ID

VAR-201308-0259


CVE

CVE-2013-4238


TITLE

Python of SSL Module ssl.match_hostname Any in the function SSL Vulnerability impersonating a server

Trust: 0.8

sources: JVNDB: JVNDB-2013-003780

DESCRIPTION

The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. SSL A vulnerability that impersonates a server exists. Python is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from the server. An attacker can exploit this issue to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. ============================================================================ Ubuntu Security Notice USN-1984-1 October 01, 2013 python3.2 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS Summary: Several security issues were fixed in Python. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. (CVE-2013-4238) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: python3.2 3.2.3-6ubuntu3.4 python3.2-minimal 3.2.3-6ubuntu3.4 Ubuntu 12.04 LTS: python3.2 3.2.3-0ubuntu3.5 python3.2-minimal 3.2.3-0ubuntu3.5 In general, a standard system update will make all the necessary changes. CVE-2014-1912 Ryan Smith-Roberts discovered a buffer overflow in the socket.recvfrom_into() function. For the stable distribution (wheezy), these problems have been fixed in version 2.7.3-6+deb7u2. For the unstable distribution (sid), these problems have been fixed in version 2.7.6-7. We recommend that you upgrade your python2.7 packages. Summary VMware vSphere product updates address a Cross Site Scripting issue, a certificate validation issue and security vulnerabilities in third-party libraries. Relevant releases VMware vCenter Server Appliance 5.1 Prior to Update 3 VMware vCenter Server 5.5 prior to Update 2 VMware vCenter Server 5.1 prior to Update 3 VMware vCenter Server 5.0 prior to Update 3c VMware ESXi 5.1 without patch ESXi510-201412101-SG 3. Problem Description a. VMware vCSA cross-site scripting vulnerability VMware vCenter Server Appliance (vCSA) contains a vulnerability that may allow for Cross Site Scripting. Exploitation of this vulnerability in vCenter Server requires tricking a user to click on a malicious link or to open a malicious web page while they are logged in into vCenter. VMware would like to thank Tanya Secker of Trustwave SpiderLabs for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3797 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= vCSA 5.5 any Not Affected vCSA 5.1 any 5.1 Update 3 vCSA 5.0 any Not Affected b. vCenter Server certificate validation issue vCenter Server does not properly validate the presented certificate when establishing a connection to a CIM Server residing on an ESXi host. This may allow for a Man-in-the-middle attack against the CIM service. VMware would like to thank The Google Security Team for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2014-8371 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ============== vCenter Server 5.5 any 5.5 Update 2 vCenter Server 5.1 any 5.1 Update 3 vCenter Server 5.0 any 5.0 Update 3c c. Update to ESXi libxml2 package libxml2 is updated to address multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-2877 and CVE-2014-0191 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= ESXi 5.5 any Patch Pending ESXi 5.1 any ESXi510-201412101-SG ESXi 5.0 any No patch planned d. Update to ESXi Curl package Curl is updated to address multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-0015 and CVE-2014-0138 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ========= ======= ======= ================= ESXi 5.5 any Patch Pending ESXi 5.1 any ESXi510-201412101-SG ESXi 5.0 any No patch planned e. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-1752 and CVE-2013-4238 to these issues. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= ESXi 5.5 any Patch Pending ESXi 5.1 any ESXi510-201412101-SG ESXi 5.0 any Patch Pending f. vCenter and Update Manager, Oracle JRE 1.6 Update 81 Oracle has documented the CVE identifiers that are addressed in JRE 1.6.0 update 81 in the Oracle Java SE Critical Patch Update Advisory of July 2014. The References section provides a link to this advisory. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======= ======= ================= vCenter Server 5.5 any not applicable * vCenter Server 5.1 any 5.1 Update 3 vCenter Server 5.0 any patch pending vCenter Update Manager 5.5 any not applicable * vCenter Update Manager 5.1 any 5.1 Update 3 vCenter Update Manager 5.0 any patch pending * this product uses the Oracle JRE 1.7.0 family 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. vCSA 5.1 Update 3, vCenter Server 5.1 Update 3 and Update Manager 5.1 Update 3 ---------------------------- Downloads and Documentation: https://www.vmware.com/go/download-vsphere ESXi 5.1 ---------------------------- File: update-from-esxi5.1-5.1_update03.zip.zip md5sum: b3fd3549b59c6c59c04bfd09b08c6edf sha1sum: 02139101fe205894774caac02820f6ea8416fb8b http://kb.vmware.com/kb/2086288 update-from-esxi5.1-5.1_update03 contains ESXi510-201412101-SG 5. