ID

VAR-201605-0037


CVE

CVE-2016-2176


TITLE

OpenSSL of crypto/x509/x509_obj.c of X509_NAME_oneline Vulnerability in function that can retrieve important information from process stack memory

Trust: 0.8

sources: JVNDB: JVNDB-2016-002477

DESCRIPTION

The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data. OpenSSL is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Following product versions are affected: OpenSSL versions 1.0.2 prior to 1.0.2h OpenSSL versions 1.0.1 prior to 1.0.1t. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03756en_us Version: 1 HPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2017-06-05 Last Updated: 2017-06-05 Potential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities with OpenSSL have been addressed for HPE network products including Comware 7, iMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. References: - CVE-2016-2105 - Remote Denial of Service (DoS) - CVE-2016-2106 - Remote Denial of Service (DoS) - CVE-2016-2107 - Remote disclosure of sensitive information - CVE-2016-2108 - Remote Denial of Service (DoS) - CVE-2016-2109 - Remote Denial of Service (DoS) - CVE-2016-2176 - Remote Denial of Service (DoS) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - VCX Products All versions - Please refer to the RESOLUTION below for a list of updated products. - Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION below for a list of updated products. - HP Intelligent Management Center (iMC) All versions - Please refer to the RESOLUTION below for a list of updated products. BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2016-2105 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-2106 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-2107 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-2108 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-2109 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C) CVE-2016-2176 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 RESOLUTION HPE has made the following software updates available to resolve the vulnerabilities in the Comware 7, iMC and VCX products running OpenSSL. **COMWARE 7 Products** + 12500 (Comware 7) - Version: R7377P02 * HP Network Products - JC072B HP 12500 Main Processing Unit - JC085A HP A12518 Switch Chassis - JC086A HP A12508 Switch Chassis - JC652A HP 12508 DC Switch Chassis - JC653A HP 12518 DC Switch Chassis - JC654A HP 12504 AC Switch Chassis - JC655A HP 12504 DC Switch Chassis - JF430A HP A12518 Switch Chassis - JF430B HP 12518 Switch Chassis - JF430C HP 12518 AC Switch Chassis - JF431A HP A12508 Switch Chassis - JF431B HP 12508 Switch Chassis - JF431C HP 12508 AC Switch Chassis - JG497A HP 12500 MPU w/Comware V7 OS - JG782A HP FF 12508E AC Switch Chassis - JG783A HP FF 12508E DC Switch Chassis - JG784A HP FF 12518E AC Switch Chassis - JG785A HP FF 12518E DC Switch Chassis - JG802A HP FF 12500E MPU * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 10500 (Comware 7) - Version: R7184 * HP Network Products - JC611A HP 10508-V Switch Chassis - JC612A HP 10508 Switch Chassis - JC613A HP 10504 Switch Chassis - JC748A HP 10512 Switch Chassis - JG608A HP FlexFabric 11908-V Switch Chassis - JG609A HP FlexFabric 11900 Main Processing Unit - JG820A HP 10504 TAA Switch Chassis - JG821A HP 10508 TAA Switch Chassis - JG822A HP 10508-V TAA Switch Chassis - JG823A HP 10512 TAA Switch Chassis - JG496A HP 10500 Type A MPU w/Comware v7 OS - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5900/5920 (Comware 7) - Version: R2422P02 * HP Network Products - JC772A HP 5900AF-48XG-4QSFP+ Switch - JG296A HP 5920AF-24XG Switch - JG336A HP 5900AF-48XGT-4QSFP+ Switch - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch - JG555A HP 5920AF-24XG TAA Switch - JG838A HP FF 5900CP-48XG-4QSFP+ Switch - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + MSR1000 (Comware 7) - Version: R0306P52 * HP Network Products - JG875A HP MSR1002-4 AC Router - JH060A HP MSR1003-8S AC Router * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + MSR2000 (Comware 7) - Version: R0306P52 * HP Network Products - JG411A HP MSR2003 AC Router - JG734A HP MSR2004-24 AC Router - JG735A HP MSR2004-48 Router - JG866A HP MSR2003 TAA-compliant AC Router * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + MSR3000 (Comware 7) - Version: R0306P52 * HP Network Products - JG404A HP MSR3064 Router - JG405A HP MSR3044 Router - JG406A HP MSR3024 AC Router - JG407A HP MSR3024 DC Router - JG408A HP MSR3024 PoE Router - JG409A HP MSR3012 AC Router - JG410A HP MSR3012 DC Router - JG861A HP MSR3024 TAA-compliant AC Router * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + MSR4000 (Comware 7) - Version: R0306P52 * HP Network Products - JG402A HP MSR4080 Router Chassis - JG403A HP MSR4060 Router Chassis - JG412A HP MSR4000 MPU-100 Main Processing Unit - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + VSR (Comware 7) - Version: E0324 * HP Network Products - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software - JG811AAE HP VSR1001 Comware 7 Virtual Services Router - JG812AAE HP VSR1004 Comware 7 Virtual Services Router - JG813AAE HP VSR1008 Comware 7 Virtual Services Router * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 7900 (Comware 7) - Version: R2152 * HP Network Products - JG682A HP FlexFabric 7904 Switch Chassis - JG841A HP FlexFabric 7910 Switch Chassis - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5130 (Comware 7) - Version: R3115 * HP Network Products - JG932A HP 5130-24G-4SFP+ EI Switch - JG933A HP 5130-24G-SFP-4SFP+ EI Switch - JG934A HP 5130-48G-4SFP+ EI Switch - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch - JG938A HP 5130-24G-2SFP+-2XGT EI Switch - JG939A HP 5130-48G-2SFP+-2XGT EI Switch - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch - JG975A HP 5130-24G-4SFP+ EI Brazil Switch - JG976A HP 5130-48G-4SFP+ EI Brazil Switch - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 6125XLG - Version: R2422P02 * HP Network Products - 711307-B21 HP 6125XLG Blade Switch - 737230-B21 HP 6125XLG Blade Switch with TAA * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 6127XLG - Version: R2422P02 * HP Network Products - 787635-B21 HP 6127XLG Blade Switch Opt Kit - 787635-B22 HP 6127XLG Blade Switch with TAA * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + Moonshot - Version: R2432 * HP Network Products - 786617-B21 - HP Moonshot-45Gc Switch Module - 704654-B21 - HP Moonshot-45XGc Switch Module - 786619-B21 - HP Moonshot-180XGc Switch Module * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5700 (Comware 7) - Version: R2422P02 * HP Network Products - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5930 (Comware 7) - Version: R2422P02 * HP Network Products - JG726A HP FlexFabric 5930 32QSFP+ Switch - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch - JH179A HP FlexFabric 5930 4-slot Switch - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 1950 (Comware 7) - Version: R3115 * HP Network Products - JG960A HP 1950-24G-4XG Switch - JG961A HP 1950-48G-2SFP+-2XGT Switch - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 7500 (Comware 7) - Version: R7184 * HP Network Products - JD238C HP 7510 Switch Chassis - JD239C HP 7506 Switch Chassis - JD240C HP 7503 Switch Chassis - JD242C HP 7502 Switch Chassis - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit - JH208A HP 7502 Main Processing Unit - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5510HI (Comware 7) - Version: R1120P10 * HP Network Products - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5130HI (Comware 7) - Version: R1120P10 * HP Network Products - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5940 - Version: R2509 * HP Network Products - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch - JH396A HPE FlexFabric 5940 32QSFP+ Switch - JH397A HPE FlexFabric 5940 2-slot Switch - JH398A HPE FlexFabric 5940 4-slot Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5950 - Version: R6123 * HP Network Products - JH321A HPE FlexFabric 5950 32QSFP28 Switch - JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch - JH404A HPE FlexFabric 5950 4-slot Switch + 12900E (Comware 7) - Version: R2609 * HP Network Products - JG619A HP FlexFabric 12910 Switch AC Chassis - JG621A HP FlexFabric 12910 Main Processing Unit - JG632A HP FlexFabric 12916 Switch AC Chassis - JG634A HP FlexFabric 12916 Main Processing Unit - JH104A HP FlexFabric 12900E Main Processing Unit - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit - JH263A HP FlexFabric 12904E Main Processing Unit - JH255A HP FlexFabric 12908E Switch Chassis - JH262A HP FlexFabric 12904E Switch Chassis - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis - JH103A HP FlexFabric 12916E Switch Chassis * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 **iMC Products** + iNode PC 7.2 (E0410) - Version: 7.2 E0410 * HP Network Products - JD144A HP A-IMC User Access Management Software Module with 200-user License - JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License - JD435A HP A-IMC Endpoint Admission Defense Client Software - JF388A HP IMC User Authentication Management Software Module with 200-user License - JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU - JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License - JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU - JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU - JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU * CVEs - CVE-2016-2106 - CVE-2016-2109 - CVE-2016-2176 + iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409 * HP Network Products - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU * CVEs - CVE-2016-2106 - CVE-2016-2109 - CVE-2016-2176 **VCX Products** + VCX - Version: 9.8.19 * HP Network Products - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr - JC517A HP VCX V7205 Platform w/DL 360 G6 Server - JE355A HP VCX V6000 Branch Platform 9.0 - JC516A HP VCX V7005 Platform w/DL 120 G6 Server - JC518A HP VCX Connect 200 Primry 120 G6 Server - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr - JE341A HP VCX Connect 100 Secondary - JE252A HP VCX Connect Primary MIM Module - JE253A HP VCX Connect Secondary MIM Module - JE254A HP VCX Branch MIM Module - JE355A HP VCX V6000 Branch Platform 9.0 - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod - JD023A HP MSR30-40 Router with VCX MIM Module - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS - JE340A HP VCX Connect 100 Pri Server 9.0 - JE342A HP VCX Connect 100 Sec Server 9.0 * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 **Note:** Please contact HPE Technical Support if any assistance is needed acquiring the software updates. HISTORY Version:1 (rev.1) - 2 June 2017 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:17.openssl Security Advisory The FreeBSD Project Topic: Multiple OpenSSL vulnerabilities Category: contrib Module: openssl Announced: 2016-05-04 Credits: OpenSSL Project Affects: All supported versions of FreeBSD. Corrected: 2016-05-03 18:54:20 UTC (stable/10, 10.3-STABLE) 2016-05-04 15:25:47 UTC (releng/10.3, 10.3-RELEASE-p2) 2016-05-04 15:26:23 UTC (releng/10.2, 10.2-RELEASE-p16) 2016-05-04 15:27:09 UTC (releng/10.1, 10.1-RELEASE-p33) 2016-05-04 06:53:02 UTC (stable/9, 9.3-STABLE) 2016-05-04 15:27:09 UTC (releng/9.3, 9.3-RELEASE-p41) CVE Name: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, CVE-2016-2176 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. I. Background FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. II. [CVE-2016-2176] FreeBSD does not run on any EBCDIC systems and therefore is not affected. III. IV. Workaround No workaround is available. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Restart all daemons that use the library, or reboot the system. 2) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Restart all daemons that use the library, or reboot the system. 3) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 10.x] # fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch # fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-10.patch.asc # gpg --verify openssl-10.patch.asc [FreeBSD 9.3] # fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patc # fetch https://security.FreeBSD.org/patches/SA-16:17/openssl-9.patch.asc # gpg --verify openssl-9.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. Restart all daemons that use the library, or reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/9/ r299053 releng/9.3/ r299068 stable/10/ r298999 releng/10.1/ r299068 releng/10.2/ r299067 releng/10.3/ r299066 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. References <URL:https://www.openssl.org/news/secadv/20160503.txt> <URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105> <URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106> <URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107> <URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109> <URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2176> The latest revision of this advisory is available at <URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:17.openssl.asc> -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJXKjuIAAoJEO1n7NZdz2rneZoP/jqsWr9q5MkCel2aZzfmSVhU 8CjzPwm3t48ibZqrkolAak4dbjJGhidUM/S83BvIcCdtKWyoG8D0fzemB7bBIP2L fqvd1314vuy82CgZlAyJIqzokckUPfyHhTAz9FPZW46f8A+s8znzJcaaD81tt1Xe qg9JZ61e2DZJ2NdZSJSjOpBl55gZqQq3tIwGYw027GKjiflJSvOG1n/531R4rppI x0IZpLor7XBWuiC44hPc4yasC4khWzmdaRpqcUoWVEex8g6Il6xByS2o4AgX7kE/ NBZ0mj4IMYZNQW4VUYbnkmLtWXJYYScboBKh4FRljNCG/t5u/YoSfOY8SbS9LT9K KVj56C6tQRq+/frKbPt26HbqqRTFNVn3FKxJWNQ9CLzsebobXPUYATTN2NVC8gkj S0A/lT2xnvA2YqB9HfmHOvlHS2LDv8SivJWNK4dCPOwhVm624H4qH/N+VFcwU7zc ue+BPvDYU/czsyoJDdQoWxTdkreaOY6eLAWkYAh9dEDIkZSOxgsZR7C4th6THXMu ybIy544elc3bf9vS4tGR552Wi9VntE0B1/LJ2la8l+MnYE6qZL1hbAYpvNyuPWVP EDPjOc4inaMpV62fuL1UrKH1g1HMmFUnoWhC70iS+cuLeXWFdvwBFyL420Ixkd5H zvcsfJCrazlcZ6j83Qfd =PGTh -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201612-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 1.0.2j >= 1.0.2j Description =========== Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j" References ========== [ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201612-16 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz: Upgraded. This update fixes the following security issues: Memory corruption in the ASN.1 encoder (CVE-2016-2108) Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) EVP_EncodeUpdate overflow (CVE-2016-2105) EVP_EncryptUpdate overflow (CVE-2016-2106) ASN.1 BIO excessive memory allocation (CVE-2016-2109) EBCDIC overread (CVE-2016-2176) For more information, see: https://www.openssl.org/news/secadv/20160503.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2105 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2109 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2176 (* Security fix *) patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz: Upgraded. +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1t-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.0.txz Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1t-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1t-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1t-i486-1_slack14.1.txz Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1t-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.2h-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.2h-i586-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2h-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.2h-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 packages: 033bd9509aeb07712e6bb3adf89c18e4 openssl-1.0.1t-i486-1_slack14.0.txz 9e91d781e33f7af80cbad08b245e84ed openssl-solibs-1.0.1t-i486-1_slack14.0.txz Slackware x86_64 14.0 packages: e5c77ec16e3f2fcb2f1d53d84a6ba951 openssl-1.0.1t-x86_64-1_slack14.0.txz 2de7b6196a905233036d7f38008984bd openssl-solibs-1.0.1t-x86_64-1_slack14.0.txz Slackware 14.1 packages: 96dcae05ae2f585c30de852a55eb870f openssl-1.0.1t-i486-1_slack14.1.txz 59618b061e62fd9d73ba17df7626b2e7 openssl-solibs-1.0.1t-i486-1_slack14.1.txz Slackware x86_64 14.1 packages: 3d5ebfce099917703d537ab603e58a9b openssl-1.0.1t-x86_64-1_slack14.1.txz bf3a6bbdbe835dd2ce73333822cc9f06 openssl-solibs-1.0.1t-x86_64-1_slack14.1.txz Slackware -current packages: 4889a10c5f3aa7104167c7d50eedf7ea a/openssl-solibs-1.0.2h-i586-1.txz 8e3439f35c3cb4e11ca64eebb238a52f n/openssl-1.0.2h-i586-1.txz Slackware x86_64 -current packages: b4a852bb7e86389ec228288ccb7e79bb a/openssl-solibs-1.0.2h-x86_64-1.txz bcf9dc7bb04173f002644e3ce33ab4ab n/openssl-1.0.2h-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg openssl-1.0.1t-i486-1_slack14.1.txz openssl-solibs-1.0.1t-i486-1_slack14.1.txz Then, reboot the machine or restart any network services that use OpenSSL. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. This could lead to a heap corruption. This could lead to a heap corruption. CVE-2016-2108 David Benjamin from Google discovered that two separate bugs in the ASN.1 encoder, related to handling of negative zero integer values and large universal tags, could lead to an out-of-bounds write. For the unstable distribution (sid), these problems have been fixed in version 1.0.2h-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004 OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following: apache_mod_php Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in PHP versions prior to 5.5.36. These were addressed by updating PHP to version 5.5.36. CVE-2016-4650 Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc. CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900 OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- . The bug causing the vulnerability was fixed on April 18th 2015, and released as part of the June 11th 2015 security releases. The security impact of the bug was not known at the time. In previous versions of OpenSSL, ASN.1 encoding the value zero represented as a negative integer can cause a buffer underflow with an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does not normally create "negative zeroes" when parsing ASN.1 input, and therefore, an attacker cannot trigger this bug. However, a second, independent bug revealed that the ASN.1 parser (specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag as a negative zero value. Large universal tags are not present in any common ASN.1 structures (such as X509) but are accepted as part of ANY structures. Therefore, if an application deserializes untrusted ASN.1 structures containing an ANY field, and later reserializes them, an attacker may be able to trigger an out-of-bounds write. This has been shown to cause memory corruption that is potentially exploitable with some malloc implementations. Applications that parse and re-encode X509 certificates are known to be vulnerable. Applications that verify RSA signatures on X509 certificates may also be vulnerable; however, only certificates with valid signatures trigger ASN.1 re-encoding and hence the bug. Specifically, since OpenSSL's default TLS X509 chain verification code verifies the certificate chain from root to leaf, TLS handshakes could only be targeted with valid certificates issued by trusted Certification Authorities. OpenSSL 1.0.2 users should upgrade to 1.0.2c OpenSSL 1.0.1 users should upgrade to 1.0.1o This vulnerability is a combination of two bugs, neither of which individually has security impact. The first bug (mishandling of negative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala (Red Hat) and independently by Hanno Böck in April 2015. The second issue (mishandling of large universal tags) was found using libFuzzer, and reported on the public issue tracker on March 1st 2016. The fact that these two issues combined present a security vulnerability was reported by David Benjamin (Google) on March 31st 2016. The fixes were developed by Steve Henson of the OpenSSL development team, and David Benjamin. The OpenSSL team would also like to thank Mark Brand and Ian Beer from the Google Project Zero team for their careful analysis of the impact. The fix for the "negative zero" memory corruption bug can be identified by commits 3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2) and 32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1) Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) ====================================================== Severity: High A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI. This issue was introduced as part of the fix for Lucky 13 padding attack (CVE-2013-0169). The padding check was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes. OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 13th of April 2016 by Juraj Somorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx of the OpenSSL development team. EVP_EncodeUpdate overflow (CVE-2016-2105) ========================================= Severity: Low An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. If an attacker is able to supply very large amounts of input data then a length check can overflow resulting in a heap corruption. Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the PEM_write_bio* family of functions. These are mainly used within the OpenSSL command line applications. These internal uses are not considered vulnerable because all calls are bounded with length checks so no overflow is possible. User applications that call these APIs directly with large amounts of untrusted data may be vulnerable. (Note: Initial analysis suggested that the PEM_write_bio* were vulnerable, and this is reflected in the patch commit message. This is no longer believed to be the case). OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team. EVP_EncryptUpdate overflow (CVE-2016-2106) ========================================== Severity: Low An overflow can occur in the EVP_EncryptUpdate() function. If an attacker is able to supply very large amounts of input data after a previous call to EVP_EncryptUpdate() with a partial block then a length check can overflow resulting in a heap corruption. Following an analysis of all OpenSSL internal usage of the EVP_EncryptUpdate() function all usage is one of two forms. The first form is where the EVP_EncryptUpdate() call is known to be the first called function after an EVP_EncryptInit(), and therefore that specific call must be safe. The second form is where the length passed to EVP_EncryptUpdate() can be seen from the code to be some small value and therefore there is no possibility of an overflow. Since all instances are one of these two forms, it is believed that there can be no overflows in internal code due to this problem. It should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths. Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances of these calls have also been analysed too and it is believed there are no instances in internal usage where an overflow could occur. This could still represent a security issue for end user code that calls this function directly. OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team. ASN.1 BIO excessive memory allocation (CVE-2016-2109) ===================================================== Severity: Low When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory. Any application parsing untrusted data through d2i BIO functions is affected. The memory based functions such as d2i_X509() are *not* affected. Since the memory based functions are used by the TLS library, TLS applications are not affected. OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. The fix was developed by Stephen Henson of the OpenSSL development team. EBCDIC overread (CVE-2016-2176) =============================== Severity: Low ASN1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer. OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team. Note ==== As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade. Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20160503.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html

