Details of VAR-201410-1418

ID

VAR-201410-1418

CVE

CVE-2014-3566

TITLE

OpenSSL Encryption problem vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-201410-267

DESCRIPTION

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. There is a security vulnerability in the SSL protocol 3.0 version used in OpenSSL 1.0.1i and earlier versions. The vulnerability is caused by the program's use of non-deterministic CBC padding. Attackers can use padding-oracle attacks to exploit this vulnerability to implement man-in-the-middle attacks and obtain plaintext data. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-10-16-4 OS X Server v3.2.2 OS X Server v3.2.2 is now available and addresses the following: Server Available for: OS X Mavericks v10.9.5 or later Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 when a cipher suite uses a block cipher in CBC mode. An attacker could force the use of SSL 3.0, even when the server would support a better TLS version, by blocking TLS 1.0 and higher connection attempts. This issue was addressed by disabling SSL 3.0 support in Web Server, Calendar & Contacts Server, and Remote Administration. CVE-ID CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of Google Security Team OS X Server v3.2.2 may be obtained from the Mac App Store. ============================================================================ Ubuntu Security Notice USN-2486-1 January 27, 2015 openjdk-6 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Several security issues were fixed in OpenJDK 6. Software Description: - openjdk-6: Open Source Java implementation Details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400, CVE-2015-0407) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6593) A vulnerability was discovered in the OpenJDK JRE related to integrity and availability. An attacker could exploit this to cause a denial of service. (CVE-2015-0383) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could this exploit to cause a denial of service. (CVE-2015-0410) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.12.04.1 icedtea-6-jre-jamvm 6b34-1.13.6-1ubuntu0.12.04.1 openjdk-6-jre 6b34-1.13.6-1ubuntu0.12.04.1 openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.12.04.1 openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.12.04.1 openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.12.04.1 Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.10.04.1 openjdk-6-jre 6b34-1.13.6-1ubuntu0.10.04.1 openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.10.04.1 openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.10.04.1 openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.10.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Satellite IBM Java Runtime security update Advisory ID: RHSA-2015:0264-01 Product: Red Hat Satellite Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0264.html Issue date: 2015-02-24 CVE Names: CVE-2014-3065 CVE-2014-3068 CVE-2014-3566 CVE-2014-4209 CVE-2014-4218 CVE-2014-4219 CVE-2014-4227 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4265 CVE-2014-4288 CVE-2014-6457 CVE-2014-6458 CVE-2014-6492 CVE-2014-6493 CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6515 CVE-2014-6531 CVE-2014-6532 CVE-2014-6558 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-8891 CVE-2014-8892 CVE-2015-0395 CVE-2015-0403 CVE-2015-0406 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 ===================================================================== 1. Summary: Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Satellite 5.6. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Satellite 5.6 (RHEL v.5) - s390x, x86_64 Red Hat Satellite 5.6 (RHEL v.6) - s390x, x86_64 3. Description: This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Satellite 5.6. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2014-3065, CVE-2014-3068, CVE-2014-3566, CVE-2014-4209, CVE-2014-4218, CVE-2014-4219, CVE-2014-4227, CVE-2014-4244, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263, CVE-2014-4265, CVE-2014-4288, CVE-2014-6457, CVE-2014-6458, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-8891, CVE-2014-8892, CVE-2015-0395, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412) The CVE-2014-4262 and CVE-2014-6512 issues were discovered by Florian Weimer of Red Hat Product Security. Users of Red Hat Satellite 5.6 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR16-FP3 release. For this update to take effect, Red Hat Satellite must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all running instances of IBM Java. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509) 1075795 - CVE-2014-4262 OpenJDK: AtomicReferenceFieldUpdater missing primitive type check (Libraries, 8039520) 1119475 - CVE-2014-4244 OpenJDK: RSA blinding issues (Security, 8031346) 1119476 - CVE-2014-4263 OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162) 1119596 - CVE-2014-4219 OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119) 1119608 - CVE-2014-4209 OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755) 1119611 - CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) 1119613 - CVE-2014-4252 OpenJDK: Prevent instantiation of service with non-public constructor (Security, 8035004) 1119912 - CVE-2014-4227 Oracle JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment) 1119913 - CVE-2014-4265 Oracle JDK: unspecified vulnerability fixed in 6u81, 7u65 and 8u11 (Deployment) 1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564) 1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274) 1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797) 1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066) 1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846) 1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540) 1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack 1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache 1164201 - CVE-2014-3068 IBM JDK: Java CMS keystore provider potentially allows brute-force private key recovery 1183021 - CVE-2015-0412 OpenJDK: insufficient code privileges checks (JAX-WS, 8054367) 1183023 - CVE-2015-0408 OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309) 1183031 - CVE-2015-0395 OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125) 1183043 - CVE-2015-0407 OpenJDK: directory information leak via file chooser (Swing, 8055304) 1183044 - CVE-2015-0410 OpenJDK: DER decoder infinite loop (Security, 8059485) 1183049 - CVE-2014-6593 OpenJDK: incorrect tracking of ChangeCipherSpec during SSL/TLS handshake (JSSE, 8057555) 1183645 - CVE-2014-6585 ICU: font parsing OOB read (OpenJDK 2D, 8055489) 1183646 - CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276) 1183715 - CVE-2014-6587 OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) 1184275 - CVE-2015-0403 Oracle JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment) 1184277 - CVE-2015-0406 Oracle JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment) 1189142 - CVE-2014-8891 IBM JDK: unspecified full Java sandbox bypass fixed in Feb 2015 update 1189145 - CVE-2014-8892 IBM JDK: unspecified partial Java sandbox bypass fixed in Feb 2015 update 6. Package List: Red Hat Satellite 5.6 (RHEL v.5): Source: java-1.6.0-ibm-1.6.0.16.3-1jpp.1.el5.src.rpm s390x: java-1.6.0-ibm-1.6.0.16.3-1jpp.1.el5.s390x.rpm java-1.6.0-ibm-devel-1.6.0.16.3-1jpp.1.el5.