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3797 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8371 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238 JRE Oracle Java SE Critical Patch Update Advisory of July 2014 http://www.oracle.com/technetwork/topics/security/cpujul2014- 1972956.html - ------------------------------------------------------------------------ 6. Change log 2014-12-04 VMSA-2014-0012 Initial security advisory in conjunction with the release of VMware vCSA 5.1 Update 3, vCenter Server 5.1 Update 3 and ESXi 5.1 Patches released on 2014-12-04. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce at lists.vmware.com bugtraq at securityfocus.com fulldisclosure at seclists.org E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories Consolidated list of VMware Security Advisories http://kb.vmware.com/kb/2078735 VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html Twitter https://twitter.com/VMwareSRC Copyright 2014 VMware Inc. All rights reserved. Relevant releases/architectures: RHEV Hypervisor for RHEL-6 - noarch 3. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of "Install Failed". If this happens, place the host into maintenance mode, then activate it again to get the host back to an "Up" state. A buffer overflow flaw was found in the way QEMU processed the SCSI "REPORT LUNS" command when more than 256 LUNs were specified for a single SCSI target. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4344) Multiple flaws were found in the way Linux kernel handled HID (Human Interface Device) reports. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-4238) The default OpenSSH configuration made it easy for remote attackers to exhaust unauthorized connection slots and prevent other users from being able to log in to a system. This flaw has been addressed by enabling random early connection drops by setting MaxStartups to 10:30:100 by default. For more information, refer to the sshd_config(5) man page. The security fixes included in this update address the following CVE numbers: CVE-2012-0786 and CVE-2012-0787 (augeas issues) CVE-2013-1813 (busybox issue) CVE-2013-0221, CVE-2013-0222, and CVE-2013-0223 (coreutils issues) CVE-2012-4453 (dracut issue) CVE-2013-4332, CVE-2013-0242, and CVE-2013-1914 (glibc issues) CVE-2013-4387, CVE-2013-0343, CVE-2013-4345, CVE-2013-4591, CVE-2013-4592, CVE-2012-6542, CVE-2013-3231, CVE-2013-1929, CVE-2012-6545, CVE-2013-1928, CVE-2013-2164, CVE-2013-2234, and CVE-2013-2851 (kernel issues) CVE-2013-4242 (libgcrypt issue) CVE-2013-4419 (libguestfs issue) CVE-2013-1775, CVE-2013-2776, and CVE-2013-2777 (sudo issues) This update also fixes the following bug: * A previous version of the rhev-hypervisor6 package did not contain the latest vhostmd package, which provides a "metrics communication channel" between a host and its hosted virtual machines, allowing limited introspection of host resource usage from within virtual machines. This has been fixed, and rhev-hypervisor6 now includes the latest vhostmd package. Bugs fixed (https://bugzilla.redhat.com/): 908060 - rhev-hypervisor 6.5 release 908707 - CVE-2010-5107 openssh: Prevent connection slot exhaustion attacks 996381 - CVE-2013-4238 python: hostname check bypassing vulnerability in SSL module 999890 - CVE-2013-2889 Kernel: HID: zeroplus: heap overflow flaw 1000429 - CVE-2013-2892 Kernel: HID: pantherlord: heap overflow flaw 1000451 - CVE-2013-2888 Kernel: HID: memory corruption flaw 1007330 - CVE-2013-4344 qemu: buffer overflow in scsi_target_emulate_report_luns 1026703 - Latest vhostmd package is not built in 6. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python security, bug fix, and enhancement update Advisory ID: RHSA-2013:1582-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1582.html Issue date: 2013-11-21 CVE Names: CVE-2013-4238 ===================================================================== 1. Summary: Updated python packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language. Note that to exploit this issue, an attacker would need to obtain a carefully crafted certificate signed by an authority that the client trusts. (CVE-2013-4238) These updated python packages include numerous bug fixes and one enhancement. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes. All users of python are advised to upgrade to these updated packages, which fix these issues and add this enhancement. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 521898 - Fix instances of #!/usr/bin/env python in python-tools 841937 - RHEL 6 installation fails when Turkish language is selected 845802 - python prepends UTF-8 BOM syslog messages - causes messages to be treated a EMERG level 893034 - yum traceback with python-2.6.6-29.el6_2.2 and higher + missing /dev/urandom 919163 - python logging problem - when rotating to new log file, logger checks file's stat when the file does not exist 928390 - Python SSLSocket.getpeercert() incorrectly returns an empty Subject Alternative Name from peer certificate. 948025 - SocketServer doesn't handle syscall interruption 958868 - Downstream added "timeout=None" keyword argument causes regression in eventlet 960168 - failed incoming SSL connection stays open 978129 - Please consider to backport patch: issue9374 urlparse should parse query and fragment for arbitrary schemes 996381 - CVE-2013-4238 python: hostname check bypassing vulnerability in SSL module 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/python-2.6.6-51.el6.src.rpm i386: python-2.6.6-51.el6.i686.rpm python-debuginfo-2.6.6-51.el6.i686.rpm python-libs-2.6.6-51.el6.i686.rpm tkinter-2.6.6-51.el6.i686.rpm x86_64: python-2.6.6-51.el6.x86_64.rpm python-debuginfo-2.6.6-51.el6.x86_64.rpm python-libs-2.6.6-51.el6.x86_64.rpm tkinter-2.6.6-51.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/python-2.6.6-51.el6.src.rpm i386: python-debuginfo-2.6.6-51.el6.i686.rpm python-devel-2.6.6-51.el6.i686.rpm python-test-2.6.6-51.el6.i686.rpm python-tools-2.6.6-51.el6.i686.rpm x86_64: python-debuginfo-2.6.6-51.el6.x86_64.rpm python-devel-2.6.6-51.el6.x86_64.rpm python-test-2.6.6-51.el6.x86_64.rpm python-tools-2.6.6-51.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/python-2.6.6-51.el6.src.rpm x86_64: python-2.6.6-51.el6.x86_64.rpm python-debuginfo-2.6.6-51.el6.x86_64.rpm python-devel-2.6.6-51.el6.x86_64.rpm python-libs-2.6.6-51.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/python-2.6.6-51.el6.src.rpm x86_64: python-debuginfo-2.6.6-51.el6.x86_64.rpm python-test-2.6.6-51.el6.x86_64.rpm python-tools-2.6.6-51.el6.x86_64.rpm tkinter-2.6.6-51.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/python-2.6.6-51.el6.src.rpm i386: python-2.6.6-51.el6.i686.rpm python-debuginfo-2.6.6-51.el6.i686.rpm python-devel-2.6.6-51.el6.i686.rpm python-libs-2.6.6-51.el6.i686.rpm tkinter-2.6.6-51.el6.i686.rpm ppc64: python-2.6.6-51.el6.ppc64.rpm python-debuginfo-2.6.6-51.el6.ppc64.rpm python-devel-2.6.6-51.el6.ppc64.rpm python-libs-2.6.6-51.el6.ppc64.rpm tkinter-2.6.6-51.el6.ppc64.rpm s390x: python-2.6.6-51.el6.s390x.rpm python-debuginfo-2.6.6-51.el6.s390x.rpm python-devel-2.6.6-51.el6.s390x.rpm python-libs-2.6.6-51.el6.s390x.rpm x86_64: python-2.6.6-51.el6.x86_64.rpm python-debuginfo-2.6.6-51.el6.x86_64.rpm python-devel-2.6.6-51.el6.x86_64.rpm python-libs-2.6.6-51.el6.x86_64.rpm tkinter-2.6.6-51.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/python-2.6.6-51.el6.src.rpm i386: python-debuginfo-2.6.6-51.el6.i686.rpm python-test-2.6.6-51.el6.i686.rpm python-tools-2.6.6-51.el6.i686.rpm ppc64: python-debuginfo-2.6.6-51.el6.ppc64.rpm python-test-2.6.6-51.el6.ppc64.rpm python-tools-2.6.6-51.el6.ppc64.rpm s390x: python-debuginfo-2.6.6-51.el6.s390x.rpm python-test-2.6.6-51.el6.s390x.rpm python-tools-2.6.6-51.el6.s390x.rpm tkinter-2.6.6-51.el6.s390x.rpm x86_64: python-debuginfo-2.6.6-51.el6.x86_64.rpm python-test-2.6.6-51.el6.x86_64.rpm python-tools-2.6.6-51.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/python-2.6.6-51.el6.src.rpm i386: python-2.6.6-51.el6.i686.rpm python-debuginfo-2.6.6-51.el6.i686.rpm python-devel-2.6.6-51.el6.i686.rpm python-libs-2.6.6-51.el6.i686.rpm tkinter-2.6.6-51.el6.i686.rpm x86_64: python-2.6.6-51.el6.x86_64.rpm python-debuginfo-2.6.6-51.el6.x86_64.rpm python-devel-2.6.6-51.el6.x86_64.rpm python-libs-2.6.6-51.el6.x86_64.rpm tkinter-2.6.6-51.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/python-2.6.6-51.el6.src.rpm i386: python-debuginfo-2.6.6-51.el6.i686.rpm python-test-2.6.6-51.el6.i686.rpm python-tools-2.6.6-51.el6.i686.rpm x86_64: python-debuginfo-2.6.6-51.el6.x86_64.rpm python-test-2.6.6-51.el6.x86_64.rpm python-tools-2.6.6-51.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-4238.html https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/python.html#RHSA-2013-1582 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFSjYqsXlSAg2UNWIIRAuMMAJwM8jw9rPAfeyuTRa3MRzo4uld8KACfQjmk XBl65OiG/woL4p1WaTgJdK0= =MrR1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.52

