ID

VAR-201605-0076


CVE

CVE-2016-2106


TITLE

OpenSSL of crypto/evp/evp_enc.c of EVP_EncryptUpdate Function Integer Overflow Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-002473

DESCRIPTION

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. OpenSSL is prone to an integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Following product versions are affected: OpenSSL versions 1.0.2 prior to 1.0.2h are vulnerable. OpenSSL versions 1.0.1 prior to 1.0.1t are vulnerable. OpenSSL Security Advisory [3rd May 2016] ======================================== Memory corruption in the ASN.1 encoder (CVE-2016-2108) ====================================================== Severity: High This issue affected versions of OpenSSL prior to April 2015. The bug causing the vulnerability was fixed on April 18th 2015, and released as part of the June 11th 2015 security releases. The security impact of the bug was not known at the time. In previous versions of OpenSSL, ASN.1 encoding the value zero represented as a negative integer can cause a buffer underflow with an out-of-bounds write in i2c_ASN1_INTEGER. The ASN.1 parser does not normally create "negative zeroes" when parsing ASN.1 input, and therefore, an attacker cannot trigger this bug. However, a second, independent bug revealed that the ASN.1 parser (specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag as a negative zero value. Large universal tags are not present in any common ASN.1 structures (such as X509) but are accepted as part of ANY structures. Therefore, if an application deserializes untrusted ASN.1 structures containing an ANY field, and later reserializes them, an attacker may be able to trigger an out-of-bounds write. This has been shown to cause memory corruption that is potentially exploitable with some malloc implementations. Applications that parse and re-encode X509 certificates are known to be vulnerable. Applications that verify RSA signatures on X509 certificates may also be vulnerable; however, only certificates with valid signatures trigger ASN.1 re-encoding and hence the bug. Specifically, since OpenSSL's default TLS X509 chain verification code verifies the certificate chain from root to leaf, TLS handshakes could only be targeted with valid certificates issued by trusted Certification Authorities. OpenSSL 1.0.2 users should upgrade to 1.0.2c OpenSSL 1.0.1 users should upgrade to 1.0.1o This vulnerability is a combination of two bugs, neither of which individually has security impact. The first bug (mishandling of negative zero integers) was reported to OpenSSL by Huzaifa Sidhpurwala (Red Hat) and independently by Hanno Böck in April 2015. The second issue (mishandling of large universal tags) was found using libFuzzer, and reported on the public issue tracker on March 1st 2016. The fact that these two issues combined present a security vulnerability was reported by David Benjamin (Google) on March 31st 2016. The fixes were developed by Steve Henson of the OpenSSL development team, and David Benjamin. The OpenSSL team would also like to thank Mark Brand and Ian Beer from the Google Project Zero team for their careful analysis of the impact. The fix for the "negative zero" memory corruption bug can be identified by commits 3661bb4e7934668bd99ca777ea8b30eedfafa871 (1.0.2) and 32d3b0f52f77ce86d53f38685336668d47c5bdfe (1.0.1) Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) ====================================================== Severity: High A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI. This issue was introduced as part of the fix for Lucky 13 padding attack (CVE-2013-0169). The padding check was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes. OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 13th of April 2016 by Juraj Somorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx of the OpenSSL development team. EVP_EncodeUpdate overflow (CVE-2016-2105) ========================================= Severity: Low An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by the PEM_write_bio* family of functions. These are mainly used within the OpenSSL command line applications. These internal uses are not considered vulnerable because all calls are bounded with length checks so no overflow is possible. User applications that call these APIs directly with large amounts of untrusted data may be vulnerable. (Note: Initial analysis suggested that the PEM_write_bio* were vulnerable, and this is reflected in the patch commit message. This is no longer believed to be the case). OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team. EVP_EncryptUpdate overflow (CVE-2016-2106) ========================================== Severity: Low An overflow can occur in the EVP_EncryptUpdate() function. Following an analysis of all OpenSSL internal usage of the EVP_EncryptUpdate() function all usage is one of two forms. The first form is where the EVP_EncryptUpdate() call is known to be the first called function after an EVP_EncryptInit(), and therefore that specific call must be safe. The second form is where the length passed to EVP_EncryptUpdate() can be seen from the code to be some small value and therefore there is no possibility of an overflow. Since all instances are one of these two forms, it is believed that there can be no overflows in internal code due to this problem. It should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths. Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances of these calls have also been analysed too and it is believed there are no instances in internal usage where an overflow could occur. This could still represent a security issue for end user code that calls this function directly. OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team. ASN.1 BIO excessive memory allocation (CVE-2016-2109) ===================================================== Severity: Low When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory. Any application parsing untrusted data through d2i BIO functions is affected. The memory based functions such as d2i_X509() are *not* affected. Since the memory based functions are used by the TLS library, TLS applications are not affected. OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 4th April 2016 by Brian Carpenter. The fix was developed by Stephen Henson of the OpenSSL development team. EBCDIC overread (CVE-2016-2176) =============================== Severity: Low ASN1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer. OpenSSL 1.0.2 users should upgrade to 1.0.2h OpenSSL 1.0.1 users should upgrade to 1.0.1t This issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The fix was developed by Matt Caswell of the OpenSSL development team. Note ==== As per our previous announcements and our Release Strategy (https://www.openssl.org/policies/releasestrat.html), support for OpenSSL version 1.0.1 will cease on 31st December 2016. No security updates for that version will be provided after that date. Users of 1.0.1 are advised to upgrade. Support for versions 0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer receiving security updates. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20160503.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html . It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. Security Fix(es): * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. After installing the updated packages, the httpd daemon will be restarted automatically. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03756en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03756en_us Version: 1 HPESBHF03756 rev.1 - HPE Network Products including Comware 7, iMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2017-06-05 Last Updated: 2017-06-05 Potential Security Impact: Remote: Denial of Service (DoS), Disclosure of Sensitive Information Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities with OpenSSL have been addressed for HPE network products including Comware 7, iMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. References: - CVE-2016-2105 - Remote Denial of Service (DoS) - CVE-2016-2106 - Remote Denial of Service (DoS) - CVE-2016-2107 - Remote disclosure of sensitive information - CVE-2016-2108 - Remote Denial of Service (DoS) - CVE-2016-2109 - Remote Denial of Service (DoS) - CVE-2016-2176 - Remote Denial of Service (DoS) SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - VCX Products All versions - Please refer to the RESOLUTION below for a list of updated products. - Comware v7 (CW7) Products All versions - Please refer to the RESOLUTION below for a list of updated products. - HP Intelligent Management Center (iMC) All versions - Please refer to the RESOLUTION below for a list of updated products. BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2016-2105 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-2106 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-2107 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-2108 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-2109 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C) CVE-2016-2176 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 RESOLUTION HPE has made the following software updates available to resolve the vulnerabilities in the Comware 7, iMC and VCX products running OpenSSL. **COMWARE 7 Products** + 12500 (Comware 7) - Version: R7377P02 * HP Network Products - JC072B HP 12500 Main Processing Unit - JC085A HP A12518 Switch Chassis - JC086A