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.16.3-1jpp.1.el5.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.3-1jpp.1.el5.x86_64.rpm Red Hat Satellite 5.6 (RHEL v.6): Source: java-1.6.0-ibm-1.6.0.16.3-1jpp.1.el6.src.rpm s390x: java-1.6.0-ibm-1.6.0.16.3-1jpp.1.el6.s390x.rpm java-1.6.0-ibm-devel-1.6.0.16.3-1jpp.1.el6.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.16.3-1jpp.1.el6.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.3-1jpp.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-3065 https://access.redhat.com/security/cve/CVE-2014-3068 https://access.redhat.com/security/cve/CVE-2014-3566 https://access.redhat.com/security/cve/CVE-2014-4209 https://access.redhat.com/security/cve/CVE-2014-4218 https://access.redhat.com/security/cve/CVE-2014-4219 https://access.redhat.com/security/cve/CVE-2014-4227 https://access.redhat.com/security/cve/CVE-2014-4244 https://access.redhat.com/security/cve/CVE-2014-4252 https://access.redhat.com/security/cve/CVE-2014-4262 https://access.redhat.com/security/cve/CVE-2014-4263 https://access.redhat.com/security/cve/CVE-2014-4265 https://access.redhat.com/security/cve/CVE-2014-4288 https://access.redhat.com/security/cve/CVE-2014-6457 https://access.redhat.com/security/cve/CVE-2014-6458 https://access.redhat.com/security/cve/CVE-2014-6492 https://access.redhat.com/security/cve/CVE-2014-6493 https://access.redhat.com/security/cve/CVE-2014-6502 https://access.redhat.com/security/cve/CVE-2014-6503 https://access.redhat.com/security/cve/CVE-2014-6506 https://access.redhat.com/security/cve/CVE-2014-6511 https://access.redhat.com/security/cve/CVE-2014-6512 https://access.redhat.com/security/cve/CVE-2014-6515 https://access.redhat.com/security/cve/CVE-2014-6531 https://access.redhat.com/security/cve/CVE-2014-6532 https://access.redhat.com/security/cve/CVE-2014-6558 https://access.redhat.com/security/cve/CVE-2014-6585 https://access.redhat.com/security/cve/CVE-2014-6587 https://access.redhat.com/security/cve/CVE-2014-6591 https://access.redhat.com/security/cve/CVE-2014-6593 https://access.redhat.com/security/cve/CVE-2014-8891 https://access.redhat.com/security/cve/CVE-2014-8892 https://access.redhat.com/security/cve/CVE-2015-0395 https://access.redhat.com/security/cve/CVE-2015-0403 https://access.redhat.com/security/cve/CVE-2015-0406 https://access.redhat.com/security/cve/CVE-2015-0407 https://access.redhat.com/security/cve/CVE-2015-0408 https://access.redhat.com/security/cve/CVE-2015-0410 https://access.redhat.com/security/cve/CVE-2015-0412 https://access.redhat.com/security/updates/classification/#low https://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU7IBcXlSAg2UNWIIRAmnVAJ9RzYdFI7Hnqtp44schpVp6Vm56zwCfWSIa WtUxnhr9LPERyAPysYa8+IM= =PfUz -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04574073 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04574073 Version: 3 HPSBMU03263 rev.3 - HP Insight Control running OpenSSL, Remote Disclosure of Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2015-03-16 Last Updated: 2015-05-20 Potential Security Impact: Remote disclosure of information Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Insight Control running OpenSSL. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. References: CVE-2014-3508 CVE-2014-3509 CVE-2014-3511 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-5139 SSRT101920 SSRT101921 SSRT101922 SSRT101894 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control impacted software components and versions HP Insight Control 7.2, 7.3 and 7.4 HP Insight Control server migration v7.2.0, v7.2.1, v7.2.2, v7.3.0, v7.3.1, v7.3.2 v7.3.3 and v 7.4.0 HP Systems Insight Manager (SIM) v7.2.0, v7.2.1, v7.2.2, v7.3.0, v7.3.1, v7.4.0, and 7.4.0a for Linux and Windows bundled with the following software: HP System Management Homepage (SMH) v7.2, v7.2.1, v7.2.2, v7.3.0, v7.3.1, v7.3.2, v7.3.3, v7.4.0, and 7.4.0a for Linux and Windows HP Version Control Agent (VCA) v7.2.0, v7.2.2, v7.3.0, v7.3.1, v7.3.2 and v7.3.3 for Windows HP Version Control Agent (VCA) v7.2.0, v7.2.2(A), v7.3.0, v7.3.2 and v7.3.3 for Linux HP Version Control Repository Manager (VCRM) v7.2.0, v7.2.2, v7.3.0, v7.3.1, v7.3.2, v7.3.3, v7.3.4, v7.4.0, and 7.4.0a for Windows HP Version Control Repository Manager (VCRM) v7.2.0, v7.3.4, v7.4.0 and v7.4.0a for Linux HP System Management Homepage (SMH) v7.2, v7.2.1, v7.2.2, v7.3.0, v7.3.1, v7.3.2, v7.3.3, v7.4.0, and 7.4.0a for Linux and Windows BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-3508 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3509 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3511 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-3513 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-3567 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2014-3568 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2014-5139 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has released the following software updates to resolve these vulnerabilities in HP Insight Control 7.2. The HP Insight Control 7.2.1 Update kit applicable to HP Insight Control 7.2.x installations is available at the following location: https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber =HPICE NOTE: Please read the readme.txt file before proceeding with the installation. HP has addressed these vulnerabilities for the impacted software components bundled with HP Insight Control in the following HP Security Bulletins: HP Insight Control software components HP Security Bulletin Security Bulletin Location HP Systems Insight Manager (SIM) HPSBMU03261 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_ na-c04571454 HP System Management Homepage (SMH) HPSBMU03260 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_ na-c04571379 HP Version Control Agent (VCA) HPSBMU03262 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_ na-c04571956 Version Control Repository Manager (VCRM) HPSBMU03259 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_ na-c04570627 HISTORY Version:1 (rev.1) - 16 March 2015 Initial release Version:2 (rev.2) - 14 April 2015 Incorrect version in Resolution Version:3 (rev.3) - 20 May 2015 Updated impacted versions Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