sources: NVD: CVE-2013-4238 // JVNDB: JVNDB-2013-003780 // BID: 61738 // PACKETSTORM: 123471 // PACKETSTORM: 123473 // PACKETSTORM: 125750 // PACKETSTORM: 129402 // PACKETSTORM: 124120 // PACKETSTORM: 124136 // PACKETSTORM: 123470

AFFECTED PRODUCTS

vendor:pythonmodel:pythonscope:eqversion:3.1.1

Trust: 1.6

vendor:pythonmodel:pythonscope:eqversion:3.1

Trust: 1.6

vendor:pythonmodel:pythonscope:eqversion:3.1.2

Trust: 1.6

vendor:pythonmodel:pythonscope:eqversion:2.7.3

Trust: 1.6

vendor:pythonmodel:pythonscope:eqversion:3.1.2150

Trust: 1.6

vendor:pythonmodel:pythonscope:eqversion:3.0.1

Trust: 1.6

vendor:pythonmodel:pythonscope:eqversion:3.1.5

Trust: 1.6

vendor:pythonmodel:pythonscope:eqversion:3.0

Trust: 1.6

vendor:pythonmodel:pythonscope:eqversion:3.1.4

Trust: 1.6

vendor:pythonmodel:pythonscope:eqversion:3.1.3

Trust: 1.6

vendor:vmwaremodel:esxiscope:eqversion:5.0

Trust: 1.1

vendor:vmwaremodel:esxiscope:eqversion:5.5

Trust: 1.1

vendor:pythonmodel:pythonscope:eqversion:2.6.3

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.6.7

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.6.4

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.6.1

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.6.2

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.6.6

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.6.5

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:3.4

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:12.3

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.7.1150

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:3.3

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.6.8

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:11.4

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.7.2

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.7.2150

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:12.2

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.7.1

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:3.2.3

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:3.2.2150

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.6.6150

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:3.2

Trust: 1.0

vendor:pythonmodel:pythonscope:eqversion:2.6.2150

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:10.04

Trust: 1.0

vendor:vmwaremodel:esxiscope:eqversion:5.1 esxi510-201412101-sg

Trust: 0.8

vendor:novellmodel:opensusescope:eqversion:12.2

Trust: 0.8

vendor:pythonmodel:pythonscope:eqversion:2.6 to 3.4

Trust: 0.8

vendor:vmwaremodel:esxiscope:ltversion:5.1

Trust: 0.8

vendor:novellmodel:opensusescope:eqversion:11.4

Trust: 0.8

vendor:canonicalmodel:ubuntuscope:eqversion:10.04 lts

Trust: 0.8

vendor:novellmodel:opensusescope:eqversion:12.3

Trust: 0.8

vendor:f5model:big-ip wom hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip gtm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip gtm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip link controller hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:cmsscope:eqversion:17.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.6.0

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-iq devicescope:eqversion:4.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.5.0

Trust: 0.3

vendor:vmwaremodel:esxiscope:eqversion:5.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip asm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:solarisscope:neversion:11.1.12.5.0

Trust: 0.3

vendor:susemodel:linux enterprise software development kit sp3scope:eqversion:11

Trust: 0.3

vendor:f5model:big-ip edge gateway hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip apm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-iq devicescope:eqversion:4.4

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip ltm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2

