.1

title:Debian Security Advisories: DSA-2390-1 openssl -- several vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=e583d2cd94d02b09eb008edba3c25e28

Trust: 0.1

title:Debian CVElist Bug Report Logs: Potential DTLS crasher bugurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=42b9da1ce27bbcacbdb9142890b6ad6b

Trust: 0.1

title:Amazon Linux AMI: ALAS-2012-038url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2012-038

Trust: 0.1

title:Ubuntu Security Notice: openssl vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1357-1

Trust: 0.1

title: - url:https://github.com/hrbrmstr/internetdb

Trust: 0.1

sources: VULMON: CVE-2011-4108 // JVNDB: JVNDB-2012-001017 // CNNVD: CNNVD-201201-057

EXTERNAL IDS

db:NVDid:CVE-2011-4108

Trust: 3.4

db:CERT/CCid:VU#737740

Trust: 2.2

db:SECUNIAid:57260

Trust: 1.1

db:SECUNIAid:48528

Trust: 1.1

db:SECUNIAid:57353

Trust: 1.1

db:JVNid:JVNVU91284469

Trust: 0.8

db:JVNid:JVNVU92046435

Trust: 0.8

db:JVNDBid:JVNDB-2012-001017

Trust: 0.8

db:AUSCERTid:ESB-2022.0696

Trust: 0.6

db:LENOVOid:LEN-24443

Trust: 0.6

db:CNNVDid:CNNVD-201201-057

Trust: 0.6

db:JUNIPERid:JSA10659

Trust: 0.3

db:BIDid:51281

Trust: 0.3

db:VULMONid:CVE-2011-4108

Trust: 0.1

db:PACKETSTORMid:116824

Trust: 0.1

db:PACKETSTORMid:116826

Trust: 0.1

db:PACKETSTORMid:114272

Trust: 0.1

db:PACKETSTORMid:110482

Trust: 0.1

db:PACKETSTORMid:109053

Trust: 0.1

db:PACKETSTORMid:169673

Trust: 0.1

sources: CERT/CC: VU#737740 // VULMON: CVE-2011-4108 // BID: 51281 // JVNDB: JVNDB-2012-001017 // PACKETSTORM: 116824 // PACKETSTORM: 116826 // PACKETSTORM: 114272 // PACKETSTORM: 110482 // PACKETSTORM: 109053 // PACKETSTORM: 169673 // CNNVD: CNNVD-201201-057 // NVD: CVE-2011-4108

REFERENCES

url:http://rhn.redhat.com/errata/rhsa-2012-1307.html

Trust: 1.5

url:http://rhn.redhat.com/errata/rhsa-2012-1308.html

Trust: 1.5

url:http://www.kb.cert.org/vuls/id/737740

Trust: 1.5

url:http://www.openssl.org/news/secadv_20120104.txt

Trust: 1.4

url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03360041

Trust: 1.4

url:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc

Trust: 1.4

url:http://rhn.redhat.com/errata/rhsa-2012-1306.html

Trust: 1.4

url:http://support.apple.com/kb/ht5784

Trust: 1.4

url:http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004564

Trust: 1.4

url:http://w3.efi.com/fiery

Trust: 1.1

url:http://www.isg.rhul.ac.uk/~kp/dtls.pdf

Trust: 1.1

url:http://www.mandriva.com/security/advisories?name=mdvsa-2012:006

Trust: 1.1

url:http://www.mandriva.com/security/advisories?name=mdvsa-2012:007

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00018.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00017.html

Trust: 1.1

url:http://secunia.com/advisories/48528

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=134039053214295&w=2

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=132750648501816&w=2

Trust: 1.1

url:http://www.debian.org/security/2012/dsa-2390

Trust: 1.1

url:http://lists.apple.com/archives/security-announce/2013/jun/msg00000.html

Trust: 1.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2012-november/092905.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html

Trust: 1.1

url:http://secunia.com/advisories/57260

Trust: 1.1

url:http://secunia.com/advisories/57353

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=133951357207000&w=2

Trust: 1.1

url:https://security.paloaltonetworks.com/cve-2011-4108

Trust: 1.1

url:http://www.support.xerox.com/support/docucolor-242-252-260/downloads/enus.html?associatedproduct=fiery-exp260&operatingsystem=win7x64

Trust: 0.8

url:https://www.openssl.org/news/vulnerabilities.html

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4108

Trust: 0.8

url:http://jvn.jp/cert/jvnvu91284469/

Trust: 0.8

url:http://jvn.jp/cert/jvnvu92046435/index.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4108

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2011-4108

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0696

Trust: 0.6

url:https://support.lenovo.com/us/en/solutions/len-24443

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2011-4619

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2011-4576

Trust: 0.5

url:http://www.attachmate.com/

Trust: 0.3

url:http://www.ibm.com/support/docview.wss?uid=isg400001530

Trust: 0.3

url:http://www.ibm.com/support/docview.wss?uid=isg400001529

Trust: 0.3

url:https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_potential_security_exposure_when_using_ibm_infosphere_streams_due_to_vulnerabilities_in_ibm_java_se_version_6_sdk6?lang=en_us