Trust: 2.61

sources: NVD: CVE-2016-2176 // JVNDB: JVNDB-2016-002477 // BID: 89746 // VULMON: CVE-2016-2176 // PACKETSTORM: 142803 // PACKETSTORM: 136919 // PACKETSTORM: 140056 // PACKETSTORM: 136912 // PACKETSTORM: 136893 // PACKETSTORM: 137958 // PACKETSTORM: 169652

AFFECTED PRODUCTS

vendor:opensslmodel:opensslscope:eqversion:1.0.2d

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:1.0.2c

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:1.0.2e

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:1.0.2

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:1.0.2a

Trust: 1.6

vendor:opensslmodel:opensslscope:eqversion:1.0.2b

Trust: 1.6

vendor:opensslmodel:opensslscope:lteversion:1.0.1s

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.2g

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.2f

Trust: 1.0

vendor:oraclemodel:commerce guided search / oracle commerce experience managerscope:eqversion:6.5.1

Trust: 0.8

vendor:oraclemodel:transportation managementscope:eqversion:6.2

Trust: 0.8

vendor:necmodel:esmpro/serveragentservicescope:eqversion:all versions (linux)

Trust: 0.8

vendor:oraclemodel:commerce guided search / oracle commerce experience managerscope:eqversion:6.3.0

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:enterprise v8.2 to v9.4

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v8.0

Trust: 0.8

vendor:necmodel:ip38x/3000scope: - version: -

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:foundation v8.2 to v8.5

Trust: 0.8

vendor:necmodel:websamscope:eqversion:6.2

Trust: 0.8

vendor:necmodel:ip38x/3500scope: - version: -

Trust: 0.8

vendor:necmodel:ip38x/fw120scope: - version: -

Trust: 0.8

vendor:oraclemodel:transportation managementscope:eqversion:6.1

Trust: 0.8

vendor:necmodel:ip38x/1200scope: - version: -

Trust: 0.8

vendor:oraclemodel:primavera p6 professional project managementscope:eqversion:8.3

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v3.0

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:st ard v8.2 to v9.4

Trust: 0.8

vendor:opensslmodel:opensslscope:ltversion:1.0.1

Trust: 0.8

vendor:necmodel:enterprisedirectoryserverscope:eqversion:ver6.1 to v8.0

Trust: 0.8

vendor:necmodel:secureware/pki application development kitscope:eqversion:ver3.2

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v3.1

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v6.2

Trust: 0.8

vendor:necmodel:websamscope:eqversion:netvisorpro 6.1

Trust: 0.8

vendor:necmodel:ip38x/810scope: - version: -

Trust: 0.8

vendor:necmodel:webotx enterprise service busscope:eqversion:v8.2 to v9.3

Trust: 0.8

vendor:necmodel:ip38x/n500scope: - version: -

Trust: 0.8

vendor:oraclemodel:primavera p6 professional project managementscope:eqversion:15.x

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:/sg series sg3600lm/lg/lj v6.1

Trust: 0.8

vendor:oraclemodel:commerce guided search / oracle commerce experience managerscope:eqversion:6.2.2

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:/sg series intersecvm/sg v1.2

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v7.0

Trust: 0.8

vendor:necmodel:ip38x/1210scope: - version: -

Trust: 0.8

vendor:oraclemodel:primavera p6 professional project managementscope:eqversion:16.x

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:express v8.2 to v9.4

Trust: 0.8

vendor:oraclemodel:e-business suitescope:eqversion:12.1.3

Trust: 0.8

vendor:oraclemodel:commerce guided search / oracle commerce experience managerscope:eqversion:6.4.1.2

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v7.1

Trust: 0.8

vendor:opensslmodel:opensslscope:eqversion:1.0.1t

Trust: 0.8

vendor:oraclemodel:commerce guided search / oracle commerce experience managerscope:eqversion:6.5.2

Trust: 0.8

vendor:necmodel:capssuitescope:eqversion:v3.0 to v4.0

Trust: 0.8

vendor:necmodel:univergescope:eqversion:business connect v7.1.1

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v4.0

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.11 and later

Trust: 0.8

vendor:opensslmodel:opensslscope:ltversion:1.0.2

Trust: 0.8

vendor:necmodel:ip38x/5000scope: - version: -

Trust: 0.8

vendor:necmodel:websamscope:eqversion:7.0

Trust: 0.8

vendor:necmodel:ip38x/sr100scope: - version: -

Trust: 0.8

vendor:oraclemodel:commerce guided search / oracle commerce experience managerscope:eqversion:6.5.0

Trust: 0.8

vendor:oraclemodel:primavera p6 professional project managementscope:eqversion:8.4

Trust: 0.8

vendor:opensslmodel:opensslscope:eqversion:1.0.2h

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v8.2

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:/sg series univerge sg3000lg/lj

Trust: 0.8

vendor:ciscomodel:registered envelope servicescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence video communication serverscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:paging serverscope:neversion:11.5.1

Trust: 0.6

vendor:ciscomodel:nexus series switches 5.2 sv3scope:neversion:1000v

Trust: 0.6

vendor:ciscomodel:network performance analyticsscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ironport encryption appliancescope:eqversion:0

Trust: 0.6

vendor:opensslmodel:opensslscope:eqversion:1.0.1s

Trust: 0.6

vendor:ciscomodel:spa51x series ip phonesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mate collectorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ata series analog terminal adaptorscope:eqversion:1900

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:eqversion:30000

Trust: 0.3

vendor:ciscomodel:network health frameworkscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence server on virtual machinescope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:spa232d multi-line dect atascope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.2

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5.2(1)

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.2.1

Trust: 0.3

vendor:ciscomodel:unified series ip phonesscope:neversion:780011.5.2

Trust: 0.3

vendor:ciscomodel:clean access managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:neversion:6.8

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:10.5(3.10000.9)

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.3.0.2

Trust: 0.3

vendor:freebsdmodel:10.2-release-p8scope: - version: -

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:eqversion:10.6(3)

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.3

Trust: 0.3

vendor:ciscomodel:proactive network operations centerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence server mr2scope:neversion:87104.2

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:4.0.2

Trust: 0.3

vendor:ciscomodel:video distribution suite for internet streamingscope:neversion:4.3.2

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.2

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.53

Trust: 0.3

vendor:ciscomodel:emergency responderscope:neversion:11.5

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.6.0

Trust: 0.3

vendor:ciscomodel:video surveillance media serverscope:eqversion:0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1escope: - version: -

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:neversion:6.8.2

Trust: 0.3

vendor:ciscomodel:nexus series blade switches 0.9.8zfscope:neversion:4000

Trust: 0.3

vendor:ciscomodel:telepresence isdn linkscope:neversion:1.1.6

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2gscope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0.1

Trust: 0.3

vendor:ciscomodel:tandberg codian isdn gwscope:eqversion:32400

Trust: 0.3

vendor:ibmmodel:cognos insight fp ifscope:neversion:10.216

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1ascope: - version: -

Trust: 0.3

vendor:ciscomodel:telepresence sx seriesscope:neversion:7.3.7

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5.1.6

Trust: 0.3

vendor:ciscomodel:unified intelligent contact management enterprisescope:neversion:11.51

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:85100

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5.1.131

Trust: 0.3

vendor:ciscomodel:unified workforce optimizationscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.1

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:12.1.4

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:neversion:6.8.1

Trust: 0.3

vendor:ciscomodel:mediasense 9.0scope: - version: -

Trust: 0.3

vendor:ibmmodel:abyp-4tl-pscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational tauscope:eqversion:4.35

Trust: 0.3

vendor:ibmmodel:cognos business intelligence interim fixscope:neversion:10.1.119

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:asr seriesscope:eqversion:50000

Trust: 0.3

vendor:ibmmodel:aspera sharesscope:neversion:1.9.6

Trust: 0.3

vendor:freebsdmodel:10.1-release-p26scope: - version: -

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:eqversion:3400

Trust: 0.3

vendor:ciscomodel:enterprise content delivery systemscope:neversion:2.6.8

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.2.0.2

Trust: 0.3

vendor:ciscomodel:prime collaboration assurance sp1scope:neversion:11.5

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp3scope:eqversion:4.0.1

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:10.5(1)

Trust: 0.3

vendor:ciscomodel:unified contact center enterprisescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:88310

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.11

Trust: 0.3

vendor:ciscomodel:intelligent automation for cloudscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:jabber guestscope:eqversion:10.0(2)

Trust: 0.3

vendor:ibmmodel:cognos insight fpscope:neversion:10.2.26

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:7.5.0.1

Trust: 0.3

vendor:freebsdmodel:10.1-release-p5scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified ip phonesscope:eqversion:69010

Trust: 0.3

vendor:ciscomodel:prime security managerscope:neversion:9.5.4.3

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.13-34

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.1.1

Trust: 0.3

vendor:ibmmodel:flex system fc3171 8gb san pass-thruscope:eqversion:9.1

Trust: 0.3

vendor:ciscomodel:im and presence servicescope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:ata analog telephone adaptorscope:neversion:1879.2.5

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.1.0.15

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp15scope:eqversion:4.0.0

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5(2)

Trust: 0.3

vendor:ciscomodel:jabber guestscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:real-time compression appliancescope:eqversion:4.1.2

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.4.0.1

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:eqversion:4.2.0.3

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:5.2

Trust: 0.3

vendor:ciscomodel:prime license managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ucs central 1.5scope:neversion: -

Trust: 0.3

vendor:ciscomodel:prime collaboration deploymentscope:neversion:11.5

Trust: 0.3

vendor:ibmmodel:mobile foundation consumer editionscope:eqversion:6.2.0.1

Trust: 0.3

vendor:ciscomodel:web security appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:series ip phones vpn featurescope:neversion:8800-11.5.2

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.2

Trust: 0.3

vendor:ciscomodel:visual quality experience serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:filenet system monitorscope:eqversion:4.5

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1tscope:neversion: -

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for windowsscope:neversion:4.3

Trust: 0.3

vendor:ciscomodel:content security management appliancescope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p28scope: - version: -

Trust: 0.3

vendor:ciscomodel:agent for openflowscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.4.0

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.1

Trust: 0.3

vendor:ciscomodel:webex recording playback clientscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime collaboration assurancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:asa next-generation firewall servicesscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p38scope: - version: -

Trust: 0.3

vendor:ciscomodel:telepresence content serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:tandberg codian mse modelscope:eqversion:83200

Trust: 0.3

vendor:oraclemodel:mysql enterprise backupscope:eqversion:3.10.1

Trust: 0.3

vendor:ciscomodel:local collector appliancescope:eqversion:2.2.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.2

Trust: 0.3

vendor:freebsdmodel:9.3-release-p10scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p1scope: - version: -