Trust: 0.3

vendor:pythonmodel:software foundation pythonscope:eqversion:3.2

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:12.10

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.1

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.1

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:12.10

Trust: 0.3

vendor:f5model:big-ip apm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.0

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:6.2

Trust: 0.3

vendor:pythonmodel:software foundation pythonscope:eqversion:2.7.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:2.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.40

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analytics hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controller hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip link controller hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:susemodel:linux enterprise server sp3 for vmwarescope:eqversion:11

Trust: 0.3

vendor:f5model:big-ip asm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-iq securityscope:eqversion:4.4

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.3

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.2

Trust: 0.3

vendor:ubuntumodel:linuxscope:eqversion:13.04

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip gtm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip ltm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.3.0

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip link controller hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-iq devicescope:eqversion:4.3

Trust: 0.3

vendor:f5model:big-ip edge gateway hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.0

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1

Trust: 0.3

vendor:pythonmodel:software foundation pythonscope:eqversion:3.3

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:ip office server editionscope:eqversion:9.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.0.0

Trust: 0.3

vendor:f5model:big-ip psm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip gtm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip asm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:pythonmodel:software foundation pythonscope:neversion:2.7.6

Trust: 0.3

vendor:avayamodel:cms r17scope: - version: -

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 0.3

vendor:pythonmodel:software foundation pythonscope:neversion:3.3.3

Trust: 0.3

vendor:f5model:big-ip link controller hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.00

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip edge gateway hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.2

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:susemodel:linux enterprise server sp3scope:eqversion:11

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.3

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip wom hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip link controller hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip edge gateway hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-iq securityscope:eqversion:4.3

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.1.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip psm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip wom hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip analytics 11.0.0-hf2scope: - version: -

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip afm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:avayamodel:ip office server editionscope:eqversion:8.1

Trust: 0.3

vendor:f5model:big-ip asm hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.1

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip analytics hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip edge gateway hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.3.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip psm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.6.0

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1x8664

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura collaboration environmentscope:eqversion:2.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2.1

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp3scope:eqversion:11

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip link controller hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-iq cloudscope:eqversion:4.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtm hf5scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.4.0

Trust: 0.3

vendor:f5model:big-ip link controller hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.6.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.2

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.5

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-iq cloudscope:eqversion:4.2

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:f5model:big-ip asm hf2scope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip analytics hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.4.1

Trust: 0.3

vendor:avayamodel:aura experience portal sp2scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip gtm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-iq cloudscope:eqversion:4.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip gtm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controller hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip asm hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.3

Trust: 0.3

vendor:pythonmodel:software foundation pythonscope:eqversion:2.6

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip apm hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:libreofficemodel:libreofficescope:neversion:4.2.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip analytics hf2scope:eqversion:11.2.1

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip psm hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:eqversion:11.2.0

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.1

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:6.3

Trust: 0.3

vendor:redhatmodel:enterprise virtualization hypervisor for rhelscope:eqversion:60

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:libreofficemodel:libreofficescope:neversion:4.1.5

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura experience portal sp1scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.6

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.2

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.4

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.3

Trust: 0.3

vendor:vmwaremodel:esxi esxi510-20141210scope:neversion:5.5

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.0.00

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-iq securityscope:eqversion:4.0

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:2.3

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip psm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip gtm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-iq cloudscope:eqversion:4.3

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip ltm hf1scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:aura utility servicesscope:eqversion:6.3

Trust: 0.3

vendor:f5model:big-ip apm hf2scope:eqversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip wom hf1scope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.4.1

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:f5model:big-iq securityscope:eqversion:4.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.4

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:f5model:big-ip analytics hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.5

Trust: 0.3

vendor:avayamodel:aura utility servicesscope:eqversion:6.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-iq securityscope:eqversion:4.1

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.0.00

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip link controller hf3scope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip gtm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:9.0

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.1.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.1

Trust: 0.3

vendor:f5model:big-ip pem hf4scope:eqversion:11.3.0

Trust: 0.3

vendor:pythonmodel:software foundation pythonscope:eqversion:3.4

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip edge gateway hf7scope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-iq cloudscope:eqversion:4.4

Trust: 0.3

vendor:f5model:big-ip edge gateway hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.6.0