Trust: 1.62

sources: NVD: CVE-2014-3566 // VULHUB: VHN-71506 // PACKETSTORM: 128732 // PACKETSTORM: 130541 // PACKETSTORM: 130125 // PACKETSTORM: 130332 // PACKETSTORM: 130503 // PACKETSTORM: 132085 // PACKETSTORM: 129614

AFFECTED PRODUCTS

vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0n	Trust: 1.6
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1	Trust: 1.6
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0m	Trust: 1.6
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.4	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8o	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8h	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.7	Trust: 1.0
vendor:	novell	model:	suse linux enterprise server	scope:	eq	version:	11.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0j	Trust: 1.0
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	5	Trust: 1.0
vendor:	novell	model:	suse linux enterprise desktop	scope:	eq	version:	12.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0l	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.2	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.0.4	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.5	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.4	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	5.1.4	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.5	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1h	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8l	Trust: 1.0
vendor:	redhat	model:	enterprise linux desktop supplementary	scope:	eq	version:	5.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1i	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0d	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.8	Trust: 1.0
vendor:	redhat	model:	enterprise linux server supplementary	scope:	eq	version:	5.0	Trust: 1.0
vendor:	novell	model:	suse linux enterprise software development kit	scope:	eq	version:	12.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8x	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1d	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8v	Trust: 1.0
vendor:	novell	model:	suse linux enterprise desktop	scope:	eq	version:	10.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	20	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0b	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0f	Trust: 1.0
vendor:	novell	model:	suse linux enterprise desktop	scope:	eq	version:	11.0	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.3	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.1.5	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.0.2	Trust: 1.0
vendor:	opensuse	model:	opensuse	scope:	eq	version:	13.1	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8e	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8m	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1g	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	19	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.0.10	Trust: 1.0
vendor:	ibm	model:	aix	scope:	eq	version:	7.1	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.1.3	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8c	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	5.1.3	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.0.6	Trust: 1.0
vendor:	mageia	model:	mageia	scope:	eq	version:	3.0	Trust: 1.0
vendor:	novell	model:	suse linux enterprise software development kit	scope:	eq	version:	11.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	7.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lte	version:	10.10.1	Trust: 1.0
vendor:	ibm	model:	aix	scope:	eq	version:	5.3	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.6	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	7.0	Trust: 1.0
vendor:	mageia	model:	mageia	scope:	eq	version:	4.0	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.1	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8s	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.3	Trust: 1.0
vendor:	oracle	model:	database	scope:	eq	version:	12.1.0.2	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8a	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8r	Trust: 1.0
vendor:	oracle	model:	database	scope:	eq	version:	11.2.0.4	Trust: 1.0
vendor:	novell	model:	suse linux enterprise desktop	scope:	eq	version:	9.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8j	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8b	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.1	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	5.1	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	6.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8f	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.1.1	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.0.1	Trust: 1.0
vendor:	opensuse	model:	opensuse	scope:	eq	version:	12.3	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8k	Trust: 1.0
vendor:	redhat	model:	enterprise linux server supplementary	scope:	eq	version:	7.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8y	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.1	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8d	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.3	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	5.2.1	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0e	Trust: 1.0
vendor:	redhat	model:	enterprise linux desktop supplementary	scope:	eq	version:	6.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	21	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0k	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1e	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.0.13	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0h	Trust: 1.0
vendor:	redhat	model:	enterprise linux server supplementary	scope:	eq	version:	6.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8n	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	5.1.1	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.0.11	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	5.2	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.0.5	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1b	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.9	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1a	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.2	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	5.1.2	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.0.12	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.1	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	5.2.2	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.0.3	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8q	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation supplementary	scope:	eq	version:	7.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8g	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0a	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1f	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8z	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.4	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8za	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.2.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	7.0	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.1.4	Trust: 1.0
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	7.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation supplementary	scope:	eq	version:	6.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8u	Trust: 1.0
vendor:	novell	model:	suse linux enterprise server	scope:	eq	version:	12.0	Trust: 1.0
vendor:	netbsd	model:	netbsd	scope:	eq	version:	6.1.2	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8p	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	6.0	Trust: 1.0
vendor:	ibm	model:	aix	scope:	eq	version:	6.1	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.1.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	6.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8t	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8zb	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8w	Trust: 1.0
vendor:	ibm	model:	vios	scope:	eq	version:	2.2.3.0	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0c	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0g	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.0i	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	0.9.8i	Trust: 1.0
vendor:	openssl	model:	openssl	scope:	eq	version:	1.0.1c	Trust: 1.0

sources: CNNVD: CNNVD-201410-267 // NVD: CVE-2014-3566

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-3566
value:	LOW
Trust: 1.0
CNNVD:	CNNVD-201410-267
value:	LOW
Trust: 0.6
VULHUB:	VHN-71506
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-3566
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-71506
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2014-3566
baseSeverity:	LOW
baseScore:	3.4
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.6
impactScore:	1.4
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-71506 // CNNVD: CNNVD-201410-267 // NVD: CVE-2014-3566

