ID

VAR-201302-0332


CVE

CVE-2013-1620


TITLE

Mozilla Network Security Services of TLS Vulnerabilities that trigger identity attacks and plain text recovery attacks

Trust: 0.8

sources: JVNDB: JVNDB-2013-001463

DESCRIPTION

The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. This vulnerability CVE-2013-0169 And related issues.A third party may be able to trigger identification and plain text recovery attacks through statistical analysis of timing data for crafted packets. Mozilla Network Security Services (NSS) is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Relevant releases VMware ESX 4.1 without patch ESX410-201312001 3. Problem Description a. Update to ESX service console kernel The ESX service console kernel is updated to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2012-2372, CVE-2012-3552, CVE-2013-2147, CVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2234, CVE-2013-2237, CVE-2013-2232 to these issues. VMware Product Running Replace with/ Product Version on Apply Patch ============== ======== ======= ================= ESXi any ESXi not applicable ESX 4.1 ESX ESX410-201312401-SG ESX 4.0 ESX patch pending b. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0791 and CVE-2013-1620 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============== ======== ======= ================= ESXi any ESXi not applicable ESX 4.1 ESX ESX410-201312403-SG ESX 4.0 ESX patch pending 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. ESX 4.1 ------- File: ESX410-201312001.zip md5sum: c35763a84db169dd0285442d4129cc18 sha1sum: ee8e1b8d2d383422ff0dde04749c5d89e77d8e40 http://kb.vmware.com/kb/2061209 ESX410-201312001 contains ESX410-201312401-SG and ESX410-201312403-SG. References --- kernel (service console) --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2372 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3552 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2234 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2237 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2232 --- NSPR and NSS (service console) --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0791 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1620 - ------------------------------------------------------------------------- 6. Change log 2013-12-05 VMSA-2013-0015 Initial security advisory in conjunction with the release of ESX 4.1 patches on 2013-12-05. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2013 VMware Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: nss, nss-util, nss-softokn, and nspr security update Advisory ID: RHSA-2013:1144-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1144.html Issue date: 2013-08-07 CVE Names: CVE-2013-0791 CVE-2013-1620 ===================================================================== 1. Summary: Updated nss, nss-util, nss-softokn, and nspr packages that fix two security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. nss-softokn provides an NSS softoken cryptographic module. It was discovered that NSS leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-1620) An out-of-bounds memory read flaw was found in the way NSS decoded certain certificates. If an application using NSS decoded a malformed certificate, it could cause the application to crash. (CVE-2013-0791) Red Hat would like to thank the Mozilla project for reporting CVE-2013-0791. Upstream acknowledges Ambroz Bizjak as the original reporter of CVE-2013-0791. This update also fixes the following bugs: * The RHBA-2013:0445 update (which upgraded NSS to version 3.14) prevented the use of certificates that have an MD5 signature. This caused problems in certain environments. With this update, certificates that have an MD5 signature are once again allowed. To prevent the use of certificates that have an MD5 signature, set the "NSS_HASH_ALG_SUPPORT" environment variable to "-MD5". (BZ#957603) * Previously, the sechash.h header file was missing, preventing certain source RPMs (such as firefox and xulrunner) from building. (BZ#948715) * A memory leak in the nssutil_ReadSecmodDB() function has been fixed. (BZ#984967) In addition, the nss package has been upgraded to upstream version 3.14.3, the nss-util package has been upgraded to upstream version 3.14.3, the nss-softokn package has been upgraded to upstream version 3.14.3, and the nspr package has been upgraded to upstream version 4.9.5. These updates provide a number of bug fixes and enhancements over the previous versions. (BZ#927157, BZ#927171, BZ#927158, BZ#927186) Users of NSS, NSPR, nss-util, and nss-softokn are advised to upgrade to these updated packages, which fix these issues and add these enhancements. After installing this update, applications using NSS, NSPR, nss-util, or nss-softokn must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 908234 - CVE-2013-1620 nss: TLS CBC padding timing attack 927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the lucky-13 issue [6.4.z] 927158 - Rebase to nss-softokn 3.14.3 to fix the lucky-13 issue [6.4.z] 927171 - Rebase to nss-util 3.14.3 as part of the fix for the lucky-13 issue [rhel-6.4.z] 927186 - Rebase to nspr-4.9.5 946947 - CVE-2013-0791 Mozilla: Out-of-bounds array read in CERT_DecodeCertPackage (MFSA 2013-40) 984967 - nssutil_ReadSecmodDB() leaks memory [6.4.z] 985955 - nss-softokn: missing partial RELRO [6.4.z] 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/nspr-4.9.5-2.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/nss-3.14.3-4.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/nss-softokn-3.14.3-3.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/nss-util-3.14.3-3.el6_4.src.rpm i386: nspr-4.9.5-2.el6_4.i686.rpm nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nss-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-softokn-3.14.3-3.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm nss-sysinit-3.14.3-4.el6_4.i686.rpm nss-tools-3.14.3-4.el6_4.i686.rpm nss-util-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm x86_64: nspr-4.9.5-2.el6_4.i686.rpm nspr-4.9.5-2.el6_4.x86_64.rpm nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nspr-debuginfo-4.9.5-2.el6_4.x86_64.rpm nss-3.14.3-4.el6_4.i686.rpm nss-3.14.3-4.el6_4.x86_64.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.x86_64.rpm nss-softokn-3.14.3-3.el6_4.i686.rpm nss-softokn-3.14.3-3.el6_4.x86_64.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-3.14.3-3.el6_4.x86_64.rpm nss-sysinit-3.14.3-4.el6_4.x86_64.rpm nss-tools-3.14.3-4.el6_4.x86_64.rpm nss-util-3.14.3-3.el6_4.i686.rpm nss-util-3.14.3-3.el6_4.x86_64.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/nspr-4.9.5-2.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/nss-3.14.3-4.