Trust: 0.3

vendor:pythonmodel:software foundation pythonscope:eqversion:2.7

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.5.1

Trust: 0.3

sources: BID: 61738 // JVNDB: JVNDB-2013-003780 // CNNVD: CNNVD-201308-202 // NVD: CVE-2013-4238

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-4238
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-4238
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201308-202
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2013-4238
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2013-003780 // CNNVD: CNNVD-201308-202 // NVD: CVE-2013-4238

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2013-003780 // NVD: CVE-2013-4238

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201308-202

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201308-202

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-003780

PATCH

title:openSUSE-SU-2013:1437url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html

Trust: 0.8

title:openSUSE-SU-2013:1438url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html

Trust: 0.8

title:openSUSE-SU-2013:1439url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html

Trust: 0.8

title:openSUSE-SU-2013:1440url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html

Trust: 0.8

title:openSUSE-SU-2013:1462url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html

Trust: 0.8

title:openSUSE-SU-2013:1463url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html

Trust: 0.8

title:issue18709url:http://bugs.python.org/issue18709

Trust: 0.8

title:Bug 996381url:https://bugzilla.redhat.com/show_bug.cgi?id=996381

Trust: 0.8

title:RHSA-2013:1582url:http://rhn.redhat.com/errata/RHSA-2013-1582.html

Trust: 0.8

title:CVE-2013-4238 Input Validation vulnerability in Pythonurl:https://blogs.oracle.com/sunsecurity/entry/cve_2013_4238_input_validation

Trust: 0.8

title:USN-1982-1url:http://www.ubuntu.com/usn/USN-1982-1/

Trust: 0.8

title:VMSA-2014-0012url:http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Trust: 0.8

title:Python SSL Repair measures for module security bypass vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100911

Trust: 0.6

sources: JVNDB: JVNDB-2013-003780 // CNNVD: CNNVD-201308-202

EXTERNAL IDS

db:NVDid:CVE-2013-4238

Trust: 3.4

db:JVNDBid:JVNDB-2013-003780

Trust: 0.8

db:AUSCERTid:ESB-2022.0696

Trust: 0.6

db:AUSCERTid:ESB-2020.0296

Trust: 0.6

db:CNNVDid:CNNVD-201308-202

Trust: 0.6

db:BIDid:61738

Trust: 0.3

db:PACKETSTORMid:123471

Trust: 0.1

db:PACKETSTORMid:123473

Trust: 0.1

db:PACKETSTORMid:125750

Trust: 0.1

db:PACKETSTORMid:129402

Trust: 0.1

db:PACKETSTORMid:124120

Trust: 0.1

db:PACKETSTORMid:124136

Trust: 0.1

db:PACKETSTORMid:123470

Trust: 0.1

sources: BID: 61738 // JVNDB: JVNDB-2013-003780 // PACKETSTORM: 123471 // PACKETSTORM: 123473 // PACKETSTORM: 125750 // PACKETSTORM: 129402 // PACKETSTORM: 124120 // PACKETSTORM: 124136 // PACKETSTORM: 123470 // CNNVD: CNNVD-201308-202 // NVD: CVE-2013-4238

REFERENCES

url:http://rhn.redhat.com/errata/rhsa-2013-1582.html

Trust: 1.7

url:http://www.ubuntu.com/usn/usn-1982-1

Trust: 1.7

url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html

Trust: 1.6

url:http://www.securityfocus.com/archive/1/534161/100/0/threaded

Trust: 1.6

url:http://bugs.python.org/issue18709

Trust: 1.6

url:http://seclists.org/fulldisclosure/2014/dec/23

Trust: 1.6

url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html

Trust: 1.6

url:http://www.debian.org/security/2014/dsa-2880

Trust: 1.6

url:http://www.vmware.com/security/advisories/vmsa-2014-0012.html

Trust: 1.6

url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html

Trust: 1.6

url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html

Trust: 1.6

url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html

Trust: 1.6

url:https://bugzilla.redhat.com/show_bug.cgi?id=996381

Trust: 1.6

url:http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html

Trust: 1.6

url:http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4238

Trust: 0.9

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4238

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-4238

Trust: 0.7

url:https://www.suse.com/support/update/announcement/2020/suse-su-20200234-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0696

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0296/

Trust: 0.6

url:http://www.python.org/

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-2099

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-4238.html

Trust: 0.2

url:https://access.redhat.com/site/articles/11258

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://bugzilla.redhat.com/):

Trust: 0.2

url:https://access.redhat.com/security/team/key/#package

Trust: 0.2

url:https://launchpad.net/ubuntu/+source/python3.2/3.2.3-6ubuntu3.4

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-1984-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/python3.2/3.2.3-0ubuntu3.5