PROBLEMTYPE DATA

problemtype:

CWE-310

Trust: 1.1

sources: VULHUB: VHN-71506 // NVD: CVE-2014-3566

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201410-267

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201410-267

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-71506

PATCH

title:

SSL3.0 Fixing measures for the encryption protocol information disclosure vulnerability

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=97711

Trust: 0.6

sources: CNNVD: CNNVD-201410-267

EXTERNAL IDS

db:	NVD	id:	CVE-2014-3566	Trust: 2.4
db:	ICS CERT	id:	ICSMA-18-058-02	Trust: 1.7
db:	SECUNIA	id:	61130	Trust: 1.7
db:	SECUNIA	id:	61995	Trust: 1.7
db:	SECUNIA	id:	60792	Trust: 1.7
db:	SECUNIA	id:	61019	Trust: 1.7
db:	SECUNIA	id:	61316	Trust: 1.7
db:	SECUNIA	id:	61827	Trust: 1.7
db:	SECUNIA	id:	61782	Trust: 1.7
db:	SECUNIA	id:	60056	Trust: 1.7
db:	SECUNIA	id:	61810	Trust: 1.7
db:	SECUNIA	id:	61819	Trust: 1.7
db:	SECUNIA	id:	61825	Trust: 1.7
db:	SECUNIA	id:	60206	Trust: 1.7
db:	SECUNIA	id:	61303	Trust: 1.7
db:	SECUNIA	id:	61359	Trust: 1.7
db:	SECUNIA	id:	61345	Trust: 1.7
db:	SECUNIA	id:	59627	Trust: 1.7
db:	SECUNIA	id:	60859	Trust: 1.7
db:	SECUNIA	id:	61926	Trust: 1.7
db:	SECTRACK	id:	1031120	Trust: 1.7
db:	SECTRACK	id:	1031106	Trust: 1.7
db:	SECTRACK	id:	1031124	Trust: 1.7
db:	SECTRACK	id:	1031091	Trust: 1.7
db:	SECTRACK	id:	1031095	Trust: 1.7
db:	SECTRACK	id:	1031088	Trust: 1.7
db:	SECTRACK	id:	1031093	Trust: 1.7
db:	SECTRACK	id:	1031105	Trust: 1.7
db:	SECTRACK	id:	1031094	Trust: 1.7
db:	SECTRACK	id:	1031087	Trust: 1.7
db:	SECTRACK	id:	1031090	Trust: 1.7
db:	SECTRACK	id:	1031107	Trust: 1.7
db:	SECTRACK	id:	1031132	Trust: 1.7
db:	SECTRACK	id:	1031085	Trust: 1.7
db:	SECTRACK	id:	1031039	Trust: 1.7
db:	SECTRACK	id:	1031096	Trust: 1.7
db:	SECTRACK	id:	1031131	Trust: 1.7
db:	SECTRACK	id:	1031029	Trust: 1.7
db:	SECTRACK	id:	1031123	Trust: 1.7
db:	SECTRACK	id:	1031086	Trust: 1.7
db:	SECTRACK	id:	1031130	Trust: 1.7
db:	SECTRACK	id:	1031092	Trust: 1.7
db:	SECTRACK	id:	1031089	Trust: 1.7
db:	USCERT	id:	TA14-290A	Trust: 1.7
db:	MCAFEE	id:	SB10091	Trust: 1.7
db:	MCAFEE	id:	SB10104	Trust: 1.7
db:	MCAFEE	id:	SB10090	Trust: 1.7
db:	CERT/CC	id:	VU#577193	Trust: 1.7
db:	JUNIPER	id:	JSA10705	Trust: 1.7
db:	BID	id:	70574	Trust: 1.7
db:	CNNVD	id:	CNNVD-201410-267	Trust: 0.7
db:	AUSCERT	id:	ESB-2022.0696	Trust: 0.6
db:	LENOVO	id:	LEN-24443	Trust: 0.6
db:	PACKETSTORM	id:	129614	Trust: 0.2
db:	PACKETSTORM	id:	130332	Trust: 0.2
db:	PACKETSTORM	id:	130125	Trust: 0.2
db:	PACKETSTORM	id:	128732	Trust: 0.2
db:	PACKETSTORM	id:	131009	Trust: 0.1
db:	PACKETSTORM	id:	130184	Trust: 0.1
db:	PACKETSTORM	id:	131051	Trust: 0.1
db:	PACKETSTORM	id:	128838	Trust: 0.1
db:	PACKETSTORM	id:	130217	Trust: 0.1
db:	PACKETSTORM	id:	130296	Trust: 0.1
db:	PACKETSTORM	id:	129150	Trust: 0.1
db:	PACKETSTORM	id:	132084	Trust: 0.1
db:	PACKETSTORM	id:	132573	Trust: 0.1
db:	PACKETSTORM	id:	131354	Trust: 0.1
db:	PACKETSTORM	id:	128969	Trust: 0.1
db:	PACKETSTORM	id:	132469	Trust: 0.1
db:	PACKETSTORM	id:	128669	Trust: 0.1
db:	PACKETSTORM	id:	128866	Trust: 0.1
db:	PACKETSTORM	id:	129265	Trust: 0.1
db:	PACKETSTORM	id:	129217	Trust: 0.1
db:	PACKETSTORM	id:	136599	Trust: 0.1
db:	PACKETSTORM	id:	133640	Trust: 0.1
db:	PACKETSTORM	id:	129263	Trust: 0.1
db:	PACKETSTORM	id:	128921	Trust: 0.1
db:	PACKETSTORM	id:	130759	Trust: 0.1
db:	PACKETSTORM	id:	131011	Trust: 0.1
db:	PACKETSTORM	id:	129065	Trust: 0.1
db:	PACKETSTORM	id:	139063	Trust: 0.1
db:	PACKETSTORM	id:	129266	Trust: 0.1
db:	PACKETSTORM	id:	128863	Trust: 0.1
db:	PACKETSTORM	id:	128730	Trust: 0.1
db:	PACKETSTORM	id:	130298	Trust: 0.1
db:	PACKETSTORM	id:	131690	Trust: 0.1
db:	PACKETSTORM	id:	128770	Trust: 0.1
db:	PACKETSTORM	id:	132641	Trust: 0.1
db:	PACKETSTORM	id:	128733	Trust: 0.1
db:	PACKETSTORM	id:	130816	Trust: 0.1
db:	PACKETSTORM	id:	129528	Trust: 0.1
db:	PACKETSTORM	id:	130052	Trust: 0.1
db:	PACKETSTORM	id:	129294	Trust: 0.1
db:	PACKETSTORM	id:	132470	Trust: 0.1
db:	PACKETSTORM	id:	133836	Trust: 0.1
db:	PACKETSTORM	id:	136577	Trust: 0.1
db:	PACKETSTORM	id:	129242	Trust: 0.1
db:	PACKETSTORM	id:	129401	Trust: 0.1
db:	PACKETSTORM	id:	130304	Trust: 0.1
db:	PACKETSTORM	id:	130334	Trust: 0.1
db:	PACKETSTORM	id:	130549	Trust: 0.1
db:	PACKETSTORM	id:	129427	Trust: 0.1
db:	PACKETSTORM	id:	130085	Trust: 0.1
db:	PACKETSTORM	id:	131008	Trust: 0.1
db:	PACKETSTORM	id:	137652	Trust: 0.1
db:	PACKETSTORM	id:	129071	Trust: 0.1
db:	PACKETSTORM	id:	130046	Trust: 0.1
db:	PACKETSTORM	id:	135908	Trust: 0.1
db:	PACKETSTORM	id:	130086	Trust: 0.1
db:	PACKETSTORM	id:	128769	Trust: 0.1
db:	PACKETSTORM	id:	130141	Trust: 0.1
db:	PACKETSTORM	id:	131535	Trust: 0.1
db:	PACKETSTORM	id:	130181	Trust: 0.1
db:	PACKETSTORM	id:	133368	Trust: 0.1
db:	PACKETSTORM	id:	132942	Trust: 0.1
db:	PACKETSTORM	id:	130070	Trust: 0.1
db:	PACKETSTORM	id:	129318	Trust: 0.1
db:	PACKETSTORM	id:	132965	Trust: 0.1
db:	PACKETSTORM	id:	131790	Trust: 0.1
db:	PACKETSTORM	id:	130818	Trust: 0.1
db:	PACKETSTORM	id:	130817	Trust: 0.1
db:	PACKETSTORM	id:	128771	Trust: 0.1
db:	PACKETSTORM	id:	130050	Trust: 0.1
db:	PACKETSTORM	id:	133600	Trust: 0.1
db:	PACKETSTORM	id:	130072	Trust: 0.1
db:	PACKETSTORM	id:	129120	Trust: 0.1
db:	PACKETSTORM	id:	129426	Trust: 0.1
db:	SEEBUG	id:	SSVID-92692	Trust: 0.1
db:	VULHUB	id:	VHN-71506	Trust: 0.1
db:	PACKETSTORM	id:	130541	Trust: 0.1
db:	PACKETSTORM	id:	130503	Trust: 0.1
db:	PACKETSTORM	id:	132085	Trust: 0.1