Trust: 0.3

vendor:ciscomodel:digital media players seriesscope:eqversion:44000

Trust: 0.3

vendor:ciscomodel:mds series multilayer switchesscope:neversion:90008.3

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.16-37

Trust: 0.3

vendor:freebsdmodel:10.2-release-p13scope: - version: -

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1nxscope:neversion:5000

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.1

Trust: 0.3

vendor:ciscomodel:prime infrastructure standalone plug and play gatewayscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:spa50x series ip phonesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings for blackberryscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors interim fixscope:eqversion:4.014-01

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1gscope: - version: -

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:neversion:3.5.1

Trust: 0.3

vendor:oraclemodel:exalogic infrastructurescope:eqversion:2.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp1scope:eqversion:4.0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.4

Trust: 0.3

vendor:ciscomodel:telepresence integrator c seriesscope:neversion:7.3.7

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.5

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility clientscope:neversion:4.2

Trust: 0.3

vendor:ciscomodel:wide area application servicesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security virtual server protection for vmwarescope:eqversion:1.1.0.1

Trust: 0.3

vendor:ciscomodel:telepresence serverscope:eqversion:87100

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.1

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.4-23

Trust: 0.3

vendor:freebsdmodel:10.2-release-p14scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.1-release-p17scope: - version: -

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.25-57

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.4.6.1146-109

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.18-43

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:neversion:4.1.0.5

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.2.1

Trust: 0.3

vendor:ciscomodel:media services interfacescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexus intercloudscope:eqversion:1000v0

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:neversion:3.5

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:9.1

Trust: 0.3

vendor:ibmmodel:buildforgescope:neversion:8.0.0.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.1

Trust: 0.3

vendor:ciscomodel:ipsscope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1iscope: - version: -

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.4.2

Trust: 0.3

vendor:ciscomodel:unified workforce optimization quality management sr3 es5scope:neversion:11.0

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0

Trust: 0.3

vendor:ciscomodel:meetingplacescope:neversion:2.7

Trust: 0.3

vendor:oraclemodel:commerce guided searchscope:eqversion:11.2

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:neversion:7.0.1.7

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for iosscope:neversion:4.0

Trust: 0.3

vendor:ciscomodel:unified attendant console advancedscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex messenger service ep1scope:eqversion:7.9.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.3

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:5.1

Trust: 0.3

vendor:ciscomodel:mediasensescope:neversion:11.5.1

Trust: 0.3

vendor:ciscomodel:unified ip phone 9.4.2sr3scope:neversion:8961

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.1.1

Trust: 0.3

vendor:freebsdmodel:10.2-release-p9scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified wireless ip phonescope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1sscope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.1-release-p27scope: - version: -

Trust: 0.3

vendor:ciscomodel:spa122 ata with routerscope:neversion:1.4.5

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:eqversion:1.4.6

Trust: 0.3

vendor:ciscomodel:webex meeting centerscope:neversion:3.9.1

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:neversion:6.8.2

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.2

Trust: 0.3

vendor:ciscomodel:webex node for mcsscope:neversion:3.12.9.8

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:6.0.1

Trust: 0.3

vendor:ciscomodel:jabber for androidscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video surveillance 4300e/4500e high-definition ip camerasscope:neversion:3.2.8

Trust: 0.3

vendor:ibmmodel:mobilefirst platform foundationscope:eqversion:6.3.0.0

Trust: 0.3

vendor:freebsdmodel:10.2-release-p6scope: - version: -

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interix fixscope:eqversion:4.2.0.3

Trust: 0.3

vendor:ciscomodel:unified sip proxyscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:virtual security gateway for microsoft hyper-vscope:neversion:5.2(1)

Trust: 0.3

vendor:ciscomodel:tandberg codian isdn gwscope:eqversion:32100

Trust: 0.3

vendor:ciscomodel:unified attendant console premium editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media players series 5.4 rbscope:neversion:4300

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.11-28

Trust: 0.3

vendor:ibmmodel:buildforgescope:eqversion:8.0

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:6.1.5

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.5.0.12150-12

Trust: 0.3

vendor:ciscomodel:prime optical for spsscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:abyp-2t-1s-1l-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mds series multilayer switchesscope:neversion:90006.2.17

Trust: 0.3

vendor:ibmmodel:cognos tm1 interim fixscope:neversion:10.1.1.2

Trust: 0.3

vendor:ibmmodel:rational tauscope:eqversion:4.36

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1rscope: - version: -

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.1.0.8

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:5.0.1

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for linuxscope:neversion:4.3

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:7.0.0.3

Trust: 0.3

vendor:ibmmodel:aspera consolescope:neversion:3.1.1

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.5.0.997

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for osscope:neversion:x4.3

Trust: 0.3

vendor:ciscomodel:unified ip phone seriesscope:eqversion:79000

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for androidscope:neversion:4.3

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:connected analytics for collaboration 1.0.1qscope:neversion: -

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.20

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.1.0.7

Trust: 0.3

vendor:ibmmodel:cognos insightscope:eqversion:10.2.1

Trust: 0.3

vendor:ciscomodel:jabber guestscope:neversion:11.0

Trust: 0.3

vendor:ibmmodel:rational tauscope:eqversion:4.34

Trust: 0.3

vendor:ibmmodel:abyp-2t-1s-1l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5.2(2)

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:neversion:6.7.3

Trust: 0.3

vendor:ciscomodel:mmp serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:7.0.0.1

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for imagesscope:eqversion:7.1.1.19

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.30.0-13

Trust: 0.3

vendor:oraclemodel:commerce guided searchscope:eqversion:11.1

Trust: 0.3

vendor:ibmmodel:abyp-10g-2sr-2lr-1-p-mscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for images buildscope:eqversion:7.1.1.20280.6

Trust: 0.3

vendor:ciscomodel:computer telephony integration object serverscope:neversion:11.51

Trust: 0.3

vendor:ciscomodel:unified communications for microsoft lyncscope:neversion:10.6.7

Trust: 0.3

vendor:ciscomodel:prime security managerscope:eqversion:9.3.4.2-4

Trust: 0.3

vendor:ciscomodel:anyres livescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ons series multiservice provisioning platformsscope:neversion:1545410.6.1

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:7.0.0.2

Trust: 0.3

vendor:ciscomodel:telepresence isdn linkscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence serverscope:neversion:70104.4

Trust: 0.3

vendor:ciscomodel:packet tracerscope:eqversion:5.2

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.7.0

Trust: 0.3

vendor:ibmmodel:openssh for gpfs for windowsscope:neversion:3.5.0.31

Trust: 0.3

vendor:ciscomodel:unified attendant console business editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:agent for openflowscope:neversion:2.0.7

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:eqversion:4.1.0.5

Trust: 0.3

vendor:ibmmodel:cognos business intelligence interim fixscope:neversion:10.2.117

Trust: 0.3

vendor:ciscomodel:unified contact center enterprisescope:neversion:11.51

Trust: 0.3

vendor:ciscomodel:tandberg codian isdn gwscope:eqversion:32200

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5.2(3)

Trust: 0.3

vendor:paloaltonetworksmodel:globalprotect agentscope:eqversion:3.1.0

Trust: 0.3

vendor:ciscomodel:webex meetings for wp8scope:neversion:3.0

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.54

Trust: 0.3

vendor:ibmmodel:abyp-2t-2s-0l-pscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:webex meetings for androidscope:neversion:9.1

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.5.0

Trust: 0.3

vendor:ciscomodel:mds series multilayer switches 7.3.1nxscope:neversion:9000

Trust: 0.3

vendor:ciscomodel:mds series multilayer switchesscope:eqversion:90000

Trust: 0.3

vendor:ibmmodel:flex system fc3171 8gb san pass-thruscope:neversion:9.1.8.01.00

Trust: 0.3

vendor:ciscomodel:ios software and cisco ios xe softwarescope:neversion:16.3.1

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.0.2

Trust: 0.3

vendor:ciscomodel:webex meeting centerscope:neversion:3.9.0.5

Trust: 0.3

vendor:ibmmodel:cognos insightscope:eqversion:10.2

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.15-36

Trust: 0.3

vendor:ciscomodel:ace application control engine modulescope:eqversion:300

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:5.0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:neversion:6.7.3

Trust: 0.3

vendor:oraclemodel:exalogic infrastructurescope:eqversion:1.0

Trust: 0.3

vendor:ibmmodel:proventia network enterprise scannerscope:eqversion:2.3

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1.4

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.1.0.6

Trust: 0.3

vendor:ciscomodel:nac guest serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:local collector appliancescope:eqversion:2.2.10

Trust: 0.3

vendor:ciscomodel:enterprise content delivery systemscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:10.5(1)

Trust: 0.3

vendor:ciscomodel:email security appliancescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment buildscope:neversion:5.1.1051.08

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:neversion:5.0.22

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.2.11

Trust: 0.3

vendor:ibmmodel:mobile foundation consumer editionscope:eqversion:6.2.0.0

Trust: 0.3

vendor:ciscomodel:prime collaboration deploymentscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings client hosted t31r1sp6scope:neversion: -

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fix1scope:eqversion:4.3.0.6

Trust: 0.3

vendor:freebsdmodel:9.3-release-p35scope: - version: -

Trust: 0.3

vendor:ciscomodel:dx series ip phonesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:virtualization experience media enginescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:neversion:60002.8

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:3x000

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.18

Trust: 0.3

vendor:ciscomodel:packet tracerscope:eqversion:5.3

Trust: 0.3

vendor:ciscomodel:unified sip proxyscope:neversion:10.0

Trust: 0.3

vendor:freebsdmodel:10.2-release-p10scope: - version: -

Trust: 0.3

vendor:ibmmodel:aspera sharesscope:eqversion:1.9.3

Trust: 0.3

vendor:ibmmodel:abyp-0t-4s-0l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:spa50x series ip phonesscope:neversion:7.6.5

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:10

Trust: 0.3

vendor:ibmmodel:abyp-4ts-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:8.5

Trust: 0.3

vendor:ciscomodel:ata series analog terminal adaptorscope:neversion:1901.3

Trust: 0.3

vendor:oraclemodel:commerce guided searchscope:eqversion:11.0

Trust: 0.3

vendor:ciscomodel:digital media players series 5.4 rbscope:neversion:4400

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.4

Trust: 0.3

vendor:ciscomodel:virtualization experience media enginescope:neversion:11.5.1

Trust: 0.3

vendor:ibmmodel:abyp-10g-4lr-1-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:eqversion:3200