HP A12508 Switch Chassis - JC652A HP 12508 DC Switch Chassis - JC653A HP 12518 DC Switch Chassis - JC654A HP 12504 AC Switch Chassis - JC655A HP 12504 DC Switch Chassis - JF430A HP A12518 Switch Chassis - JF430B HP 12518 Switch Chassis - JF430C HP 12518 AC Switch Chassis - JF431A HP A12508 Switch Chassis - JF431B HP 12508 Switch Chassis - JF431C HP 12508 AC Switch Chassis - JG497A HP 12500 MPU w/Comware V7 OS - JG782A HP FF 12508E AC Switch Chassis - JG783A HP FF 12508E DC Switch Chassis - JG784A HP FF 12518E AC Switch Chassis - JG785A HP FF 12518E DC Switch Chassis - JG802A HP FF 12500E MPU * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 10500 (Comware 7) - Version: R7184 * HP Network Products - JC611A HP 10508-V Switch Chassis - JC612A HP 10508 Switch Chassis - JC613A HP 10504 Switch Chassis - JC748A HP 10512 Switch Chassis - JG608A HP FlexFabric 11908-V Switch Chassis - JG609A HP FlexFabric 11900 Main Processing Unit - JG820A HP 10504 TAA Switch Chassis - JG821A HP 10508 TAA Switch Chassis - JG822A HP 10508-V TAA Switch Chassis - JG823A HP 10512 TAA Switch Chassis - JG496A HP 10500 Type A MPU w/Comware v7 OS - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5900/5920 (Comware 7) - Version: R2422P02 * HP Network Products - JC772A HP 5900AF-48XG-4QSFP+ Switch - JG296A HP 5920AF-24XG Switch - JG336A HP 5900AF-48XGT-4QSFP+ Switch - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch - JG555A HP 5920AF-24XG TAA Switch - JG838A HP FF 5900CP-48XG-4QSFP+ Switch - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + MSR1000 (Comware 7) - Version: R0306P52 * HP Network Products - JG875A HP MSR1002-4 AC Router - JH060A HP MSR1003-8S AC Router * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + MSR2000 (Comware 7) - Version: R0306P52 * HP Network Products - JG411A HP MSR2003 AC Router - JG734A HP MSR2004-24 AC Router - JG735A HP MSR2004-48 Router - JG866A HP MSR2003 TAA-compliant AC Router * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + MSR3000 (Comware 7) - Version: R0306P52 * HP Network Products - JG404A HP MSR3064 Router - JG405A HP MSR3044 Router - JG406A HP MSR3024 AC Router - JG407A HP MSR3024 DC Router - JG408A HP MSR3024 PoE Router - JG409A HP MSR3012 AC Router - JG410A HP MSR3012 DC Router - JG861A HP MSR3024 TAA-compliant AC Router * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + MSR4000 (Comware 7) - Version: R0306P52 * HP Network Products - JG402A HP MSR4080 Router Chassis - JG403A HP MSR4060 Router Chassis - JG412A HP MSR4000 MPU-100 Main Processing Unit - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + VSR (Comware 7) - Version: E0324 * HP Network Products - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software - JG811AAE HP VSR1001 Comware 7 Virtual Services Router - JG812AAE HP VSR1004 Comware 7 Virtual Services Router - JG813AAE HP VSR1008 Comware 7 Virtual Services Router * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 7900 (Comware 7) - Version: R2152 * HP Network Products - JG682A HP FlexFabric 7904 Switch Chassis - JG841A HP FlexFabric 7910 Switch Chassis - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5130 (Comware 7) - Version: R3115 * HP Network Products - JG932A HP 5130-24G-4SFP+ EI Switch - JG933A HP 5130-24G-SFP-4SFP+ EI Switch - JG934A HP 5130-48G-4SFP+ EI Switch - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch - JG938A HP 5130-24G-2SFP+-2XGT EI Switch - JG939A HP 5130-48G-2SFP+-2XGT EI Switch - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch - JG975A HP 5130-24G-4SFP+ EI Brazil Switch - JG976A HP 5130-48G-4SFP+ EI Brazil Switch - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 6125XLG - Version: R2422P02 * HP Network Products - 711307-B21 HP 6125XLG Blade Switch - 737230-B21 HP 6125XLG Blade Switch with TAA * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 6127XLG - Version: R2422P02 * HP Network Products - 787635-B21 HP 6127XLG Blade Switch Opt Kit - 787635-B22 HP 6127XLG Blade Switch with TAA * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + Moonshot - Version: R2432 * HP Network Products - 786617-B21 - HP Moonshot-45Gc Switch Module - 704654-B21 - HP Moonshot-45XGc Switch Module - 786619-B21 - HP Moonshot-180XGc Switch Module * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5700 (Comware 7) - Version: R2422P02 * HP Network Products - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5930 (Comware 7) - Version: R2422P02 * HP Network Products - JG726A HP FlexFabric 5930 32QSFP+ Switch - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch - JH179A HP FlexFabric 5930 4-slot Switch - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 1950 (Comware 7) - Version: R3115 * HP Network Products - JG960A HP 1950-24G-4XG Switch - JG961A HP 1950-48G-2SFP+-2XGT