sources: VULHUB: VHN-71506 // PACKETSTORM: 128732 // PACKETSTORM: 130541 // PACKETSTORM: 130125 // PACKETSTORM: 130332 // PACKETSTORM: 130503 // PACKETSTORM: 132085 // PACKETSTORM: 129614 // CNNVD: CNNVD-201410-267 // NVD: CVE-2014-3566

REFERENCES

url:	http://support.citrix.com/article/ctx200238	Trust: 2.3
url:	http://rhn.redhat.com/errata/rhsa-2015-0264.html	Trust: 1.8
url:	http://www.ubuntu.com/usn/usn-2486-1	Trust: 1.8
url:	http://www.securitytracker.com/id/1031029	Trust: 1.7
url:	http://www.securitytracker.com/id/1031039	Trust: 1.7
url:	http://www.securitytracker.com/id/1031085	Trust: 1.7
url:	http://www.securitytracker.com/id/1031086	Trust: 1.7
url:	http://www.securitytracker.com/id/1031087	Trust: 1.7
url:	http://www.securitytracker.com/id/1031088	Trust: 1.7
url:	http://www.securitytracker.com/id/1031089	Trust: 1.7
url:	http://www.securitytracker.com/id/1031090	Trust: 1.7
url:	http://www.securitytracker.com/id/1031091	Trust: 1.7
url:	http://www.securitytracker.com/id/1031092	Trust: 1.7
url:	http://www.securitytracker.com/id/1031093	Trust: 1.7
url:	http://www.securitytracker.com/id/1031094	Trust: 1.7
url:	http://www.securitytracker.com/id/1031095	Trust: 1.7
url:	http://www.securitytracker.com/id/1031096	Trust: 1.7
url:	http://www.securitytracker.com/id/1031105	Trust: 1.7
url:	http://www.securitytracker.com/id/1031106	Trust: 1.7
url:	http://www.securitytracker.com/id/1031107	Trust: 1.7
url:	http://www.securitytracker.com/id/1031120	Trust: 1.7
url:	http://www.securitytracker.com/id/1031123	Trust: 1.7
url:	http://www.securitytracker.com/id/1031124	Trust: 1.7
url:	http://www.securitytracker.com/id/1031130	Trust: 1.7
url:	http://www.securitytracker.com/id/1031131	Trust: 1.7
url:	http://www.securitytracker.com/id/1031132	Trust: 1.7
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141015-poodle	Trust: 1.7
url:	http://secunia.com/advisories/59627	Trust: 1.7
url:	http://secunia.com/advisories/60056	Trust: 1.7
url:	http://secunia.com/advisories/60206	Trust: 1.7
url:	http://secunia.com/advisories/60792	Trust: 1.7
url:	http://secunia.com/advisories/60859	Trust: 1.7
url:	http://secunia.com/advisories/61019	Trust: 1.7
url:	http://secunia.com/advisories/61130	Trust: 1.7
url:	http://secunia.com/advisories/61303	Trust: 1.7
url:	http://secunia.com/advisories/61316	Trust: 1.7
url:	http://secunia.com/advisories/61345	Trust: 1.7
url:	http://secunia.com/advisories/61359	Trust: 1.7
url:	http://secunia.com/advisories/61782	Trust: 1.7
url:	http://secunia.com/advisories/61810	Trust: 1.7
url:	http://secunia.com/advisories/61819	Trust: 1.7
url:	http://secunia.com/advisories/61825	Trust: 1.7
url:	http://secunia.com/advisories/61827	Trust: 1.7
url:	http://secunia.com/advisories/61926	Trust: 1.7
url:	http://secunia.com/advisories/61995	Trust: 1.7
url:	http://www.securityfocus.com/bid/70574	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/533724/100/0/threaded	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/533747	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/533746	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/jan/msg00003.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html	Trust: 1.7
url:	http://www.debian.org/security/2014/dsa-3053	Trust: 1.7
url:	http://www.debian.org/security/2015/dsa-3144	Trust: 1.7
url:	http://www.debian.org/security/2015/dsa-3147	Trust: 1.7
url:	http://www.debian.org/security/2015/dsa-3253	Trust: 1.7
url:	http://www.debian.org/security/2016/dsa-3489	Trust: 1.7
url:	http://lists.fedoraproject.org/pipermail/package-announce/2014-november/142330.html	Trust: 1.7
url:	http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141158.html	Trust: 1.7
url:	http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141114.html	Trust: 1.7
url:	http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169374.html	Trust: 1.7
url:	http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169361.html	Trust: 1.7
url:	https://security.gentoo.org/glsa/201507-14	Trust: 1.7
url:	https://security.gentoo.org/glsa/201606-11	Trust: 1.7
url:	http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04583581	Trust: 1.7
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2014:203	Trust: 1.7
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2015:062	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1652.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1653.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1692.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1876.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1877.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1880.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1881.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1882.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1920.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2014-1948.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2015-0068.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2015-0079.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2015-0080.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2015-0085.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2015-0086.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2015-0698.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2015-1545.html	Trust: 1.7
url:	http://rhn.redhat.com/errata/rhsa-2015-1546.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html	Trust: 1.7
url:	http://www.us-cert.gov/ncas/alerts/ta14-290a	Trust: 1.7
url:	http://www.ubuntu.com/usn/usn-2487-1	Trust: 1.7
url:	http://www.kb.cert.org/vuls/id/577193	Trust: 1.7
url:	https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3ccommits.cxf.apache.org%3e	Trust: 1.7
url:	https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3ccommits.cxf.apache.org%3e	Trust: 1.7
url:	https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3ccommits.cxf.apache.org%3e	Trust: 1.7
url:	https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3ccommits.cxf.apache.org%3e	Trust: 1.7
url:	https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3ccommits.cxf.apache.org%3e	Trust: 1.7
url:	https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3ccommits.cxf.apache.org%3e	Trust: 1.7
url:	http://advisories.mageia.org/mgasa-2014-0416.html	Trust: 1.7
url:	http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc	Trust: 1.7
url:	http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566	Trust: 1.7
url:	http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html	Trust: 1.7
url:	http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/	Trust: 1.7
url:	http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx	Trust: 1.7
url:	http://docs.ipswitch.com/moveit/dmz82/releasenotes/moveitreleasenotes82.pdf	Trust: 1.7
url:	http://downloads.asterisk.org/pub/security/ast-2014-011.html	Trust: 1.7
url:	http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html	Trust: 1.7
url:	http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04779034	Trust: 1.7
url:	http://people.canonical.com/~ubuntu-security/cve/2014/cve-2014-3566.html	Trust: 1.7
url:	http://support.apple.com/ht204244	Trust: 1.7
url:	http://www-01.ibm.com/support/docview.wss?uid=isg3t1021431	Trust: 1.7
url:	http://www-01.ibm.com/support/docview.wss?uid=isg3t1021439	Trust: 1.7
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21686997	Trust: 1.7
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21687172	Trust: 1.7
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21687611	Trust: 1.7
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21688283	Trust: 1.7
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21692299	Trust: 1.7
url:	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	Trust: 1.7
url:	http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	Trust: 1.7
url:	http://www.vmware.com/security/advisories/vmsa-2015-0003.html	Trust: 1.7
url:	http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0	Trust: 1.7
url:	http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm	Trust: 1.7
url:	https://access.redhat.com/articles/1232123	Trust: 1.7
url:	https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/	Trust: 1.7
url:	https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6	Trust: 1.7
url:	https://bto.bluecoat.com/security-advisory/sa83	Trust: 1.7
url:	https://bugzilla.mozilla.org/show_bug.cgi?id=1076983	Trust: 1.7
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1152789	Trust: 1.7
url:	https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip	Trust: 1.7
url:	https://github.com/mpgn/poodle-poc	Trust: 1.7
url:	https://groups.google.com/forum/#%21topic/docker-user/oym0i3xshju	Trust: 1.7
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635	Trust: 1.7
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05068681	Trust: 1.7
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05157667	Trust: 1.7
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946	Trust: 1.7
url:	https://ics-cert.us-cert.gov/advisories/icsma-18-058-02	Trust: 1.7
url:	https://puppet.com/security/cve/poodle-sslv3-vulnerability	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20141015-0001/	Trust: 1.7
url:	https://support.apple.com/ht205217	Trust: 1.7
url:	https://support.apple.com/kb/ht6527	Trust: 1.7