Trust: 0.3

vendor:ibmmodel:abyp-10g-4lr-1-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video surveillance ptz ip camerasscope:neversion:2.8

Trust: 0.3

vendor:freebsdmodel:9.3-release-p2scope: - version: -

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:8.6

Trust: 0.3

vendor:ciscomodel:unified communications for microsoft lyncscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:jabber software development kitscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:spa122 ata with routerscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-stablescope:neversion: -

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactions if03scope:eqversion:7.4.0.1

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.4

Trust: 0.3

vendor:ciscomodel:identity services enginescope:neversion:2.2.1

Trust: 0.3

vendor:oraclemodel:commerce experience managerscope:eqversion:11.2

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.1

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment buildscope:eqversion:5.1.151.05

Trust: 0.3

vendor:freebsdmodel:10.1-release-p9scope: - version: -

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:4.0.4

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:neversion:2.7

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:7.3

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(2.10000.5)

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1cscope: - version: -

Trust: 0.3

vendor:ciscomodel:telepresence mx seriesscope:neversion:7.3.7

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.4.0.0

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:neversion:3204.4

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:neversion:6.8

Trust: 0.3

vendor:ciscomodel:digital media players series 5.3 rbscope:eqversion:4300

Trust: 0.3

vendor:ciscomodel:telepresence profile seriesscope:neversion:7.3.7

Trust: 0.3

vendor:ibmmodel:openssh for gpfs for windowsscope:eqversion:3.5

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.11.6

Trust: 0.3

vendor:ibmmodel:abyp-0t-0s-4l-p-mscope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1fscope: - version: -

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1nxscope:neversion:7000

Trust: 0.3

vendor:ciscomodel:jabber for android mrscope:neversion:11.6

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2ascope: - version: -

Trust: 0.3

vendor:ibmmodel:abyp-4t-0s-0l-p-mscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.1.0.12

Trust: 0.3

vendor:ibmmodel:algo audit and compliancescope:eqversion:2.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2fscope: - version: -

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.5

Trust: 0.3

vendor:ciscomodel:connected grid router-cgosscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:1.0.2919

Trust: 0.3

vendor:ibmmodel:worklight enterprise editionscope:eqversion:6.1.0.0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for imagesscope:eqversion:7.1.1.0

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:5.0.2

Trust: 0.3

vendor:ciscomodel:telepresence server on virtual machine mr2scope:neversion:4.2

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.4

Trust: 0.3

vendor:ciscomodel:unified ip phonesscope:eqversion:69450

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility clientscope:neversion:4.3

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:4.0.7

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:60008.3

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.30.2-9

Trust: 0.3

vendor:ibmmodel:abyp-0t-2s-2l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:70008.3

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:4.0.5

Trust: 0.3

vendor:ibmmodel:integration busscope:eqversion:9.0

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.2

Trust: 0.3

vendor:ciscomodel:webex meetings server ssl gatewayscope:eqversion:-0

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.4.6.1146-110

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:neversion:6.8.1

Trust: 0.3

vendor:ciscomodel:prime network services controllerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ironport email security appliancescope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p3scope: - version: -

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:prime collaboration provisioningscope:neversion:11.2

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:eqversion:1.5.0.12

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.4.6.1146-113

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:neversion:6.8

Trust: 0.3

vendor:ciscomodel:spa30x series ip phonesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.30-12

Trust: 0.3

vendor:ciscomodel:webex meetings client on premisesscope:eqversion:-0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.3

Trust: 0.3

vendor:ibmmodel:cognos tm1 fix packscope:neversion:10.2.26

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:7.1.1.19

Trust: 0.3

vendor:ciscomodel:telepresence serverscope:eqversion:70100

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.3(1)

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media managerscope:neversion:5.4

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:7.5.0.0

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:5.0.2

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:1.0.2

Trust: 0.3

vendor:ciscomodel:security managerscope:neversion:4.12

Trust: 0.3

vendor:ibmmodel:mobilefirst platform foundationscope:eqversion:7.1.0.0

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:4.0.3

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1.7

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.2.2

Trust: 0.3

vendor:ibmmodel:cognos tm1scope:eqversion:10.1.0

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5(.1.131)

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2dscope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.3

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:onepk all-in-one vmscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:9.1(1)

Trust: 0.3

vendor:ciscomodel:prime lan management solutionscope:eqversion:-0

Trust: 0.3

vendor:ibmmodel:buildforgescope:eqversion:8.0.0.2

Trust: 0.3

vendor:ibmmodel:algo audit and compliance ifscope:neversion:2.1.0.32

Trust: 0.3

vendor:ciscomodel:spa525gscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:eqversion:4.3.0.4

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:neversion:6.8.1

Trust: 0.3

vendor:freebsdmodel:9.3-release-p25scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.0

Trust: 0.3

vendor:ibmmodel:abyp-0t-2s-2l-p-mscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.3.0.1

Trust: 0.3

vendor:ciscomodel:unified attendant console department editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified ip phone 9.4.2sr3scope:neversion:9971

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.1

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.29-9

Trust: 0.3

vendor:ciscomodel:series ip phones vpn featurescope:eqversion:8800-0

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1dxscope:neversion:6000

Trust: 0.3

vendor:ibmmodel:abyp-2t-0s-2l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:spa112 2-port phone adapterscope:neversion:1.4.5

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.2.0.6

Trust: 0.3

vendor:ibmmodel:cognos tm1scope:eqversion:10.2.2

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.1.1

Trust: 0.3

vendor:ciscomodel:telepresence server mr2scope:neversion:70104.2

Trust: 0.3

vendor:ciscomodel:webex messenger servicescope:neversion:7.20

Trust: 0.3

vendor:ibmmodel:abyp-10g-4sr-1-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:neversion:3.2

Trust: 0.3

vendor:freebsdmodel:10.3-stablescope:neversion: -

Trust: 0.3

vendor:oraclemodel:commerce guided searchscope:eqversion:6.1.4

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:12.2.2

Trust: 0.3

vendor:oraclemodel:mysql enterprise backupscope:eqversion:3.10

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.3.1

Trust: 0.3

vendor:ibmmodel:rational tau interim fixscope:eqversion:4.3.0.6

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:video distribution suite for internet streamingscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media players series 5.4 rbscope:eqversion:4300

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty media mr2scope:neversion:3204.2

Trust: 0.3

vendor:ciscomodel:connected grid router 15.6.2.15tscope:neversion: -

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:5.1.116

Trust: 0.3

vendor:ciscomodel:cloupia unified infrastructure controllerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:neversion:11.5:20

Trust: 0.3

vendor:ciscomodel:jabber for macscope:neversion:11.7

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.20

Trust: 0.3

vendor:ciscomodel:agent desktop for cisco unified contact center expressscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:eqversion:70000

Trust: 0.3

vendor:ibmmodel:counter fraud management for safer paymentsscope:eqversion:5.3.0

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty media mr2scope:neversion:3104.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliancescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:flex system fc3171 8gb san switchscope:eqversion:9.1

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:70006.2.17

Trust: 0.3

vendor:ciscomodel:digital media players series 5.3 rbscope:eqversion:4400

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.2.1.0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1nscope: - version: -

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:eqversion:3204.1

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:neversion:6.7.3

Trust: 0.3

vendor:ciscomodel:packet tracerscope:neversion:7.0

Trust: 0.3

vendor:ciscomodel:network analysis modulescope:neversion:6.3.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1oscope: - version: -

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:eqversion:60000

Trust: 0.3

vendor:ciscomodel:unified wireless ip phonescope:neversion:1.5.1

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for windowsscope:neversion:4.0

Trust: 0.3

vendor:ciscomodel:virtual security gateway vsg2scope:neversion: -

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.1.0

Trust: 0.3

vendor:slackwaremodel:linux x86 64 -currentscope: - version: -

Trust: 0.3

vendor:ciscomodel:policy suitescope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.1

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.0

Trust: 0.3

vendor:ciscomodel:webex meetings client on premisesscope:neversion:-2.7

Trust: 0.3

vendor:freebsdmodel:10.2-release-p12scope: - version: -

Trust: 0.3

vendor:ciscomodel:spa51x series ip phonesscope:neversion:7.6.5

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.55

Trust: 0.3

vendor:ciscomodel:unified ip conference phone for third-party call controlscope:eqversion:88310

Trust: 0.3

vendor:ciscomodel:unified intelligence centerscope:neversion:11.5.1

Trust: 0.3

vendor:ciscomodel:telepresence server on virtual machinescope:neversion:4.4

Trust: 0.3

vendor:ciscomodel:common services platform collectorscope:neversion:1.9.1

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:8.7

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2escope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(3.10000.9)

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:neversion:11.5

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1qscope: - version: -

Trust: 0.3

vendor:ciscomodel:dcm series 9900-digital content managerscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.3

Trust: 0.3

vendor:ciscomodel:digital media managerscope:neversion:5.3

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for iosscope:neversion:4.2

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.2.1.2

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment intirim fixscope:eqversion:5.133

Trust: 0.3

vendor:ciscomodel:telepresence sx seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:neversion:6.8.2

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for windowsscope:neversion:4.2

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.2.2

Trust: 0.3

vendor:ciscomodel:webex meetings client hostedscope:eqversion:-0

Trust: 0.3

vendor:ciscomodel:webex meetings for wp8scope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.13

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.4.6.1146-108

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:neversion:1.5.0.13

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5.2(2.1)

Trust: 0.3

vendor:ibmmodel:security virtual server protection for vmwarescope:eqversion:1.1

Trust: 0.3

vendor:ciscomodel:webex meetings for wp8scope:neversion:2.6.1

Trust: 0.3

vendor:ciscomodel:physical access control gatewayscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:wide area application servicesscope:neversion:5.5.7

Trust: 0.3

vendor:freebsdmodel:9.3-release-p24scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex messenger servicescope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p19scope: - version: -

Trust: 0.3

vendor:ciscomodel:mmp serverscope:neversion:3.10

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.0.1

Trust: 0.3

vendor:ciscomodel:prime ip expressscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:application and content networking systemscope:neversion:5.5.41

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:5.3

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:6.1.4

Trust: 0.3

vendor:freebsdmodel:10.1-release-p30scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p13scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.2.1

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3

Trust: 0.3

vendor:ciscomodel:intelligent automation for cloudscope:neversion:0.9.8

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.1.1

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:5.0.1

Trust: 0.3

vendor:ciscomodel:edge digital media player 1.6rb4 5scope:neversion:300

Trust: 0.3

vendor:ciscomodel:mds series multilayer switches 7.3.1dxscope:neversion:9000

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:99510

Trust: 0.3

vendor:ibmmodel:abyp-10g-4sr-1-pscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p36scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.6