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/nss-softokn-3.14.3-3.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/nss-util-3.14.3-3.el6_4.src.rpm i386: nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nspr-devel-4.9.5-2.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-devel-3.14.3-4.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-4.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm nss-util-devel-3.14.3-3.el6_4.i686.rpm x86_64: nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nspr-debuginfo-4.9.5-2.el6_4.x86_64.rpm nspr-devel-4.9.5-2.el6_4.i686.rpm nspr-devel-4.9.5-2.el6_4.x86_64.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.x86_64.rpm nss-devel-3.14.3-4.el6_4.i686.rpm nss-devel-3.14.3-4.el6_4.x86_64.rpm nss-pkcs11-devel-3.14.3-4.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-4.el6_4.x86_64.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-softokn-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-devel-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.x86_64.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-util-devel-3.14.3-3.el6_4.i686.rpm nss-util-devel-3.14.3-3.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/nspr-4.9.5-2.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/nss-3.14.3-4.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/nss-softokn-3.14.3-3.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/nss-util-3.14.3-3.el6_4.src.rpm x86_64: nspr-4.9.5-2.el6_4.i686.rpm nspr-4.9.5-2.el6_4.x86_64.rpm nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nspr-debuginfo-4.9.5-2.el6_4.x86_64.rpm nss-3.14.3-4.el6_4.i686.rpm nss-3.14.3-4.el6_4.x86_64.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.x86_64.rpm nss-softokn-3.14.3-3.el6_4.i686.rpm nss-softokn-3.14.3-3.el6_4.x86_64.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-3.14.3-3.el6_4.x86_64.rpm nss-sysinit-3.14.3-4.el6_4.x86_64.rpm nss-tools-3.14.3-4.el6_4.x86_64.rpm nss-util-3.14.3-3.el6_4.i686.rpm nss-util-3.14.3-3.el6_4.x86_64.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/nspr-4.9.5-2.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/nss-3.14.3-4.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/nss-softokn-3.14.3-3.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/nss-util-3.14.3-3.el6_4.src.rpm x86_64: nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nspr-debuginfo-4.9.5-2.el6_4.x86_64.rpm nspr-devel-4.9.5-2.el6_4.i686.rpm nspr-devel-4.9.5-2.el6_4.x86_64.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.x86_64.rpm nss-devel-3.14.3-4.el6_4.i686.rpm nss-devel-3.14.3-4.el6_4.x86_64.rpm nss-pkcs11-devel-3.14.3-4.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-4.el6_4.x86_64.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-softokn-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-devel-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.x86_64.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-util-devel-3.14.3-3.el6_4.i686.rpm nss-util-devel-3.14.3-3.el6_4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/nspr-4.9.5-2.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/nss-3.14.3-4.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/nss-softokn-3.14.3-3.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/nss-util-3.14.3-3.el6_4.src.rpm i386: nspr-4.9.5-2.el6_4.i686.rpm nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nspr-devel-4.9.5-2.el6_4.i686.rpm nss-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-devel-3.14.3-4.el6_4.i686.rpm nss-softokn-3.14.3-3.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm nss-sysinit-3.14.3-4.el6_4.i686.rpm nss-tools-3.14.3-4.el6_4.i686.rpm nss-util-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm nss-util-devel-3.14.3-3.el6_4.i686.rpm ppc64: nspr-4.9.5-2.el6_4.ppc.rpm nspr-4.9.5-2.el6_4.ppc64.rpm nspr-debuginfo-4.9.5-2.el6_4.ppc.rpm nspr-debuginfo-4.9.5-2.el6_4.ppc64.rpm nspr-devel-4.9.5-2.el6_4.ppc.rpm nspr-devel-4.9.5-2.el6_4.ppc64.rpm nss-3.14.3-4.el6_4.ppc.rpm nss-3.14.3-4.el6_4.ppc64.rpm nss-debuginfo-3.14.3-4.el6_4.ppc.rpm nss-debuginfo-3.14.3-4.el6_4.ppc64.rpm nss-devel-3.14.3-4.el6_4.ppc.rpm nss-devel-3.14.3-4.el6_4.ppc64.rpm nss-softokn-3.14.3-3.el6_4.ppc.rpm nss-softokn-3.14.3-3.el6_4.ppc64.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.ppc.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.ppc64.rpm nss-softokn-devel-3.14.3-3.el6_4.ppc.rpm nss-softokn-devel-3.14.3-3.el6_4.ppc64.rpm nss-softokn-freebl-3.14.3-3.el6_4.ppc.rpm nss-softokn-freebl-3.14.3-3.el6_4.ppc64.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.ppc.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.ppc64.rpm nss-sysinit-3.14.3-4.el6_4.ppc64.rpm nss-tools-3.14.3-4.el6_4.ppc64.rpm nss-util-3.14.3-3.el6_4.ppc.rpm nss-util-3.14.3-3.el6_4.ppc64.rpm nss-util-debuginfo-3.14.3-3.el6_4.ppc.rpm nss-util-debuginfo-3.14.3-3.el6_4.ppc64.rpm nss-util-devel-3.14.3-3.el6_4.ppc.rpm nss-util-devel-3.14.3-3.el6_4.ppc64.rpm s390x: nspr-4.9.5-2.el6_4.s390.rpm nspr-4.9.5-2.el6_4.s390x.rpm nspr-debuginfo-4.9.5-2.el6_4.s390.rpm nspr-debuginfo-4.9.5-2.el6_4.s390x.rpm nspr-devel-4.9.5-2.el6_4.s390.rpm nspr-devel-4.9.5-2.el6_4.s390x.rpm nss-3.14.3-4.el6_4.s390.rpm nss-3.14.3-4.el6_4.s390x.rpm nss-debuginfo-3.14.3-4.el6_4.s390.rpm nss-debuginfo-3.14.3-4.el6_4.s390x.rpm nss-devel-3.14.3-4.el6_4.s390.rpm nss-devel-3.14.3-4.el6_4.s390x.rpm nss-softokn-3.14.3-3.el6_4.s390.rpm nss-softokn-3.14.3-3.el6_4.s390x.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.s390.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.s390x.rpm nss-softokn-devel-3.14.3-3.el6_4.s390.rpm nss-softokn-devel-3.14.3-3.el6_4.s390x.rpm nss-softokn-freebl-3.14.3-3.el6_4.s390.rpm nss-softokn-freebl-3.14.3-3.el6_4.s390x.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.s390.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.s390x.rpm nss-sysinit-3.14.3-4.el6_4.s390x.rpm nss-tools-3.14.3-4.el6_4.s390x.rpm nss-util-3.14.3-3.el6_4.s390.rpm nss-util-3.14.3-3.el6_4.s390x.rpm nss-util-debuginfo-3.14.3-3.el6_4.s390.rpm nss-util-debuginfo-3.14.3-3.el6_4.s390x.rpm nss-util-devel-3.14.3-3.el6_4.s390.rpm nss-util-devel-3.14.3-3.el6_4.s390x.rpm x86_64: nspr-4.9.5-2.el6_4.i686.rpm nspr-4.9.5-2.el6_4.x86_64.rpm nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nspr-debuginfo-4.9.5-2.el6_4.x86_64.rpm nspr-devel-4.9.5-2.el6_4.i686.rpm nspr-devel-4.9.5-2.el6_4.x86_64.rpm nss-3.14.3-4.el6_4.i686.rpm nss-3.14.3-4.el6_4.x86_64.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.x86_64.rpm nss-devel-3.14.3-4.el6_4.i686.rpm nss-devel-3.14.3-4.el6_4.x86_64.rpm nss-softokn-3.14.3-3.el6_4.i686.rpm nss-softokn-3.14.3-3.el6_4.x86_64.