Switch - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 7500 (Comware 7) - Version: R7184 * HP Network Products - JD238C HP 7510 Switch Chassis - JD239C HP 7506 Switch Chassis - JD240C HP 7503 Switch Chassis - JD242C HP 7502 Switch Chassis - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit - JH208A HP 7502 Main Processing Unit - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5510HI (Comware 7) - Version: R1120P10 * HP Network Products - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5130HI (Comware 7) - Version: R1120P10 * HP Network Products - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5940 - Version: R2509 * HP Network Products - JH390A HPE FlexFabric 5940 48SFP+ 6QSFP28 Switch - JH391A HPE FlexFabric 5940 48XGT 6QSFP28 Switch - JH394A HPE FlexFabric 5940 48XGT 6QSFP+ Switch - JH395A HPE FlexFabric 5940 48SFP+ 6QSFP+ Switch - JH396A HPE FlexFabric 5940 32QSFP+ Switch - JH397A HPE FlexFabric 5940 2-slot Switch - JH398A HPE FlexFabric 5940 4-slot Switch * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 + 5950 - Version: R6123 * HP Network Products - JH321A HPE FlexFabric 5950 32QSFP28 Switch - JH402A HPE FlexFabric 5950 48SFP28 8QSFP28 Switch - JH404A HPE FlexFabric 5950 4-slot Switch + 12900E (Comware 7) - Version: R2609 * HP Network Products - JG619A HP FlexFabric 12910 Switch AC Chassis - JG621A HP FlexFabric 12910 Main Processing Unit - JG632A HP FlexFabric 12916 Switch AC Chassis - JG634A HP FlexFabric 12916 Main Processing Unit - JH104A HP FlexFabric 12900E Main Processing Unit - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit - JH263A HP FlexFabric 12904E Main Processing Unit - JH255A HP FlexFabric 12908E Switch Chassis - JH262A HP FlexFabric 12904E Switch Chassis - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis - JH103A HP FlexFabric 12916E Switch Chassis * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 **iMC Products** + iNode PC 7.2 (E0410) - Version: 7.2 E0410 * HP Network Products - JD144A HP A-IMC User Access Management Software Module with 200-user License - JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License - JD435A HP A-IMC Endpoint Admission Defense Client Software - JF388A HP IMC User Authentication Management Software Module with 200-user License - JF388AAE HP IMC User Authentication Management Software Module with 200-user E-LTU - JF391A HP IMC Endpoint Admission Defense Software Module with 200-user License - JF391AAE HP IMC Endpoint Admission Defense Software Module with 200-user E-LTU - JG752AAE HP IMC User Access Manager Software Module with 50-user E-LTU - JG754AAE) HP IMC Endpoint Admission Defense Software Module with 50-user E-LTU * CVEs - CVE-2016-2106 - CVE-2016-2109 - CVE-2016-2176 + iMC UAM_TAM 7.2-E0409 - Version: 7.2 E0409 * HP Network Products - JF388A HP IMC UAM S/W MODULE W/200-USER LICENSE - JF388AAE HP IMC UAM S/W MODULE W/200-USER E-LTU - JG752AAE HP IMC UAM SW MOD W/ 50-USER E-LTU - JG483A HP IMC TAM S/W MODULE W/100-NODE LIC - JG483AAE HP IMC TAM S/W MODULE W/100-NODE E-LTU - JG764AAE HP IMC TAM SW MOD W/ 50-NODE E-LTU * CVEs - CVE-2016-2106 - CVE-2016-2109 - CVE-2016-2176 **VCX Products** + VCX - Version: 9.8.19 * HP Network Products - J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr - J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr - JC517A HP VCX V7205 Platform w/DL 360 G6 Server - JE355A HP VCX V6000 Branch Platform 9.0 - JC516A HP VCX V7005 Platform w/DL 120 G6 Server - JC518A HP VCX Connect 200 Primry 120 G6 Server - J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr - JE341A HP VCX Connect 100 Secondary - JE252A HP VCX Connect Primary MIM Module - JE253A HP VCX Connect Secondary MIM Module - JE254A HP VCX Branch MIM Module - JE355A HP VCX V6000 Branch Platform 9.0 - JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod - JD023A HP MSR30-40 Router with VCX MIM Module - JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM - JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod - JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod - JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod - JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS - JE340A HP VCX Connect 100 Pri Server 9.0 - JE342A HP VCX Connect 100 Sec Server 9.0 * CVEs - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2176 **Note:** Please contact HPE Technical Support if any assistance is needed acquiring the software updates. HISTORY Version:1 (rev.1) - 2 June 2017 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. (CVE-2016-5387) * It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method. (CVE-2016-3110) * It was found that OpenSSL's BigNumber Squaring implementation could produce incorrect results under certain special conditions. Note that this issue occurred rarely and with a low probability, and there is currently no known way of exploiting it. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201612-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: December 07, 2016 Bugs: #581234, #585142, #585276, #591454, #592068, #592074, #592082, #594500, #595186 ID: 201612-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSL, the worst of which allows attackers to conduct a time based side-channel attack. Please review the CVE identifiers and the International Association for Cryptologic Research's (IACR) paper, "Make Sure DSA Signing Exponentiations Really are Constant-Time" for further details. Additionally, a time based side-channel attack may allow a local attacker to recover a private DSA key. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j" References ========== [ 1 ] CVE-2016-2105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2105 [ 2 ] CVE-2016-2106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2106 [ 3 ] CVE-2016-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2107 [ 4 ] CVE-2016-2108 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2108 [ 5 ] CVE-2016-2109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2109 [ 6 ] CVE-2016-2176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2176 [ 7 ] CVE-2016-2177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2177 [ 8 ] CVE-2016-2178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2178 [ 9 ] CVE-2016-2180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2180 [ 10 ] CVE-2016-2183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2183 [ 11 ] CVE-2016-6304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6304 [ 12 ] CVE-2016-6305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6305 [ 13 ] CVE-2016-6306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6306 [ 14 ] CVE-2016-7052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7052 [ 15 ] Make Sure DSA Signing Exponentiations Really are Constant-Time http://eprint.iacr.org/2016/594.pdf Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201612-16 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ============================================================================ Ubuntu Security Notice USN-2959-1 May 03, 2016 openssl vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 15.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in OpenSSL. (CVE-2016-2109) As a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 1024 bits, preventing a possible downgrade attack. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.1 Ubuntu 15.10: libssl1.0.0 1.0.2d-0ubuntu1.5 Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.19 Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.36 After a standard system update you need to reboot your computer to make all the necessary changes. This could lead to a heap corruption. This could lead to a heap corruption. CVE-2016-2107 Juraj Somorovsky discovered a padding oracle in the AES CBC cipher implementation based on the AES-NI instruction set. This could allow an attacker to decrypt TLS traffic encrypted with one of the cipher suites based on AES CBC. CVE-2016-2108 David Benjamin from Google discovered that two separate bugs in the ASN.1 encoder, related to handling of negative zero integer values and large universal tags, could lead to an out-of-bounds write. For the unstable distribution (sid), these problems have been fixed in version 1.0.2h-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Enterprise Application Platform 6.4.10 natives update on RHEL 7 Advisory ID: RHSA-2016:2054-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2054.html Issue date: 2016-10-12 CVE Names: CVE-2015-3183 CVE-2015-3195 CVE-2015-4000 CVE-2016-2105 CVE-2016-2106 CVE-2016-2108 CVE-2016-2109 CVE-2016-3110 CVE-2016-4459 ===================================================================== 1. Summary: Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.10 natives, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server - noarch, ppc64, x86_64 3. Description: Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release includes bug fixes and enhancements, as well as a new release of OpenSSL that addresses a number of outstanding security flaws. For further information, see the knowledge base article linked to in the References section. All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 7 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect. Security Fix(es): * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. (CVE-2016-2108) * Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) * A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) * A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites). An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lead to a passive man-in-the-middle attack in which the attacker is able to decrypt all traffic. (CVE-2016-2106) * It was discovered that it is possible to remotely Segfault Apache http server with a specially crafted string sent to the mod_cluster via service messages (MCMP). (CVE-2016-3110) * A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. (CVE-2016-2109) * It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash. (CVE-2016-4459) Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108, CVE-2016-2105, and CVE-2016-2106 and Michal Karm Babacek for reporting CVE-2016-3110. The CVE-2016-4459 issue was discovered by Robert Bost (Red Hat). Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno BAPck, and David Benjamin (Google) as the original reporters of CVE-2016-2108; and Guido Vranken as the original reporter of CVE-2016-2105 and CVE-2016-2106. 4. Solution: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 5. Bugs fixed (https://bugzilla.redhat.com/): 1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks 1243887 - CVE-2015-3183 httpd: HTTP request smuggling attack against chunked request parser 1288322 - CVE-2015-3195 OpenSSL: X509_ATTRIBUTE memory leak 1326320 - CVE-2016-3110 mod_cluster: remotely Segfault Apache http server 1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data 1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder 1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow 1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow 1341583 - CVE-2016-4459 mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute 1345989 - RHEL7 RPMs: Upgrade mod_cluster-native to 1.2.13.Final-redhat-1 1345993 - RHEL7 RPMs: Upgrade mod_jk to 1.2.41.redhat-1 1345997 - RHEL7 RPMs: Upgrade tomcat-native to 1.1.34 6. Package List: Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server: Source: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el7.src.rpm httpd22-2.2.26-56.ep6.el7.src.rpm jbcs-httpd24-openssl-1.0.2h-4.jbcs.el7.src.rpm mod_jk-1.2.41-2.redhat_4.ep6.el7.src.rpm tomcat-native-1.1.34-5.redhat_1.ep6.el7.src.rpm noarch: jbcs-httpd24-1-3.jbcs.el7.noarch.rpm jbcs-httpd24-runtime-1-3.jbcs.el7.noarch.rpm ppc64: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el7.ppc64.rpm hornetq-native-debuginfo-2.3.25-4.SP11_redhat_1.ep6.el7.ppc64.rpm httpd22-2.2.26-56.ep6.el7.ppc64.rpm httpd22-debuginfo-2.2.26-56.ep6.el7.ppc64.rpm httpd22-devel-2.2.26-56.ep6.el7.ppc64.rpm httpd22-manual-2.2.26-56.ep6.el7.ppc64.rpm httpd22-tools-2.2.26-56.ep6.el7.ppc64.rpm jbcs-httpd24-openssl-1.0.2h-4.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-4.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-devel-1.0.2h-4.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-libs-1.0.2h-4.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-perl-1.0.2h-4.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-static-1.0.2h-4.jbcs.el7.ppc64.rpm jbossas-hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el7.ppc64.rpm jbossas-jbossweb-native-1.1.34-5.redhat_1.ep6.el7.ppc64.rpm mod_jk-ap22-1.2.41-2.redhat_4.ep6.el7.ppc64.rpm mod_jk-debuginfo-1.2.41-2.redhat_4.ep6.el7.ppc64.rpm mod_ldap22-2.2.26-56.ep6.el7.ppc64.rpm mod_ssl22-2.2.26-56.ep6.el7.ppc64.rpm tomcat-native-1.1.34-5.redhat_1.ep6.el7.ppc64.rpm tomcat-native-debuginfo-1.1.34-5.redhat_1.ep6.el7.ppc64.rpm x86_64: hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el7.x86_64.rpm hornetq-native-debuginfo-2.3.25-4.SP11_redhat_1.ep6.el7.x86_64.rpm httpd22-2.2.26-56.ep6.el7.x86_64.rpm httpd22-debuginfo-2.2.26-56.ep6.el7.x86_64.rpm httpd22-devel-2.2.26-56.ep6.el7.x86_64.rpm httpd22-manual-2.2.26-56.ep6.el7.x86_64.rpm httpd22-tools-2.2.26-56.ep6.el7.x86_64.rpm jbcs-httpd24-openssl-1.0.2h-4.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-4.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-devel-1.0.2h-4.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-libs-1.0.2h-4.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-perl-1.0.2h-4.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-static-1.0.2h-4.jbcs.el7.x86_64.rpm jbossas-hornetq-native-2.3.25-4.SP11_redhat_1.ep6.el7.x86_64.rpm jbossas-jbossweb-native-1.1.34-5.redhat_1.ep6.el7.x86_64.rpm mod_jk-ap22-1.2.41-2.redhat_4.ep6.el7.x86_64.rpm mod_jk-debuginfo-1.2.41-2.redhat_4.ep6.el7.x86_64.rpm mod_ldap22-2.2.26-56.ep6.el7.x86_64.rpm mod_ssl22-2.2.26-56.ep6.el7.x86_64.rpm tomcat-native-1.1.34-5.redhat_1.ep6.el7.x86_64.rpm tomcat-native-debuginfo-1.1.34-5.redhat_1.ep6.