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:89450

Trust: 0.3

vendor:ciscomodel:digital media managerscope:neversion:5.4.1

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment buildscope:eqversion:7.1.1.20280.6

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:neversion:6.8.2

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:neversion:30002.8

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.10

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:9.2

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.12

Trust: 0.3

vendor:ciscomodel:webex meeting centerscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.11

Trust: 0.3

vendor:ciscomodel:partner supporting servicescope:eqversion:1.0

Trust: 0.3

vendor:ciscomodel:mobility services enginescope:neversion:8.0

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:neversion:3401.2.0.20

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.1

Trust: 0.3

vendor:ibmmodel:abyp-0t-4s-0l-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:spa30x series ip phonesscope:neversion:7.6.5

Trust: 0.3

vendor:ciscomodel:unified series ip phonesscope:eqversion:78000

Trust: 0.3

vendor:ciscomodel:digital media players series 5.4 rbscope:eqversion:4400

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.13

Trust: 0.3

vendor:freebsdmodel:10.2-release-p11scope: - version: -

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.2

Trust: 0.3

vendor:ibmmodel:enterprise content management system monitorscope:eqversion:5.1

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:42000

Trust: 0.3

vendor:ciscomodel:socialminerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:standalone rack server cimcscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.2.1

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.2.0.0

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:spa112 2-port phone adapterscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:mysql enterprise backupscope:eqversion:3.12.2

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp14scope:eqversion:4.0.0

Trust: 0.3

vendor:ciscomodel:intracerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:neversion:6.8

Trust: 0.3

vendor:ciscomodel:jabber for apple iosscope:neversion:11.6.2

Trust: 0.3

vendor:ciscomodel:video surveillance series high-definition ip camerasscope:neversion:40002.4.7

Trust: 0.3

vendor:ciscomodel:video surveillance media serverscope:eqversion:7.7

Trust: 0.3

vendor:freebsdmodel:9.3-release-p33scope: - version: -

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.5

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment buildscope:eqversion:5.1.1051.07

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:84200

Trust: 0.3

vendor:ciscomodel:jabber for windowsscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ironport email security appliancescope:neversion:10.5

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.2

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for linuxscope:neversion:4.0

Trust: 0.3

vendor:ciscomodel:meetingplacescope: - version: -

Trust: 0.3

vendor:ciscomodel:spa525gscope:neversion:7.6.5

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.2.0.3

Trust: 0.3

vendor:ciscomodel:mmp serverscope:neversion:3.9.0.5

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.4.0.1

Trust: 0.3

vendor:freebsdmodel:9.3-release-p41scope:neversion: -

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp1scope:eqversion:4.0.1

Trust: 0.3

vendor:ibmmodel:flex system fc3171 8gb san switchscope:neversion:9.1.8.01.00

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence integrator c seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ciscomodel:prime network registrarscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:cloud object storescope:neversion:3.8

Trust: 0.3

vendor:ibmmodel:buildforgescope:eqversion:8.0.0.3

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for androidscope:neversion:4.0

Trust: 0.3

vendor:ibmmodel:cognos business intelligence fixpackscope:eqversion:10.2.12

Trust: 0.3

vendor:oraclemodel:commerce experience managerscope:eqversion:6.1.4

Trust: 0.3

vendor:ciscomodel:telepresence sx seriesscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p25scope: - version: -

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:enterprise content management system monitorscope:eqversion:5.2

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.5.1.5

Trust: 0.3

vendor:ciscomodel:registered envelope servicescope:neversion:5.0

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.5.1.0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:neversion:6.8.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp2scope:eqversion:4.0.1

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:99710

Trust: 0.3

vendor:ciscomodel:telepresence content serverscope:neversion:7.2

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:8.5(4)

Trust: 0.3

vendor:ciscomodel:meetingplacescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:neversion:3104.4

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:5.1.0.2

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for linuxscope:neversion:4.2

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.6

Trust: 0.3

vendor:ciscomodel:ata analog telephone adaptorscope:eqversion:1870

Trust: 0.3

vendor:ciscomodel:asa cx and prime security managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:universal small cell seriesscope:neversion:50003.5.12.21

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1mscope: - version: -

Trust: 0.3

vendor:ciscomodel:expressway seriesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for androidscope:neversion:4.2

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:10.0(1)

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:50007.3.1

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:8.5(3)

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.3.0

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.1.0.0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p6scope: - version: -

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:eqversion:3000

Trust: 0.3

vendor:ciscomodel:unified ip phone 9.4.2sr3scope:neversion:8945

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.18-49

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.0(1.10000.12)

Trust: 0.3

vendor:ciscomodel:telepresence ex seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:1000v0

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.3

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.3

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1.6

Trust: 0.3

vendor:ciscomodel:mate designscope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:1.0.1

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:4.0.6

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1.5

Trust: 0.3

vendor:freebsdmodel:10.3-rc2scope: - version: -

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.13-41

Trust: 0.3

vendor:ibmmodel:websphere cast ironscope:eqversion:6.1.0.9

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.1

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.0

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:network admission controlscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified communications for microsoft lyncscope:neversion:11.6

Trust: 0.3

vendor:ciscomodel:identity services enginescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.4

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1jscope: - version: -

Trust: 0.3

vendor:ibmmodel:rational tauscope:eqversion:4.31

Trust: 0.3

vendor:ciscomodel:universal small cell seriesscope:eqversion:70003.4.2.0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p33scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1dxscope:neversion:5000

Trust: 0.3

vendor:ciscomodel:telepresence conductorscope:neversion:4.3

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:2.2

Trust: 0.3

vendor:ibmmodel:abyp-0t-0s-4l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified attendant console standardscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.4.0.0

Trust: 0.3

vendor:ibmmodel:jazz reporting servicescope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:connected grid routersscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mate livescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5(.1.6)

Trust: 0.3

vendor:oraclemodel:commerce experience managerscope:eqversion:11.1

Trust: 0.3

vendor:ciscomodel:telepresence integrator c seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified workforce optimization sr3 es5scope:neversion:11.0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1dscope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications manager 10.5 su3scope: - version: -

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:neversion:6.7.3

Trust: 0.3

vendor:ibmmodel:abyp-2t-2s-0l-p-mscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:jazz reporting servicescope:eqversion:5.0.2

Trust: 0.3

vendor:ibmmodel:aspera sharesscope:eqversion:1.9.4

Trust: 0.3

vendor:ciscomodel:application policy infrastructure controllerscope:neversion:2.0(0.400)

Trust: 0.3

vendor:ibmmodel:abyp-4tl-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nac serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.9-34

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:12.3.2

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.3

Trust: 0.3

vendor:ibmmodel:abyp-4ts-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media players seriesscope:eqversion:43000

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.3

Trust: 0.3

vendor:freebsdmodel:9.3-release-p31scope: - version: -

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:eqversion:3100

Trust: 0.3

vendor:ibmmodel:security proventia network active bypass 0343c3cscope: - version: -

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fix1scope:neversion:4.3.0.6

Trust: 0.3

vendor:ciscomodel:unified ip phones 9.3 sr3scope:neversion:6901

Trust: 0.3

vendor:ciscomodel:digital media managerscope:neversion:5.3.6

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:11.0(0.98000.225)

Trust: 0.3

vendor:ciscomodel:prime networkscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for iosscope:neversion:4.3

Trust: 0.3

vendor:ciscomodel:prime performance managerscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:prime collaboration provisioningscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:network analysis modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:websphere application server liberty profilescope:eqversion:8.5.5

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.12

Trust: 0.3

vendor:ciscomodel:unity connectionscope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:telepresence video communication serverscope:neversion:8.8

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:neversion:6.8.2

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(1.98991.13)

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.16

Trust: 0.3

vendor:ibmmodel:abyp-10g-2sr-2lr-1-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime optical for spsscope:neversion:10.6

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:45000

Trust: 0.3

vendor:ciscomodel:telepresence serverscope:neversion:87104.4

Trust: 0.3

vendor:ciscomodel:telepresence isdn gwscope:eqversion:32410

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:4.0.1

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.4

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:50008.3

Trust: 0.3

vendor:freebsdmodel:10.1-release-p31scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors interim fixscope:eqversion:4.0.12-04

Trust: 0.3

vendor:ciscomodel:netflow generation appliancescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:aspera sharesscope:eqversion:1.9.2

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:eqversion:3104.1

Trust: 0.3

vendor:ciscomodel:telepresence ex seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings server ssl gatewayscope:neversion:-2.7

Trust: 0.3

vendor:ciscomodel:telepresence server on virtual machinescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cognos tm1scope:eqversion:10.2

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.5

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:10.5(1.10000.5)

Trust: 0.3

vendor:ciscomodel:webex meetings for androidscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.6

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactions if37scope:eqversion:7.3.0.1

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.6

Trust: 0.3

vendor:ibmmodel:tivoli network manager ip edition fix packscope:eqversion:3.94

Trust: 0.3

vendor:ciscomodel:prime license managerscope:neversion:11.5

Trust: 0.3

vendor:oraclemodel:commerce experience managerscope:eqversion:11.0

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:neversion:70002.8

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:5.1.3

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.18-42

Trust: 0.3

vendor:ciscomodel:expressway seriesscope:neversion:8.8

Trust: 0.3

vendor:ibmmodel:abyp-4t-0s-0l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:email security appliancescope:neversion:10.5

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:worklight enterprise editionscope:eqversion:6.1.0.2

Trust: 0.3

vendor:ciscomodel:virtual security gateway for microsoft hyper-v vsg2scope:neversion: -

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.14

Trust: 0.3

vendor:ciscomodel:connected grid router cgos 15.6.2.15tscope:neversion: -

Trust: 0.3

vendor:ciscomodel:wide area application servicesscope:neversion:6.2.3

Trust: 0.3

vendor:freebsdmodel:9.3-release-p5scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors interim fixscope:eqversion:4.0.12-01

Trust: 0.3

vendor:ciscomodel:unified intelligent contact management enterprisescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1nxscope:neversion:6000

Trust: 0.3

vendor:ciscomodel:application and content networking systemscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mmp serverscope:neversion:3.9.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1kscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p39scope: - version: -

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for iosscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:neversion:1.4.6.1146-114

Trust: 0.3

vendor:ciscomodel:telepresence mx seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.5