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-softokn-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-devel-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.x86_64.rpm nss-sysinit-3.14.3-4.el6_4.x86_64.rpm nss-tools-3.14.3-4.el6_4.x86_64.rpm nss-util-3.14.3-3.el6_4.i686.rpm nss-util-3.14.3-3.el6_4.x86_64.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-util-devel-3.14.3-3.el6_4.i686.rpm nss-util-devel-3.14.3-3.el6_4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/nss-3.14.3-4.el6_4.src.rpm i386: nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-4.el6_4.i686.rpm ppc64: nss-debuginfo-3.14.3-4.el6_4.ppc.rpm nss-debuginfo-3.14.3-4.el6_4.ppc64.rpm nss-pkcs11-devel-3.14.3-4.el6_4.ppc.rpm nss-pkcs11-devel-3.14.3-4.el6_4.ppc64.rpm s390x: nss-debuginfo-3.14.3-4.el6_4.s390.rpm nss-debuginfo-3.14.3-4.el6_4.s390x.rpm nss-pkcs11-devel-3.14.3-4.el6_4.s390.rpm nss-pkcs11-devel-3.14.3-4.el6_4.s390x.rpm x86_64: nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.x86_64.rpm nss-pkcs11-devel-3.14.3-4.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-4.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/nspr-4.9.5-2.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/nss-3.14.3-4.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/nss-softokn-3.14.3-3.el6_4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/nss-util-3.14.3-3.el6_4.src.rpm i386: nspr-4.9.5-2.el6_4.i686.rpm nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nspr-devel-4.9.5-2.el6_4.i686.rpm nss-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-devel-3.14.3-4.el6_4.i686.rpm nss-softokn-3.14.3-3.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm nss-sysinit-3.14.3-4.el6_4.i686.rpm nss-tools-3.14.3-4.el6_4.i686.rpm nss-util-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm nss-util-devel-3.14.3-3.el6_4.i686.rpm x86_64: nspr-4.9.5-2.el6_4.i686.rpm nspr-4.9.5-2.el6_4.x86_64.rpm nspr-debuginfo-4.9.5-2.el6_4.i686.rpm nspr-debuginfo-4.9.5-2.el6_4.x86_64.rpm nspr-devel-4.9.5-2.el6_4.i686.rpm nspr-devel-4.9.5-2.el6_4.x86_64.rpm nss-3.14.3-4.el6_4.i686.rpm nss-3.14.3-4.el6_4.x86_64.rpm nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.x86_64.rpm nss-devel-3.14.3-4.el6_4.i686.rpm nss-devel-3.14.3-4.el6_4.x86_64.rpm nss-softokn-3.14.3-3.el6_4.i686.rpm nss-softokn-3.14.3-3.el6_4.x86_64.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.i686.rpm nss-softokn-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-softokn-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-devel-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.x86_64.rpm nss-sysinit-3.14.3-4.el6_4.x86_64.rpm nss-tools-3.14.3-4.el6_4.x86_64.rpm nss-util-3.14.3-3.el6_4.i686.rpm nss-util-3.14.3-3.el6_4.x86_64.rpm nss-util-debuginfo-3.14.3-3.el6_4.i686.rpm nss-util-debuginfo-3.14.3-3.el6_4.x86_64.rpm nss-util-devel-3.14.3-3.el6_4.i686.rpm nss-util-devel-3.14.3-3.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/nss-3.14.3-4.el6_4.src.rpm i386: nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-4.el6_4.i686.rpm x86_64: nss-debuginfo-3.14.3-4.el6_4.i686.rpm nss-debuginfo-3.14.3-4.el6_4.x86_64.rpm nss-pkcs11-devel-3.14.3-4.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-4.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-0791.html https://www.redhat.com/security/data/cve/CVE-2013-1620.html https://access.redhat.com/security/updates/classification/#moderate https://rhn.redhat.com/errata/RHBA-2013-0445.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFSAo+lXlSAg2UNWIIRAi4kAJ0cXp7GWY8zHYfxviF3R6WB3cOlaACePdnV W7Ph1SnJjPLtEtsqk+XMl68= =LOHk -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Relevant releases/architectures: RHEV Hypervisor for RHEL-6 - noarch 3. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of "Install Failed". If this happens, place the host into maintenance mode, then activate it again to get the host back to an "Up" state. (CVE-2013-1620) It was found that the fix for CVE-2013-0167 released via RHSA-2013:0907 was incomplete. A privileged guest user could potentially use this flaw to make the host the guest is running on unavailable to the management server. This updated package provides updated components that include fixes for various security issues. ============================================================================ Ubuntu Security Notice USN-1763-1 March 14, 2013 nss vulnerability ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS Summary: NSS could be made to expose sensitive information over the network. Software Description: - nss: Network Security Service library Details: Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in NSS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: libnss3 3.14.3-0ubuntu0.12.10.1 Ubuntu 12.04 LTS: libnss3 3.14.3-0ubuntu0.12.04.1 Ubuntu 11.10: libnss3 3.14.3-0ubuntu0.11.10.1 Ubuntu 10.04 LTS: libnss3-1d 3.14.3-0ubuntu0.10.04.1 After a standard system update you need to restart any applications that use NSS, such as Evolution and Chromium, to make all the necessary changes. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle (MITM) traffic management of domain names that the customer did not legitimately own or control. This issue was resolved by revoking the trust for these specific mis-issued certificates (CVE-2013-0743). The sqlite3 update addresses a crash when using svn commit after export MALLOC_CHECK_=3. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFRXs87mqjQ0CJFipgRApRiAKDfmdXjMRCxXRr7W07dZkd5EBbggACgvCFx oo9AI76kr1Dhvb157gF22Cc= =5H/+ -----END PGP SIGNATURE----- . Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/nss < 3.15.3 >= 3.15.3 Description =========== Multiple vulnerabilities have been discovered in the Mozilla Network Security Service. Please review the CVE identifiers referenced below for more details about the vulnerabilities. Impact ====== A remote attacker can cause a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All Mozilla Network Security Service users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.15.3" Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages. References ========== [ 1 ] CVE-2013-1620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1620 [ 2 ] CVE-2013-1739 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1739 [ 3 ] CVE-2013-1741 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1741 [ 4 ] CVE-2013-2566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2566 [ 5 ] CVE-2013-5605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5605 [ 6 ] CVE-2013-5606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5606 [ 7 ] CVE-2013-5607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5607 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201406-19.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.61