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-3183 https://access.redhat.com/security/cve/CVE-2015-3195 https://access.redhat.com/security/cve/CVE-2015-4000 https://access.redhat.com/security/cve/CVE-2016-2105 https://access.redhat.com/security/cve/CVE-2016-2106 https://access.redhat.com/security/cve/CVE-2016-2108 https://access.redhat.com/security/cve/CVE-2016-2109 https://access.redhat.com/security/cve/CVE-2016-3110 https://access.redhat.com/security/cve/CVE-2016-4459 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2688611 https://access.redhat.com/solutions/222023 https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFX/nCuXlSAg2UNWIIRAq6gAKCk3O4+LVrC6nN6yUHOOzpm8GB7NQCcDcA0 n7n6E5uqbAY0W1AG5Z+9yy8= =6ET2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6.7) - i386, ppc64, s390x, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. (CVE-2016-2105, CVE-2016-2106) * It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. 6.7): Source: openssl-1.0.1e-42.el6_7.5.src.rpm x86_64: openssl-1.0.1e-42.el6_7.5.i686.rpm openssl-1.0.1e-42.el6_7.5.x86_64.rpm openssl-debuginfo-1.0.1e-42.el6_7.5.i686.rpm openssl-debuginfo-1.0.1e-42.el6_7.5.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004 OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following: apache_mod_php Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in PHP versions prior to 5.5.36. These were addressed by updating PHP to version 5.5.36. CVE-2016-4650 Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4647 : Juwei Lin (@fuzzerDOTcn) of Trend Micro Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to determine kernel memory layout Description: An out-of-bounds read was addressed through improved input validation. CVE-2016-4648 : Juwei Lin(@fuzzerDOTcn) of Trend Micro Audio Available for: OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted audio file may lead to the disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2016-4646 : Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative Audio Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4649 : Juwei Lin(@fuzzerDOTcn) of Trend Micro bsdiff Available for: OS X El Capitan v10.11 and later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow existed in bspatch. This issue was addressed through improved bounds checking. CVE-2014-9862 : an anonymous researcher CFNetwork Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to view sensitive user information Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed through improved restrictions. CVE-2016-4645 : Abhinav Bansal of Zscaler Inc. CoreGraphics Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption issue was addressed through improved memory handling. CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CoreGraphics Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to elevate privileges Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation. CVE-2016-4652 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative FaceTime Available for: OS X El Capitan v10.11 and later Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic. CVE-2016-4635 : Martin Vigo Graphics Drivers Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4634 : Stefan Esser of SektionEins ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2016-4632 : Evgeny Sidorov of Yandex ImageIO Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4631 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) ImageIO Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4629 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) CVE-2016-4630 : Tyler Bohan of Cisco Talos (talosintel.com /vulnerability-reports) Intel Graphics Driver Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4633 : an anonymous researcher IOHIDFamily Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A null pointer dereference was addressed through improved input validation. CVE-2016-4626 : Stefan Esser of SektionEins IOSurface Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: A use-after-free was addressed through improved memory management. CVE-2016-4625 : Ian Beer of Google Project Zero Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1863 : Ian Beer of Google Project Zero CVE-2016-1864 : Ju Zhu of Trend Micro CVE-2016-4582 : Shrek_wzw and Proteas of Qihoo 360 Nirvan Team Kernel Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a system denial of service Description: A null pointer dereference was addressed through improved input validation. CVE-2016-1865 : CESG, Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent libc++abi Available for: OS X El Capitan v10.11 and later Impact: An application may be able to execute arbitrary code with root privileges Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4621 : an anonymous researcher libexpat Available for: OS X El Capitan v10.11 and later Impact: Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-0718 : Gustavo Grieco LibreSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in LibreSSL