url:	https://support.apple.com/kb/ht6529	Trust: 1.7
url:	https://support.apple.com/kb/ht6531	Trust: 1.7
url:	https://support.apple.com/kb/ht6535	Trust: 1.7
url:	https://support.apple.com/kb/ht6536	Trust: 1.7
url:	https://support.apple.com/kb/ht6541	Trust: 1.7
url:	https://support.apple.com/kb/ht6542	Trust: 1.7
url:	https://support.citrix.com/article/ctx216642	Trust: 1.7
url:	https://support.lenovo.com/product_security/poodle	Trust: 1.7
url:	https://support.lenovo.com/us/en/product_security/poodle	Trust: 1.7
url:	https://technet.microsoft.com/library/security/3009008.aspx	Trust: 1.7
url:	https://www-01.ibm.com/support/docview.wss?uid=swg21688165	Trust: 1.7
url:	https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7	Trust: 1.7
url:	https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html	Trust: 1.7
url:	https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html	Trust: 1.7
url:	https://www.elastic.co/blog/logstash-1-4-3-released	Trust: 1.7
url:	https://www.imperialviolet.org/2014/10/14/poodle.html	Trust: 1.7
url:	https://www.openssl.org/news/secadv_20141015.txt	Trust: 1.7
url:	https://www.openssl.org/~bodo/ssl-poodle.pdf	Trust: 1.7
url:	https://www.suse.com/support/kb/doc.php?id=7015773	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html	Trust: 1.7
url:	http://marc.info/?l=bugtraq&m=141814011518700&w=2	Trust: 1.6
url:	http://marc.info/?l=openssl-dev&m=141333049205629&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=143290522027658&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=143290371927178&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141879378918327&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142624590206005&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=143290437727362&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142350196615714&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141703183219781&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141577350823734&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142791032306609&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141813976718456&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141620103726640&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142660345230545&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142350743917559&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=143558137709884&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142607790919348&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=143628269912142&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142804214608580&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142354438527235&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142624619906067&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142296755107581&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=144101915224472&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=143039249603103&w=2	Trust: 1.6
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10104	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142496355704097&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142721830231196&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=143101048219218&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142357976805598&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142740155824959&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141450973807288&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=143558192010071&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141697676231104&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=144251162130364&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141628688425177&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142495837901899&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141576815022399&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141697638231025&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141577087123040&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142962817202793&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=145983526810210&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=144294141001552&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142805027510172&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141715130023061&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141450452204552&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=143290583027876&w=2	Trust: 1.6
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10705	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141775427104070&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142546741516006&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142350298616097&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142624679706236&w=2	Trust: 1.6
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10090	Trust: 1.6
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10091	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141694355519663&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142103967620673&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142624719706349&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=141477196830952&w=2	Trust: 1.6
url:	http://marc.info/?l=bugtraq&m=142721887231400&w=2	Trust: 1.6
url:	ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-015.txt.asc	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=142624619906067	Trust: 1.0
url:	https://templatelab.com/ssl-poodle/	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3566	Trust: 0.7
url:	https://access.redhat.com/security/cve/cve-2014-3566	Trust: 0.7
url:	https://groups.google.com/forum/#!topic/docker-user/oym0i3xshju	Trust: 0.6
url:	https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3ccommits.cxf.apache.org%3e	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0085	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0086	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2014:1920	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0079	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0080	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0069	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0067	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0068	Trust: 0.6
url:	https://access.redhat.com/errata/rhba-2014:1857	Trust: 0.6
url:	https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3ccommits.cxf.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3ccommits.cxf.apache.org%3e	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0264	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0012	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0010	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:0011	Trust: 0.6
url:	https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3ccommits.cxf.apache.org%3e	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2014:1880	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2014:1882	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2014:1881	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2014:1877	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2014:1876	Trust: 0.6
url:	https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3ccommits.cxf.apache.org%3e	Trust: 0.6
url:	https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3ccommits.cxf.apache.org%3e	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:1545	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2015:1546	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-datacap-taskmaster-capture-is-affected-by-vulnerable-to-appscans-sslv3-client-hello-with-cbc-cipher-suites-that-contain-tls_fallback_scsv-3/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0696	Trust: 0.6
url:	https://support.lenovo.com/us/en/solutions/len-24443	Trust: 0.6
url:	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/	Trust: 0.4
url:	http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins	Trust: 0.4
url:	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3567	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3508	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3513	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3568	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3509	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-5139	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3511	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6585	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6587	Trust: 0.2