sources: NVD: CVE-2013-1620 // JVNDB: JVNDB-2013-001463 // BID: 57777 // VULMON: CVE-2013-1620 // PACKETSTORM: 124315 // PACKETSTORM: 122730 // PACKETSTORM: 122970 // PACKETSTORM: 120811 // PACKETSTORM: 122673 // PACKETSTORM: 121116 // PACKETSTORM: 127174

AFFECTED PRODUCTS

vendor:mozillamodel:network security servicesscope: - version: -

Trust: 1.4

vendor:oraclemodel:glassfish communications serverscope:eqversion:2.0

Trust: 1.3

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:11.1

Trust: 1.3

vendor:oraclemodel:iplanet web proxy serverscope:eqversion:4.0

Trust: 1.3

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.2

Trust: 1.3

vendor:oraclemodel:iplanet web serverscope:eqversion:6.1

Trust: 1.3

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.1

Trust: 1.3

vendor:oraclemodel:vm serverscope:eqversion:3.2

Trust: 1.0

vendor:oraclemodel:openssoscope:eqversion:3.0-03

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:5.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.10

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:5.9

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:10.04

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:11.10

Trust: 1.0

vendor:oraclemodel:glassfish serverscope:eqversion:2.1.1

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:5.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:5.9

Trust: 1.0

vendor:mozillamodel:network security servicesscope:ltversion:3.14.3

Trust: 1.0

vendor:oraclemodel:iplanet web serverscope:eqversion:7.0

Trust: 1.0

vendor:oraclemodel:traffic directorscope:eqversion:11.1.1.6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:5.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.04

Trust: 1.0

vendor:oraclemodel:traffic directorscope:eqversion:11.1.1.7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:oraclemodel:enterprise managerscope:eqversion:grid control of enterprise manager ops center 11.1

Trust: 0.8

vendor:oraclemodel:enterprise managerscope:eqversion:grid control of enterprise manager ops center 12.1