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-1985-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/python3.3/3.3.0-1ubuntu0.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/python3.3/3.3.1-1ubuntu5.2

Trust: 0.1

url:http://www.debian.org/security/faq

Trust: 0.1

url:http://www.debian.org/security/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-1912

Trust: 0.1

url:https://twitter.com/vmwaresrc

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8371

Trust: 0.1

url:http://kb.vmware.com/kb/2078735

Trust: 0.1

url:http://www.vmware.com/security/advisories

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-1752

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0015

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0015

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0191

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0138

Trust: 0.1

url:http://kb.vmware.com/kb/1055

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1752

Trust: 0.1

url:http://kb.vmware.com/kb/2086288

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-8371

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2877

Trust: 0.1

url:http://www.oracle.com/technetwork/topics/security/cpujul2014-

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3797

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0138

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-0191

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-3797

Trust: 0.1

url:https://www.vmware.com/support/policies/lifecycle.html

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2877

Trust: 0.1

url:http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

Trust: 0.1

url:https://www.vmware.com/support/policies/security_response.html

Trust: 0.1

url:https://www.vmware.com/go/download-vsphere

Trust: 0.1

url:https://access.redhat.com/site/documentation/en-us/red_hat_enterprise_linux

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-4344.html

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2889

Trust: 0.1

url:https://rhn.redhat.com/errata/rhba-2013-1528.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2010-5107.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2888

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2013-1527.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2888.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-4344

Trust: 0.1

url:https://access.redhat.com/site/documentation/en-us/red_hat_enterprise_linux/6/html/hypervisor_deployment_guide/chap-deployment_guide-upgrading_red_hat_enterprise_virtualization_hypervisors.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2892.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2892

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-5107

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2889.html

Trust: 0.1

url:https://access.redhat.com/site/documentation/en-us/red_hat_enterprise_linux/6/html/6.5_technical_notes/python.html#rhsa-2013-1582

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/python2.6/2.6.5-1ubuntu6.2

Trust: 0.1

sources: BID: 61738 // JVNDB: JVNDB-2013-003780 // PACKETSTORM: 123471 // PACKETSTORM: 123473 // PACKETSTORM: 125750 // PACKETSTORM: 129402 // PACKETSTORM: 124120 // PACKETSTORM: 124136 // PACKETSTORM: 123470 // CNNVD: CNNVD-201308-202 // NVD: CVE-2013-4238

CREDITS

Ryan Sleevi of the Google Chrome Security Team

Trust: 0.9

sources: BID: 61738 // CNNVD: CNNVD-201308-202

SOURCES

db:BIDid:61738
db:JVNDBid:JVNDB-2013-003780
db:PACKETSTORMid:123471
db:PACKETSTORMid:123473
db:PACKETSTORMid:125750
db:PACKETSTORMid:129402
db:PACKETSTORMid:124120
db:PACKETSTORMid:124136
db:PACKETSTORMid:123470
db:CNNVDid:CNNVD-201308-202
db:NVDid:CVE-2013-4238

LAST UPDATE DATE

2024-12-24T20:04:09.121000+00:00


SOURCES UPDATE DATE

db:BIDid:61738date:2015-05-12T19:47:00
db:JVNDBid:JVNDB-2013-003780date:2014-12-18T00:00:00
db:CNNVDid:CNNVD-201308-202date:2022-02-18T00:00:00
db:NVDid:CVE-2013-4238date:2024-11-21T01:55:11.493

SOURCES RELEASE DATE

db:BIDid:61738date:2013-08-12T00:00:00
db:JVNDBid:JVNDB-2013-003780date:2013-08-20T00:00:00
db:PACKETSTORMid:123471date:2013-10-01T22:33:47
db:PACKETSTORMid:123473date:2013-10-01T22:34:24
db:PACKETSTORMid:125750date:2014-03-17T23:50:33
db:PACKETSTORMid:129402date:2014-12-05T15:22:00
db:PACKETSTORMid:124120date:2013-11-21T19:31:35
db:PACKETSTORMid:124136date:2013-11-21T19:36:50
db:PACKETSTORMid:123470date:2013-10-01T22:33:39
db:CNNVDid:CNNVD-201308-202date:2013-08-22T00:00:00
db:NVDid:CVE-2013-4238date:2013-08-18T02:52:22.943