url:	http://marc.info/?l=bugtraq&m=141577350823734&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141576815022399&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141620103726640&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141697638231025&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141703183219781&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141697676231104&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141775427104070&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141814011518700&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141715130023061&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141813976718456&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142118135300698&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142296755107581&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142354438527235&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142350743917559&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142350196615714&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142350298616097&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142357976805598&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142962817202793&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=143290371927178&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=144294141001552&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=145983526810210&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141450973807288&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142721887231400&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142660345230545&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142804214608580&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141450452204552&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141628688425177&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141577087123040&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141694355519663&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141879378918327&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=143290583027876&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=143628269912142&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=143039249603103&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142624619906067&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142495837901899&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=143290522027658&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142624719706349&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=143290437727362&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142624590206005&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142624679706236&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142740155824959&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142721830231196&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142791032306609&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=144101915224472&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142103967620673&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=143558137709884&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=143558192010071&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142805027510172&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142546741516006&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=144251162130364&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=141477196830952&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=143101048219218&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142496355704097&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142624619906067	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=142607790919348&w=2	Trust: 0.1
url:	http://marc.info/?l=openssl-dev&m=141333049205629&w=2	Trust: 0.1
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10705	Trust: 0.1
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10090	Trust: 0.1
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10091	Trust: 0.1
url:	https://kc.mcafee.com/corporate/index?page=content&id=sb10104	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	http://gpgtools.org	Trust: 0.1
url:	http://support.apple.com/kb/ht1222	Trust: 0.1
url:	http://www.hp.com/swpublishing/mtx-0c9e74c0cd5a48b4a537e63427	Trust: 0.1
url:	http://www.hp.com/swpublishing/mtx-a7973a3813bf47d8afdb053b58	Trust: 0.1
url:	http://www.hp.com/swpublishing/mtx-b41f3bc307ee43d39a172d249f	Trust: 0.1
url:	http://www.hp.com/swpublishing/mtx-0d22e1c193434997889fa62736	Trust: 0.1
url:	https://h20566.www2.hp.com/hpsc/swd/public/detail?switemid=mtx_00eb9ac82e864	Trust: 0.1
url:	https://h20566.www2.hp.com/hpsc/swd/public/detail?switemid=mtx_34bcab41ac7e4	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.10.04.1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-0407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-0412	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6591	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-0408	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-0400	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.12.04.1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-0383	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6593	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6601	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-0395	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-0410	Trust: 0.1
url:	https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetse	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6531	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4244	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4263	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6587	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4227	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4219	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4263	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6532	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-0403	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-0407	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6511	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4244	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6558	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-8892	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6457	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3065	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4218	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6493	Trust: 0.1
url:	https://access.redhat.com/security/updates/classification/#low	Trust: 0.1
url:	https://www.ibm.com/developerworks/java/jdk/alerts/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4265	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4288	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6593	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6503	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4288	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-3068	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6532	Trust: 0.1
url:	https://access.redhat.com/articles/11258	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6457	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6512	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6531	Trust: 0.1
url:	https://access.redhat.com/security/team/contact/	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4227	Trust: 0.1
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-0406	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4252	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6511	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-3065	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4265	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6458	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4262	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6502	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-0412	Trust: 0.1
url:	https://bugzilla.redhat.com/):	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-0395	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4218	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4262	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6492	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6493	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6503	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6502	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-0408	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4219	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6506	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6558	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6585	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6515	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6506	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4209	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-4252	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-8891	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6515	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-0410	Trust: 0.1
url:	https://access.redhat.com/security/team/key/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3068	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-6591	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6458	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6492	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-6512	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4209	Trust: 0.1
url:	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_	Trust: 0.1
url:	https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber	Trust: 0.1
url:	https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea	Trust: 0.1