Trust: 0.8

vendor:oraclemodel:enterprise managerscope:eqversion:grid control of enterprise manager ops center 12.2

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of glassfish communications server 2.0

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of glassfish enterprise server 2.1.1

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of oracle directory server enterprise edition 11.1.1.7

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of oracle directory server enterprise edition 7.0

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of oracle iplanet web proxy server 4.0

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of oracle iplanet web server 6.1

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of oracle iplanet web server 7.0

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of oracle opensso 3.0-03

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of oracle traffic director 11.1.1.6

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of oracle traffic director 11.1.1.7

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of sun java application server 8.1

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of sun java application server 8.2

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:(v. 5 server)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:(v. 5 client)

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:(v. 6)

Trust: 0.8

vendor:red hatmodel:enterprise linux eusscope:eqversion:(v. 5.9.z server)

Trust: 0.8

vendor:red hatmodel:enterprise linux hpc nodescope:eqversion:(v. 6)

Trust: 0.8

vendor:red hatmodel:enterprise linux long lifescope:eqversion:(v. 5.9 server)

Trust: 0.8

vendor:red hatmodel:enterprise linux serverscope:eqversion:(v. 6)

Trust: 0.8

vendor:red hatmodel:enterprise linux server ausscope:eqversion:(v. 6.4)

Trust: 0.8

vendor:red hatmodel:enterprise linux server eusscope:eqversion:(v. 6.4.z)

Trust: 0.8

vendor:red hatmodel:enterprise linux workstationscope:eqversion:(v. 6)

Trust: 0.8

vendor:red hatmodel:rhel desktop workstationscope:eqversion:(v. 5 client)

Trust: 0.8

vendor:oraclemodel:sun java application serverscope:eqversion:8.1

Trust: 0.3

vendor:f5model:big-ip wom hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:oraclemodel:solarisscope:neversion:11.1.20.5.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5

Trust: 0.3

vendor:redhatmodel:enterprise virtualizationscope:eqversion:3

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip gtm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip gtm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.1

Trust: 0.3

vendor:f5model:big-ip link controller hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.1

Trust: 0.3

vendor:f5model:big-iq devicescope:eqversion:4.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.5.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip asm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:9

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.3

Trust: 0.3

vendor:f5model:big-ip edge gateway hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:directory server enterprise editionscope:eqversion:11.1.1.7

Trust: 0.3

vendor:f5model:big-ip apm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:10

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.2.3

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.5

Trust: 0.3

vendor:avayamodel:aura system platform sp2scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip ltm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.3.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.1

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:meeting exchange sp2scope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip apm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.0

Trust: 0.3

vendor:f5model:big-ip ltm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip link controller hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.0.3

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.3

vendor:oraclemodel:glassfish enterprise serverscope:eqversion:2.1.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.3

Trust: 0.3

vendor:junipermodel:ctpview 7.3r1scope:neversion: -

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.4

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.40

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:11.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analytics hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controller hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip link controller hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.3

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura application server sip core pb23scope:eqversion:53002.0

Trust: 0.3

vendor:f5model:big-ip asm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.3

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip link controller hf4scope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip gtm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip ltm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip gtm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:mozillamodel:network security servicesscope:eqversion:0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2.2

Trust: 0.3

vendor:avayamodel:meeting exchange sp2scope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip link controller hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf4scope:eqversion:10.2.4

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0.1

Trust: 0.3

vendor:f5model:big-iq devicescope:eqversion:4.3

Trust: 0.3

vendor:f5model:big-ip edge gateway hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura communication manager utility services spscope:eqversion:6.16.1.0.9.8

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.2

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.0

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip gtm hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.5

Trust: 0.3

vendor:avayamodel:ip office server editionscope:eqversion:9.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.5

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.0.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2.4.0.15

Trust: 0.3

vendor:f5model:big-ip psm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip gtm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.2

Trust: 0.3

vendor:f5model:big-ip asm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:cms r17scope: - version: -

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtm hf4scope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.1

Trust: 0.3

vendor:oraclemodel:iplanet web server sp2scope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura application server sip core pb28scope:eqversion:53002.0

Trust: 0.3

vendor:f5model:big-ip link controller hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip edge gateway hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:meeting exchange sp1scope:eqversion:5.2

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.2

Trust: 0.3

vendor:f5model:big-ip asm hf4scope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.1.2

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip wom hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip link controller hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:oraclemodel:sun java application serverscope:eqversion:8.2

Trust: 0.3

vendor:f5model:big-ip edge gateway hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-iq securityscope:eqversion:4.3

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.1.0

Trust: 0.3

vendor:vmwaremodel:esx serverscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2.5.0.15

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.2

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:8

Trust: 0.3

vendor:f5model:big-ip psm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.6

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1

Trust: 0.3

vendor:oraclemodel:directory server enterprise editionscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura system manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip wom hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip analytics 11.0.0-hf2scope: - version: -

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip afm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:ip office server editionscope:eqversion:8.1

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.1

Trust: 0.3

vendor:f5model:big-ip asm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.3

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.3.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.6

Trust: 0.3

vendor:f5model:big-ip analytics hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip edge gateway hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:voice portal sp3scope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.6

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.8.3

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.3.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.1.1

Trust: 0.3

vendor:vmwaremodel:esx serverscope:eqversion:4.1

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5.1.1

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.6

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.3

Trust: 0.3

vendor:f5model:big-ip psm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:oraclemodel:traffic directorscope:eqversion:11.1.17