Trust: 0.3

vendor:ciscomodel:spa232d multi-line dect atascope:neversion:1.4.5

Trust: 0.3

vendor:slackwaremodel:linux -currentscope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for images buildscope:neversion:7.1.1.20290.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1bscope: - version: -

Trust: 0.3

vendor:ciscomodel:telepresence profile seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.0.0.13

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for osscope:neversion:x4.2

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors interim fixscope:eqversion:4.014-08

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:neversion:6.8

Trust: 0.3

vendor:ciscomodel:universal small cell seriesscope:neversion:70003.5.12.21

Trust: 0.3

vendor:ciscomodel:telepresence conductorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:application policy infrastructure controllerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:jabber for macscope:eqversion:0

Trust: 0.3

vendor:paloaltonetworksmodel:globalprotect agentscope:neversion:3.1.1

Trust: 0.3

vendor:ciscomodel:dcm series 9900-digital content managerscope:neversion:19.0

Trust: 0.3

vendor:freebsdmodel:10.3-release-p1scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified ip phone 9.4.2sr3scope:neversion:9951

Trust: 0.3

vendor:ciscomodel:video surveillance 4300e/4500e high-definition ip camerasscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:1.0.1876

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:9.0

Trust: 0.3

vendor:freebsdmodel:10.3-release-p2scope:neversion: -

Trust: 0.3

vendor:ciscomodel:local collector appliancescope:neversion:2.2.12

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:worklight enterprise editionscope:eqversion:6.1.0.1

Trust: 0.3

vendor:ciscomodel:content security appliance updater serversscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p29scope: - version: -

Trust: 0.3

vendor:ciscomodel:connected analytics for collaborationscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cognos tm1 interim fixscope:neversion:10.2.0.2

Trust: 0.3

vendor:ciscomodel:multicast managerscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p23scope: - version: -

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.2

Trust: 0.3

vendor:ciscomodel:telepresence ex seriesscope:neversion:7.3.7

Trust: 0.3

vendor:applemodel:mac os security updatescope:neversion:x2016

Trust: 0.3

vendor:freebsdmodel:10.1-release-p16scope: - version: -

Trust: 0.3

vendor:ibmmodel:jazz reporting servicescope:eqversion:5.0.1

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.1

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:50006.2.17

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.30.4-12

Trust: 0.3

vendor:ciscomodel:webex node for mcsscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:emergency responder 10.5scope: - version: -

Trust: 0.3

vendor:ciscomodel:nexusscope:neversion:900012.0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:neversion:6.8.1

Trust: 0.3

vendor:ciscomodel:unified communications manager session management editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:neversion:6.7.3

Trust: 0.3

vendor:freebsdmodel:9.3-release-p6scope: - version: -

Trust: 0.3

vendor:ciscomodel:video surveillance ptz ip camerasscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:virtualization experience media enginescope:neversion:11.7(0)

Trust: 0.3

vendor:ciscomodel:telepresence serial gateway seriesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:7.2

Trust: 0.3

vendor:freebsdmodel:9.3-release-p9scope: - version: -

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.3

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2cscope: - version: -

Trust: 0.3

vendor:ibmmodel:rational tauscope:eqversion:4.32

Trust: 0.3

vendor:ciscomodel:webex meetings server 2.5mr2scope: - version: -

Trust: 0.3

vendor:ciscomodel:virtual security gateway for microsoft hyper-vscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:services analytic platformscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:jabber for apple iosscope:neversion:11.7

Trust: 0.3

vendor:ciscomodel:unified ip phone seriesscope:eqversion:79009.4(2)

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:89610

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:60006.2.17

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.2

Trust: 0.3

vendor:ciscomodel:unified series ip conference phonescope:eqversion:88310

Trust: 0.3

vendor:ciscomodel:video surveillance media serverscope:neversion:7.9

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:neversion:11.5

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.1

Trust: 0.3

vendor:ciscomodel:agent for openflowscope:neversion:2.1.5

Trust: 0.3

vendor:freebsdmodel:10.2-release-p16scope:neversion: -

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2hscope:neversion: -

Trust: 0.3

vendor:ciscomodel:virtual security gatewayscope:neversion:5.2(1)

Trust: 0.3

vendor:ciscomodel:unified attendant console enterprise editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified contact center expressscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational tauscope:eqversion:4.3

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:buildforgescope:eqversion:8.0.0.1

Trust: 0.3

vendor:ibmmodel:cognos insightscope:eqversion:10.2.2

Trust: 0.3

vendor:ciscomodel:policy suitescope:neversion:10.0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:7.1.1

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2bscope: - version: -

Trust: 0.3

vendor:ciscomodel:prime data center network managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified computing systemscope:eqversion: -

Trust: 0.3

vendor:ciscomodel:unified communications manager session management editionscope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:videoscape control suitescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:53000

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:neversion:7.1

Trust: 0.3

vendor:ciscomodel:anyres livescope:neversion:9.4.5

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.3.0

Trust: 0.3

vendor:ibmmodel:mobilefirst platform foundationscope:eqversion:7.0.0.0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p34scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.0(1)

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for images system edition buildscope:neversion:x7.1.1.20290.1

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.5.0.12150-13

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.1.0.10

Trust: 0.3

vendor:ibmmodel:integration busscope:eqversion:10.0

Trust: 0.3

vendor:ciscomodel:jabber software development kitscope:neversion:11.7

Trust: 0.3

vendor:ciscomodel:unified contact center expressscope:neversion:11.5.1

Trust: 0.3

vendor:ciscomodel:webex meetings server mr1scope:eqversion:2.5

Trust: 0.3

vendor:ciscomodel:telepresence mx seriesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:systems directorscope:eqversion:6.3.0.0

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.5.99.2

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.1

Trust: 0.3

vendor:ibmmodel:jazz reporting servicescope:eqversion:5.0

Trust: 0.3

vendor:ciscomodel:telepresence isdn gw msescope:eqversion:83210

Trust: 0.3

vendor:ciscomodel:telepresence profile seriesscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:abyp-2t-0s-2l-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:visual quality experience tools serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:neversion:4.2.0.3

Trust: 0.3

vendor:ibmmodel:rational tauscope:eqversion:4.33

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:neversion:7.2

Trust: 0.3

vendor:oraclemodel:mysql enterprise backupscope:eqversion:4.0.1

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1dxscope:neversion:7000

Trust: 0.3

vendor:ciscomodel:asa cx and cisco prime security managerscope:neversion:9.5.4.3

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1lscope: - version: -

Trust: 0.3

vendor:ciscomodel:im and presence servicescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:6.0.2

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.3

Trust: 0.3

vendor:freebsdmodel:9.3-release-p29scope: - version: -

Trust: 0.3

vendor:ibmmodel:rational team concertscope:eqversion:4.0

Trust: 0.3

vendor:ciscomodel:firesight system softwarescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security virtual server protection for vmwarescope:eqversion:1.1.1

Trust: 0.3

vendor:ciscomodel:management appliancescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cognos insight fp ifscope:neversion:10.2.126

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.2

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for images system editionscope:eqversion:x7.1.1.0

Trust: 0.3

vendor:ciscomodel:unity connectionscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.5.0.1

Trust: 0.3

vendor:ciscomodel:cloud object storescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for osscope:neversion:x4.0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1hscope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(2.13900.9)

Trust: 0.3

vendor:ciscomodel:ip interoperability and collaboration systemscope:neversion:5.0

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(0.98000.88)

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.2.0.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1pscope: - version: -

Trust: 0.3

sources: BID: 89746 // JVNDB: JVNDB-2016-002477 // CNNVD: CNNVD-201605-084 // NVD: CVE-2016-2176

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-2176
value: HIGH

Trust: 1.0

NVD: CVE-2016-2176
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201605-084
value: HIGH

Trust: 0.6

VULMON: CVE-2016-2176
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-2176
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2016-2176
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.2
version: 3.0

Trust: 1.8

sources: VULMON: CVE-2016-2176 // JVNDB: JVNDB-2016-002477 // CNNVD: CNNVD-201605-084 // NVD: CVE-2016-2176

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2016-002477 // NVD: CVE-2016-2176

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-084

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201605-084

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002477

PATCH

title:APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004url:http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

Trust: 0.8

title:HT206903url:https://support.apple.com/en-us/HT206903

Trust: 0.8

title:HT206903url:https://support.apple.com/ja-jp/HT206903

Trust: 0.8

title:SB10160url:https://kc.mcafee.com/corporate/index?page=content&id=SB10160

Trust: 0.8

title:NV16-015url:http://jpn.nec.com/security-info/secinfo/nv16-015.html

Trust: 0.8

title:Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016]url:https://www.openssl.org/news/openssl-1.0.1-notes.html

Trust: 0.8

title:Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]url:https://www.openssl.org/news/openssl-1.0.2-notes.html

Trust: 0.8

title:Prevent EBCDIC overread for very long stringsurl:https://git.openssl.org/?p=openssl.git;a=commit;h=2919516136a4227d9e6d8f2fe66ef976aaf8c561

Trust: 0.8

title:EBCDIC overread (CVE-2016-2176)url:https://www.openssl.org/news/secadv/20160503.txt

Trust: 0.8

title:Oracle Critical Patch Update Advisory - July 2016url:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - October 2016url:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Trust: 0.8

title:Text Form of Oracle Critical Patch Update - October 2016 Risk Matricesurl:http://www.oracle.com/technetwork/security-advisory/cpuoct2016verbose-2881725.html

Trust: 0.8

title:Oracle Solaris Third Party Bulletin - April 2016url:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Trust: 0.8

title:SA40202url:https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202

Trust: 0.8

title:October 2016 Critical Patch Update Releasedurl:https://blogs.oracle.com/security/entry/october_2016_critical_patch_update

Trust: 0.8

title:JSA10759url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759&actp=search

Trust: 0.8

title:TLSA-2016-14url:http://www.turbolinux.co.jp/security/2016/TLSA-2016-14j.html

Trust: 0.8

title:OpenSSL Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=61409

Trust: 0.6

title:The Registerurl:https://www.theregister.co.uk/2016/05/03/openssl_patches/

Trust: 0.2

title:Red Hat: CVE-2016-2176url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2016-2176

Trust: 0.1

title:Tenable Security Advisories: [R5] OpenSSL '20160503' Advisory Affects Tenable Productsurl:https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2016-10

Trust: 0.1

title:Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2016-13

Trust: 0.1

title:Symantec Security Advisories: SA123 : OpenSSL Vulnerabilities 3-May-2016url:https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=5d65f6765e60e5fe9e6998a5bde1aadc