Trust: 0.3

url:https://www14.software.ibm.com/webapp/iwm/web/prelogin.do?source=aixbp

Trust: 0.3

url:http://www.openssl.org

Trust: 0.3

url:http://support.avaya.com/css/p8/documents/100157565

Trust: 0.3

url:http://blog.pfsense.org/?p=676

Trust: 0.3

url:http://www.ibm.com/support/docview.wss?uid=swg21637929

Trust: 0.3

url:https://www.ibm.com/connections/blogs/psirt/entry/security_bulletin_ibm_tivoli_netcool_system_service_monitors_application_service_monitors_is_affected_by_multiple_openssl_vulnerabilities?lang=en_us

Trust: 0.3

url:http://support.attachmate.com/techdocs/1708.html

Trust: 0.3

url:http://support.attachmate.com/techdocs/2502.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21631429

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21626257

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21651196

Trust: 0.3

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10659

Trust: 0.3

url:http://support.avaya.com/css/p8/documents/100156631

Trust: 0.3

url:http://support.avaya.com/css/p8/documents/100156392

Trust: 0.3

url:http://support.avaya.com/css/p8/documents/100157969

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100161892

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100161590

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21650623

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643698

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas12088ececb530423186257b410072035e

Trust: 0.3

url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03315912

Trust: 0.3

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03383940

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21638022

Trust: 0.3

url:https://www.ibm.com/support/docview.wss?uid=swg21619837

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21631322

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg400001560

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24030251

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24033501

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004323

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643442

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=swg21625170

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21651176

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=swg21627934

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21633107

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21635888

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21638669

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21638670

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643439

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643437

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15314.html

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15388.html?ref=rss

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15389.html?ref=rss

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15395.html?ref=rss

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15460.html?ref=rss

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15461.html?ref=rss

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643316

Trust: 0.3

url:http://www.vmware.com/security/advisories/vmsa-2012-0013.html

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100158312

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100150578

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100156392

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-4109

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2012-1165

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2011-4576.html

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2011-4619.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2011-4108.html

Trust: 0.3

url:http://bugzilla.redhat.com/):

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-4577

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2012-2333

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-4109.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-2333.html

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-2110.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0884

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-0884.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-2110

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1165.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0027

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0050

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/310.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2012:0059

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://usn.ubuntu.com/1357-1/

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform&downloadtype=securitypatches&version=5.1.2

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform&downloadtype=securitypatches&version=6.0.0

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0036

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2016

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0057

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4078

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0031

Trust: 0.1

url:http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/psi/swddetail

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4885

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2834

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4317

Trust: 0.1

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.1

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-1944

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2014

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0830

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4153

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1823

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2013

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-4415

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3607

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0021

Trust: 0.1

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0053

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2012

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2015

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3379

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2821

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4577

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4576

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0027

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4619

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0050

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-201203-12.xml

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4109

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4108

Trust: 0.1

url:https://access.redhat.com/kb/docs/doc-11259

Trust: 0.1

url:https://access.redhat.com/security/team/key/#package

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-4577.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2012-0059.html

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.1

url:https://www.openssl.org/news/secadv_20120118.txt

Trust: 0.1

sources: CERT/CC: VU#737740 // VULMON: CVE-2011-4108 // BID: 51281 // JVNDB: JVNDB-2012-001017 // PACKETSTORM: 116824 // PACKETSTORM: 116826 // PACKETSTORM: 114272 // PACKETSTORM: 110482 // PACKETSTORM: 109053 // PACKETSTORM: 169673 // CNNVD: CNNVD-201201-057 // NVD: CVE-2011-4108

CREDITS

Nadhem Alfardan and Kenny Paterson, Information Security Group at Royal Holloway, University of London, Ben Laurie, Adam Langley, Andrew Chi, BBN Technologies and Andrey Kulikov

Trust: 0.3

sources: BID: 51281

SOURCES

db:CERT/CCid:VU#737740
db:VULMONid:CVE-2011-4108
db:BIDid:51281
db:JVNDBid:JVNDB-2012-001017
db:PACKETSTORMid:116824
db:PACKETSTORMid:116826
db:PACKETSTORMid:114272
db:PACKETSTORMid:110482
db:PACKETSTORMid:109053
db:PACKETSTORMid:169673
db:CNNVDid:CNNVD-201201-057
db:NVDid:CVE-2011-4108

LAST UPDATE DATE

2024-11-23T19:49:18.945000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#737740date:2013-05-02T00:00:00
db:VULMONid:CVE-2011-4108date:2016-08-23T00:00:00
db:BIDid:51281date:2015-04-13T21:31:00
db:JVNDBid:JVNDB-2012-001017date:2014-06-26T00:00:00
db:CNNVDid:CNNVD-201201-057date:2022-02-18T00:00:00
db:NVDid:CVE-2011-4108date:2024-11-21T01:31:51.760

SOURCES RELEASE DATE

db:CERT/CCid:VU#737740date:2013-03-18T00:00:00
db:VULMONid:CVE-2011-4108date:2012-01-06T00:00:00
db:BIDid:51281date:2012-01-05T00:00:00
db:JVNDBid:JVNDB-2012-001017date:2012-01-10T00:00:00
db:PACKETSTORMid:116824date:2012-09-25T00:15:05
db:PACKETSTORMid:116826date:2012-09-25T00:15:41
db:PACKETSTORMid:114272date:2012-06-28T03:39:12
db:PACKETSTORMid:110482date:2012-03-06T23:57:33
db:PACKETSTORMid:109053date:2012-01-24T23:58:58
db:PACKETSTORMid:169673date:2012-01-18T12:12:12
db:CNNVDid:CNNVD-201201-057date:2012-01-10T00:00:00
db:NVDid:CVE-2011-4108date:2012-01-06T01:55:00.783