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:eqversion:11.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.9.3

Trust: 0.3

vendor:f5model:big-ip edge gateway hf5scope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:aura application server sip core pb19scope:eqversion:53002.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.2

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.6.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1x8664

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura collaboration environmentscope:eqversion:2.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.5

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.3

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:6.0

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.5.1

Trust: 0.3

vendor:junipermodel:ctpview 7.0r1scope:neversion: -

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip link controller hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-iq cloudscope:eqversion:4.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.2

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.1

Trust: 0.3

vendor:f5model:big-ip gtm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.0

Trust: 0.3

vendor:f5model:big-ip link controller hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2.1

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:7.3

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.2

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.5

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:avayamodel:aura application server sip core pb3scope:eqversion:53003.0

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.5

Trust: 0.3

vendor:oraclemodel:traffic directorscope:eqversion:11.1.16

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-iq cloudscope:eqversion:4.2

Trust: 0.3

vendor:avayamodel:aura application server sip core pb26scope:eqversion:53002.0

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.1

Trust: 0.3

vendor:f5model:big-ip asm hf2scope:eqversion:11.2.00

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.4

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analytics hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip gtm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-iq cloudscope:eqversion:4.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip gtm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura presence services sp2scope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.3

Trust: 0.3

vendor:avayamodel:aura presence services sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controller hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.5

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.2

Trust: 0.3

vendor:f5model:big-ip asm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf4scope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.2

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.3

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.4

Trust: 0.3

vendor:junipermodel:ctpview 7.1r3scope:neversion: -

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.5

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.3

Trust: 0.3

vendor:junipermodel:ctpview 7.1r2scope: - version: -

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.2

Trust: 0.3

vendor:avayamodel:aura application server sip core pb5scope:eqversion:53003.0

Trust: 0.3

vendor:f5model:big-ip apm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip analytics hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:oraclemodel:fusion middlewarescope:eqversion:3.0-03

Trust: 0.3

vendor:f5model:big-ip psm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.0

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:5

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.1

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.4

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.3

Trust: 0.3

vendor:avayamodel:aura conferencing sp1 standardscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip apm hf4scope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.2

Trust: 0.3

vendor:junipermodel:ctpviewscope:eqversion:4.6

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:eqversion:11.2

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.5.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.1

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:6.3

Trust: 0.3

vendor:redhatmodel:enterprise virtualization hypervisor for rhelscope:eqversion:60

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2.1.0.9

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53003.0

Trust: 0.3

vendor:avayamodel:aura application server sip core pb25scope:eqversion:53002.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.1

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.1

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.2

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.3

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.0.00

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura system manager sp3scope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip ltm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-iq securityscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura system platform sp3scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.2

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:2.3

Trust: 0.3

vendor:avayamodel:aura conferencingscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip psm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.6.0

Trust: 0.3

vendor:avayamodel:aura system platform sp1scope:eqversion:6.2

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip gtm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:ip office server editionscope:eqversion:8.0

Trust: 0.3

vendor:f5model:big-iq cloudscope:eqversion:4.3

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip ltm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip apm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip wom hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:5.1

Trust: 0.3

vendor:f5model:big-iq securityscope:eqversion:4.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.0

Trust: 0.3

vendor:junipermodel:ctpview 7.1r1scope: - version: -

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip analytics hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:6.0.1

Trust: 0.3

vendor:f5model:big-ip edge gateway hf4scope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.5

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1.0.9.8

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2.1

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.3

Trust: 0.3

vendor:avayamodel:aura application server sip core pb16scope:eqversion:53002.0

Trust: 0.3

vendor:f5model:big-iq securityscope:eqversion:4.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.0.00

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip link controller hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip gtm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:9.0

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.5

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.1.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop workstation clientscope:eqversion:5

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.1

Trust: 0.3

vendor:f5model:big-ip pem hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip edge gateway hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.0

Trust: 0.3

vendor:avayamodel:aura conferencing standardscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip edge gateway hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.6.0

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.1

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.5

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.2

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.5.1

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2.4

Trust: 0.3

sources: BID: 57777 // JVNDB: JVNDB-2013-001463 // CNNVD: CNNVD-201302-153 // NVD: CVE-2013-1620

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-1620
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-1620
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201302-153
value: MEDIUM

Trust: 0.6

VULMON: CVE-2013-1620
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-1620
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2013-1620 // JVNDB: JVNDB-2013-001463 // CNNVD: CNNVD-201302-153 // NVD: CVE-2013-1620

PROBLEMTYPE DATA

problemtype:CWE-203

Trust: 1.0

problemtype:CWE-310

Trust: 0.8

sources: JVNDB: JVNDB-2013-001463 // NVD: CVE-2013-1620

THREAT TYPE

remote

Trust: 1.0

sources: PACKETSTORM: 122730 // PACKETSTORM: 120811 // PACKETSTORM: 122673 // PACKETSTORM: 121116 // CNNVD: CNNVD-201302-153

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201302-153

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-001463

PATCH

title:Network Security Services (NSS)url:http://www.mozilla.org/projects/security/pki/nss/

Trust: 0.8

title:openSUSE-SU-2013:0631url:http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html

Trust: 0.8

title:openSUSE-SU-2013:0630url:http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html

Trust: 0.8

title:Text Form of Oracle Critical Patch Update - July 2014 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpujul2014verbose-1972958.html