CREDITS

Trust: 0.4

sources: PACKETSTORM: 130541 // PACKETSTORM: 130332 // PACKETSTORM: 132085 // PACKETSTORM: 129614

SOURCES

db:	VULHUB	id:	VHN-71506
db:	PACKETSTORM	id:	128732
db:	PACKETSTORM	id:	130541
db:	PACKETSTORM	id:	130125
db:	PACKETSTORM	id:	130332
db:	PACKETSTORM	id:	130503
db:	PACKETSTORM	id:	132085
db:	PACKETSTORM	id:	129614
db:	CNNVD	id:	CNNVD-201410-267
db:	NVD	id:	CVE-2014-3566

LAST UPDATE DATE

2025-02-20T21:54:41.499000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-71506	date:	2023-02-13T00:00:00
db:	CNNVD	id:	CNNVD-201410-267	date:	2023-04-12T00:00:00
db:	NVD	id:	CVE-2014-3566	date:	2024-11-27T20:15:18.447

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-71506	date:	2014-10-15T00:00:00
db:	PACKETSTORM	id:	128732	date:	2014-10-17T15:10:30
db:	PACKETSTORM	id:	130541	date:	2015-02-26T17:12:16
db:	PACKETSTORM	id:	130125	date:	2015-01-28T00:26:54
db:	PACKETSTORM	id:	130332	date:	2015-02-10T05:26:51
db:	PACKETSTORM	id:	130503	date:	2015-02-24T17:01:19
db:	PACKETSTORM	id:	132085	date:	2015-05-29T23:37:43
db:	PACKETSTORM	id:	129614	date:	2014-12-17T18:27:15
db:	CNNVD	id:	CNNVD-201410-267	date:	2014-10-15T00:00:00
db:	NVD	id:	CVE-2014-3566	date:	2014-10-15T00:55:02.137