Trust: 0.1

title:Forcepoint Security Advisories: CVE-2016-2105, 2106, 2107, 2108, 2109, 2176 -- Security Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories&qid=01fd01e3d154696ffabfde89f4142310

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=976a4da35d55283870dbb31b88a6c655

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - July 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=3a04485ebb79f7fbc2472bf9af5ce489

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - October 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=05aabe19d38058b7814ef5514aab4c0c

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - April 2017url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=143b3fb255063c81571469eaa3cf0a87

Trust: 0.1

title:Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2016-18

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - July 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=5f8c525f1408011628af1792207b2099

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2016-2176

Trust: 0.1

title:alpine-cvecheckurl:https://github.com/tomwillfixit/alpine-cvecheck

Trust: 0.1

title: - url:https://github.com/imhunterand/hackerone-publicy-disclosed

Trust: 0.1

sources: VULMON: CVE-2016-2176 // JVNDB: JVNDB-2016-002477 // CNNVD: CNNVD-201605-084

EXTERNAL IDS

db:NVDid:CVE-2016-2176

Trust: 3.5

db:BIDid:89746

Trust: 2.0

db:PACKETSTORMid:136912

Trust: 1.8

db:PULSESECUREid:SA40202

Trust: 1.7

db:TENABLEid:TNS-2016-18

Trust: 1.7

db:SIEMENSid:SSA-412672

Trust: 1.7

db:SECTRACKid:1035721

Trust: 1.7

db:MCAFEEid:SB10160

Trust: 1.7

db:BIDid:91787

Trust: 1.7

db:JVNid:JVNVU93163809

Trust: 0.8

db:JVNid:JVNVU94844193

Trust: 0.8

db:JVNDBid:JVNDB-2016-002477

Trust: 0.8

db:AUSCERTid:ESB-2022.0696

Trust: 0.6

db:CNNVDid:CNNVD-201605-084

Trust: 0.6

db:ICS CERTid:ICSA-22-349-21

Trust: 0.1

db:VULMONid:CVE-2016-2176

Trust: 0.1

db:PACKETSTORMid:142803

Trust: 0.1

db:PACKETSTORMid:136919

Trust: 0.1

db:PACKETSTORMid:140056

Trust: 0.1

db:PACKETSTORMid:136893

Trust: 0.1

db:PACKETSTORMid:137958

Trust: 0.1

db:PACKETSTORMid:169652

Trust: 0.1

sources: VULMON: CVE-2016-2176 // BID: 89746 // JVNDB: JVNDB-2016-002477 // PACKETSTORM: 142803 // PACKETSTORM: 136919 // PACKETSTORM: 140056 // PACKETSTORM: 136912 // PACKETSTORM: 136893 // PACKETSTORM: 137958 // PACKETSTORM: 169652 // CNNVD: CNNVD-201605-084 // NVD: CVE-2016-2176

REFERENCES

url:https://www.openssl.org/news/secadv/20160503.txt

Trust: 2.3

url:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Trust: 2.0

url:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Trust: 2.0

url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl

Trust: 2.0

url:http://www.securityfocus.com/bid/89746

Trust: 1.8

url:https://security.gentoo.org/glsa/201612-16

Trust: 1.8

url:https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202

Trust: 1.7

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10160

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html

Trust: 1.7

url:https://support.apple.com/ht206903

Trust: 1.7

url:http://www.securityfocus.com/bid/91787

Trust: 1.7

url:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Trust: 1.7

url:http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103

Trust: 1.7

url:http://www.securitytracker.com/id/1035721

Trust: 1.7

url:https://bto.bluecoat.com/security-advisory/sa123

Trust: 1.7

url:http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html

Trust: 1.7

url:https://www.tenable.com/security/tns-2016-18

Trust: 1.7

url:https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbhf03756en_us

Trust: 1.7

url:https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbhf03765en_us

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20160504-0001/

Trust: 1.7

url:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

Trust: 1.7

url:https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=2919516136a4227d9e6d8f2fe66ef976aaf8c561

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176

Trust: 0.9

url:http://jvn.jp/vu/jvnvu93163809/

Trust: 0.8

url:http://jvn.jp/vu/jvnvu94844193/

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2176

Trust: 0.8

url:http://www.aratana.jp/security/detail.php?id=16

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2016-2107

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2016-2109

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2016-2106

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2016-2105

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2016-2108

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2016-2176

Trust: 0.6

url:https://git.openssl.org/?p=openssl.git;a=commit;h=2919516136a4227d9e6d8f2fe66ef976aaf8c561

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0696

Trust: 0.6

url:http://openssl.org/

Trust: 0.3

url:http://seclists.org/bugtraq/2016/may/25

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1023814

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024078

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507

Trust: 0.3

url:https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099429

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376

Trust: 0.3

url:https://www.openssl.org/news/vulnerabilities.html

Trust: 0.3

url:https://securityadvisories.paloaltonetworks.com/home/detail/56?aspxautodetectcookiesupport=1

Trust: 0.3

url:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

Trust: 0.3

url:https://support.asperasoft.com/hc/en-us/articles/229505687-security-bulletin-multiple-openssl-vulnerabilities-affect-ibm-aspera-shares-1-9-2-or-earlier-%20-ibm-aspera-console-3-0-6-or-earlier

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21983158

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984323

Trust: 0.3

url:https://www-01.ibm.com/support/docview.wss?uid=swg21984483

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984794

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984920

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984977

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986123

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986313

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986460

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986506

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986563

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986564

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986669

Trust: 0.3

url:https://www-01.ibm.com/support/docview.wss?uid=swg21987174

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21987175

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21987671

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988055

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988071

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988081

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988350

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988383

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988976

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21989958

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21992493

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21992894

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg2c1000192

Trust: 0.3

url:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2016-2176

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/tomwillfixit/alpine-cvecheck

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=49332

Trust: 0.1

url:http://www.hpe.com/support/security_bulletin_archive

Trust: 0.1

url:https://www.hpe.com/info/report-security-vulnerability

Trust: 0.1

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03756en_us

Trust: 0.1

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499

Trust: 0.1

url:http://www.hpe.com/support/subscriber_choice

Trust: 0.1

url:https://www.freebsd.org/handbook/makeworld.html>.

Trust: 0.1

url:https://security.freebsd.org/patches/sa-16:17/openssl-9.patch.asc

Trust: 0.1

url:https://security.freebsd.org/>.

Trust: 0.1

url:https://security.freebsd.org/patches/sa-16:17/openssl-9.patc

Trust: 0.1

url:https://security.freebsd.org/patches/sa-16:17/openssl-10.patch

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105>

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106>

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2176>

Trust: 0.1

url:https://www.openssl.org/news/secadv/20160503.txt>

Trust: 0.1

url:https://svnweb.freebsd.org/base?view=revision&revision=nnnnnn>

Trust: 0.1

url:https://security.freebsd.org/advisories/freebsd-sa-16:17.openssl.asc>

Trust: 0.1

url:https://security.freebsd.org/patches/sa-16:17/openssl-10.patch.asc

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2109>

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2107>

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2180

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2178

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2177

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-7052

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-6306

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-6304

Trust: 0.1

url:http://eprint.iacr.org/2016/594.pdf

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-6305

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2183

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2109

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2107

Trust: 0.1

url:http://slackware.com

Trust: 0.1

url:http://osuosl.org)

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2108

Trust: 0.1

url:http://slackware.com/gpg-key

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2105

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-0718

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4599

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4601

Trust: 0.1

url:https://gpgtools.org

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4449

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4483

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1836

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4600

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1865

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4597

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4596

Trust: 0.1

url:http://www.apple.com/support/downloads/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4447

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1863

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4582

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4595

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1864

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-9862

Trust: 0.1

url:http://support.apple.com/kb/ht201222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4607

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4448

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4598

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1684

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4602

Trust: 0.1

url:https://support.apple.com/kb/ht206900

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4594

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-0169

Trust: 0.1

url:https://www.openssl.org/policies/secpolicy.html

Trust: 0.1

url:https://www.openssl.org/policies/releasestrat.html),

Trust: 0.1

sources: VULMON: CVE-2016-2176 // BID: 89746 // JVNDB: JVNDB-2016-002477 // PACKETSTORM: 142803 // PACKETSTORM: 136919 // PACKETSTORM: 140056 // PACKETSTORM: 136912 // PACKETSTORM: 136893 // PACKETSTORM: 137958 // PACKETSTORM: 169652 // CNNVD: CNNVD-201605-084 // NVD: CVE-2016-2176

CREDITS

Guido Vranken

Trust: 0.6

sources: CNNVD: CNNVD-201605-084

SOURCES

db:VULMONid:CVE-2016-2176
db:BIDid:89746
db:JVNDBid:JVNDB-2016-002477
db:PACKETSTORMid:142803
db:PACKETSTORMid:136919
db:PACKETSTORMid:140056
db:PACKETSTORMid:136912
db:PACKETSTORMid:136893
db:PACKETSTORMid:137958
db:PACKETSTORMid:169652
db:CNNVDid:CNNVD-201605-084
db:NVDid:CVE-2016-2176

LAST UPDATE DATE

2024-11-07T20:23:21.834000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2016-2176date:2023-11-07T00:00:00
db:BIDid:89746date:2017-05-02T01:10:00
db:JVNDBid:JVNDB-2016-002477date:2017-10-03T00:00:00
db:CNNVDid:CNNVD-201605-084date:2022-12-14T00:00:00
db:NVDid:CVE-2016-2176date:2023-11-07T02:31:01.193

SOURCES RELEASE DATE

db:VULMONid:CVE-2016-2176date:2016-05-05T00:00:00
db:BIDid:89746date:2016-05-03T00:00:00
db:JVNDBid:JVNDB-2016-002477date:2016-05-10T00:00:00
db:PACKETSTORMid:142803date:2017-06-05T18:18:00
db:PACKETSTORMid:136919date:2016-05-05T16:11:49
db:PACKETSTORMid:140056date:2016-12-07T16:37:31
db:PACKETSTORMid:136912date:2016-05-04T14:53:10
db:PACKETSTORMid:136893date:2016-05-03T22:55:47
db:PACKETSTORMid:137958date:2016-07-19T19:45:20
db:PACKETSTORMid:169652date:2016-05-03T12:12:12
db:CNNVDid:CNNVD-201605-084date:2016-05-04T00:00:00
db:NVDid:CVE-2016-2176date:2016-05-05T01:59:06.340