Trust: 0.8

title:Text Form of Oracle Critical Patch Update - January 2014 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpujan2014verbose-1972951.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - January 2015url:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Trust: 0.8

title:Text Form of Oracle Critical Patch Update - January 2015 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - April 2014url:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Trust: 0.8

title:Text Form of Oracle Critical Patch Update - April 2014 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpuapr2014verbose-1972954.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - July 2014url:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - January 2014url:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Trust: 0.8

title:RHSA-2013:1135url:http://rhn.redhat.com/errata/RHSA-2013-1135.html

Trust: 0.8

title:RHSA-2013:1144url:http://rhn.redhat.com/errata/RHSA-2013-1144.html

Trust: 0.8

title:April 2014 Critical Patch Update Releasedurl:https://blogs.oracle.com/security/entry/april_2014_critical_patch_update

Trust: 0.8

title:CVE-2013-1620 Lucky Thirteen vulnerability in NSSurl:https://blogs.oracle.com/sunsecurity/entry/cve_2013_1620_lucky_thirteen

Trust: 0.8

title:January 2014 Critical Patch Update Releasedurl:https://blogs.oracle.com/security/entry/january_2014_critical_patch_update

Trust: 0.8

title:July 2014 Critical Patch Update Releasedurl:https://blogs.oracle.com/security/entry/july_2014_critical_patch_update

Trust: 0.8

title:Multiple vulnerabilities fixed in NSS 3.16url:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_nss

Trust: 0.8

title:January 2015 Critical Patch Update Releasedurl:https://blogs.oracle.com/security/entry/january_2015_critical_patch_update

Trust: 0.8

title:USN-1763-1url:http://www.ubuntu.com/usn/USN-1763-1

Trust: 0.8

title:NSS-3.14.2url:http://123.124.177.30/web/xxk/bdxqById.tag?id=45380

Trust: 0.6

title:Red Hat: Moderate: rhev-hypervisor6 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20131181 - Security Advisory

Trust: 0.1

title:Debian CVElist Bug Report Logs: TLS timing attack in nss (Lucky 13)url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=922753fbb34cf77ec7af0a627f0fd311

Trust: 0.1

title:Ubuntu Security Notice: nss vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1763-1

Trust: 0.1

title:Amazon Linux AMI: ALAS-2013-217url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2013-217

Trust: 0.1

title:Amazon Linux AMI: ALAS-2013-216url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2013-216

Trust: 0.1

title:VMware Security Advisories: VMware ESX updates to third party librariesurl:https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=d1c0aa2194be6d638d052fb7c02f5806

Trust: 0.1

title:Amazon Linux AMI: ALAS-2013-265url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2013-265

Trust: 0.1

title:Amazon Linux AMI: ALAS-2013-266url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2013-266

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - January 2015url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=4a692d6d60aa31507cb101702b494c51

Trust: 0.1

title:Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=6c15273f6bf4a785175f27073b98a1ce

Trust: 0.1

sources: VULMON: CVE-2013-1620 // JVNDB: JVNDB-2013-001463 // CNNVD: CNNVD-201302-153

EXTERNAL IDS

db:NVDid:CVE-2013-1620

Trust: 3.5

db:BIDid:57777

Trust: 2.0

db:OPENWALLid:OSS-SECURITY/2013/02/05/24

Trust: 2.0

db:JUNIPERid:JSA10761

Trust: 2.0

db:BIDid:64758

Trust: 1.7

db:JVNDBid:JVNDB-2013-001463

Trust: 0.8

db:CNNVDid:CNNVD-201302-153

Trust: 0.6

db:JUNIPERid:JSA10658

Trust: 0.3

db:VULMONid:CVE-2013-1620

Trust: 0.1

db:PACKETSTORMid:124315

Trust: 0.1

db:PACKETSTORMid:122730

Trust: 0.1

db:PACKETSTORMid:122970

Trust: 0.1

db:PACKETSTORMid:120811

Trust: 0.1

db:PACKETSTORMid:122673

Trust: 0.1

db:PACKETSTORMid:121116

Trust: 0.1

db:PACKETSTORMid:127174

Trust: 0.1

sources: VULMON: CVE-2013-1620 // BID: 57777 // JVNDB: JVNDB-2013-001463 // PACKETSTORM: 124315 // PACKETSTORM: 122730 // PACKETSTORM: 122970 // PACKETSTORM: 120811 // PACKETSTORM: 122673 // PACKETSTORM: 121116 // PACKETSTORM: 127174 // CNNVD: CNNVD-201302-153 // NVD: CVE-2013-1620

REFERENCES

url:http://www.isg.rhul.ac.uk/tls/tlstiming.pdf

Trust: 2.8

url:http://openwall.com/lists/oss-security/2013/02/05/24

Trust: 2.0

url:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Trust: 2.0

url:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Trust: 2.0

url:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Trust: 2.0

url:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Trust: 2.0

url:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Trust: 2.0

url:http://www.ubuntu.com/usn/usn-1763-1

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2013-1135.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2013-1144.html

Trust: 1.8

url:http://security.gentoo.org/glsa/glsa-201406-19.xml

Trust: 1.8

url:http://www.securityfocus.com/bid/57777

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html

Trust: 1.7

url:http://www.securityfocus.com/bid/64758

Trust: 1.7

url:http://www.vmware.com/security/advisories/vmsa-2014-0012.html

Trust: 1.7

url:http://seclists.org/fulldisclosure/2014/dec/23

Trust: 1.7

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10761

Trust: 1.7

url:http://www.securityfocus.com/archive/1/534161/100/0/threaded

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1620

Trust: 1.0

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1620

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-1620

Trust: 0.7

url:http://rhn.redhat.com/errata/rhsa-2013-1181.html

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2013-0791

Trust: 0.4

url:http://www.mozilla.org/projects/security/pki/nss/

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100175279

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15630.html?ref=rss

Trust: 0.3

url:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_nss

Trust: 0.3

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10658&cat=sirt_1&actp=list

Trust: 0.3

url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10761&cat=sirt_1&actp=list

Trust: 0.3

url:https://blogs.oracle.com/sunsecurity/entry/cve_2013_1620_lucky_thirteen

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100177694

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100174055

Trust: 0.3

url:https://www.vmware.com/security/advisories/vmsa-2013-0015.html

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-1620.html

Trust: 0.3

url:https://access.redhat.com/security/team/key/#package

Trust: 0.3

url:https://access.redhat.com/site/articles/11258

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-0791.html

Trust: 0.3

url:http://bugzilla.redhat.com/):

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/310.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2013:1181

Trust: 0.1

url:https://usn.ubuntu.com/1763-1/

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=34943

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2164

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2147

Trust: 0.1

url:https://gpgtools.org

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2206

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3552

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2234

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3552

Trust: 0.1

url:http://www.vmware.com/security/advisories

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2206

Trust: 0.1

url:http://kb.vmware.com/kb/2061209

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2237

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2232

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2164

Trust: 0.1

url:http://kb.vmware.com/kb/1055

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2232

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2224

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2234

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0791

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2224

Trust: 0.1

url:http://www.vmware.com/support/policies/security_response.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-2372

Trust: 0.1

url:http://www.vmware.com/support/policies/eos.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2147

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2372

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2237

Trust: 0.1

url:http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

Trust: 0.1

url:http://www.vmware.com/support/policies/eos_vi.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhba-2013-0445.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-4236.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2013-0907.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2013-1155.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-4236

Trust: 0.1

url:https://rhn.redhat.com/errata/rhba-2013-1158.html

Trust: 0.1

url:https://access.redhat.com/site/documentation/en-us/red_hat_enterprise_linux/6/html/hypervisor_deployment_guide/chap-deployment_guide-upgrading_red_hat_enterprise_virtualization_hypervisors.html

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/nss/3.14.3-0ubuntu0.12.10.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/nss/3.14.3-0ubuntu0.10.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/nss/3.14.3-0ubuntu0.11.10.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/nss/3.14.3-0ubuntu0.12.04.1

Trust: 0.1

url:http://www.mozilla.org/security/announce/2013/mfsa2013-20.html

Trust: 0.1

url:http://www.mandriva.com/en/support/security/

Trust: 0.1

url:https://wiki.mageia.org/en/support/advisories/mgaa-2012-0234

Trust: 0.1

url:http://www.mandriva.com/en/support/security/advisories/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0743

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-0743

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5606

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-5607

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1739

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-1741

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1620

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2566

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-1739

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5607

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-5606

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2566

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1741

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-5605

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5605

Trust: 0.1

sources: VULMON: CVE-2013-1620 // BID: 57777 // JVNDB: JVNDB-2013-001463 // PACKETSTORM: 124315 // PACKETSTORM: 122730 // PACKETSTORM: 122970 // PACKETSTORM: 120811 // PACKETSTORM: 122673 // PACKETSTORM: 121116 // PACKETSTORM: 127174 // CNNVD: CNNVD-201302-153 // NVD: CVE-2013-1620

CREDITS

Nadhem J. AlFardan and Kenneth G. Paterson

Trust: 0.3

sources: BID: 57777

SOURCES

db:VULMONid:CVE-2013-1620
db:BIDid:57777
db:JVNDBid:JVNDB-2013-001463
db:PACKETSTORMid:124315
db:PACKETSTORMid:122730
db:PACKETSTORMid:122970
db:PACKETSTORMid:120811
db:PACKETSTORMid:122673
db:PACKETSTORMid:121116
db:PACKETSTORMid:127174
db:CNNVDid:CNNVD-201302-153
db:NVDid:CVE-2013-1620

LAST UPDATE DATE

2024-12-24T22:20:26.014000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2013-1620date:2018-10-09T00:00:00
db:BIDid:57777date:2016-10-26T04:09:00
db:JVNDBid:JVNDB-2013-001463date:2015-01-30T00:00:00
db:CNNVDid:CNNVD-201302-153date:2022-12-22T00:00:00
db:NVDid:CVE-2013-1620date:2024-11-21T01:50:00.960

SOURCES RELEASE DATE

db:VULMONid:CVE-2013-1620date:2013-02-08T00:00:00
db:BIDid:57777date:2013-02-04T00:00:00
db:JVNDBid:JVNDB-2013-001463date:2013-02-13T00:00:00
db:PACKETSTORMid:124315date:2013-12-07T16:58:05
db:PACKETSTORMid:122730date:2013-08-08T00:50:18
db:PACKETSTORMid:122970date:2013-08-27T23:37:21
db:PACKETSTORMid:120811date:2013-03-15T02:19:25
db:PACKETSTORMid:122673date:2013-08-05T17:55:37
db:PACKETSTORMid:121116date:2013-04-07T15:06:11
db:PACKETSTORMid:127174date:2014-06-24T00:56:06
db:CNNVDid:CNNVD-201302-153date:2013-02-18T00:00:00
db:NVDid:CVE-2013-1620date:2013-02-08T19:55:01.203