before 2.2.7. These were addressed by updating LibreSSL to version 2.2.7. CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google) Mark Brand, Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An access issue existed in the parsing of maliciously crafted XML files. This issue was addressed through improved input validation. CVE-2016-4449 : Kostya Serebryany libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological University CVE-2016-4448 : Apple CVE-2016-4483 : Gustavo Grieco CVE-2016-4614 : Nick Wellnhofe CVE-2016-4615 : Nick Wellnhofer CVE-2016-4616 : Michael Paddon CVE-2016-4619 : Hanno Boeck libxslt Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-1684 : Nicolas GrA(c)goire CVE-2016-4607 : Nick Wellnhofer CVE-2016-4608 : Nicolas GrA(c)goire CVE-2016-4609 : Nick Wellnhofer CVE-2016-4610 : Nick Wellnhofer CVE-2016-4612 : Nicolas GrA(c)goire Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4640 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to execute arbitrary code leading to the compromise of user information Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4641 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative Login Window Available for: OS X El Capitan v10.11 and later Impact: A local user may be able to cause a denial of service Description: A memory initialization issue was addressed through improved memory handling. CVE-2016-4639 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative Login Window Available for: OS X El Capitan v10.11 and later Impact: A malicious application may be able to gain root privileges Description: A type confusion issue was addressed through improved memory handling. CVE-2016-4638 : Yubin Fu of Tencent KeenLab working with Trend Micro's Zero Day Initiative OpenSSL Available for: OS X El Capitan v10.11 and later Impact: A remote attacker may be able to execute arbitrary code Description: Multiple issues existed in OpenSSL. CVE-2016-2105 : Guido Vranken CVE-2016-2106 : Guido Vranken CVE-2016-2107 : Juraj Somorovsky CVE-2016-2108 : Huzaifa Sidhpurwala (Red Hat), Hanno Boeck, David Benjamin (Google), Mark Brand and Ian Beer of Google Project Zero CVE-2016-2109 : Brian Carpenter CVE-2016-2176 : Guido Vranken QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted FlashPix Bitmap Image may lead to unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-4596 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4597 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4600 : Ke Liu of Tencent's Xuanwu Lab CVE-2016-4602 : Ke Liu of Tencent's Xuanwu Lab QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4598 : Ke Liu of Tencent's Xuanwu Lab QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted SGI file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4601 : Ke Liu of Tencent's Xuanwu Lab QuickTime Available for: OS X El Capitan v10.11 and later Impact: Processing a maliciously crafted Photoshop document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2016-4599 : Ke Liu of Tencent's Xuanwu Lab Safari Login AutoFill Available for: OS X El Capitan v10.11 and later Impact: A user's password may be visible on screen Description: An issue existed in Safari's password auto-fill. This issue was addressed through improved matching of form fields. CVE-2016-4595 : Jonathan Lewis from DeARX Services (PTY) LTD Sandbox Profiles Available for: OS X El Capitan v10.11 and later Impact: A local application may be able to access the process list Description: An access issue existed with privileged API calls. This issue was addressed through additional restrictions. CVE-2016-4594 : Stefan Esser of SektionEins Note: OS X El Capitan 10.11.6 includes the security content of Safari 9.1.2. For further details see https://support.apple.com/kb/HT206900 OS X El Capitan v10.11.6 and Security Update 2016-004 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXjXAvAAoJEIOj74w0bLRG/5EP/2v9SJTrO+/4b3A1gqC1ch8y +cJ04tXRsO7rvjKT5nCylo30U0Sanz/bUbDx4559YS7/P/IyeyZVheaTJwK8wzEy pSOPpy35hUuVIw0/p4YsuHDThSBPFMmDljTxH7elkfuBV1lPSrCkyDXc0re2HxWV xj68zAxtM0jkkhgcxb2ApZSZVXhrjUZtbY0xEVOoWKKFwbMvKfx+4xSqunwQeS1u wevs1EbxfvsZbc3pG+xYcOonbegBzOy9aCvNO1Yv1zG+AYXC5ERMq1vk3PsWOTQN ZVY1I7mvCaEfvmjq2isRw8XYapAIKISDLwMKBSYrZDQFwPQLRi1VXxQZ67Kq1M3k ah04/lr0RIcoosIcBqxD2+1UAFjUzEUNFkYivjhuaeegN2QdL7Ujegf1QjdAt8lk mmKduxYUDOaRX50Kw7n14ZveJqzE1D5I6QSItaZ9M1vR60a7u91DSj9D87vbt1YC JM/Rvf/4vonp1NjwA2JQwCiZfYliBDdn9iiCl8mzxdsSRD/wXcZCs05nnKmKsCfc 55ET7IwdG3622lVheOJGQZuucwJiTn36zC11XVzZysQd/hLD5rUKUQNX1WOgZdzs xPsslXF5MWx9jcdyWVSWxDrN0sFk+GpQFQDuVozP60xuxqR3qQ0TXir2NP39uIF5 YozOGPQFmX0OviWCQsX6 =ng+m -----END PGP SIGNATURE----- . The References section of this erratum contains a download link (you must log in to download the update). (CVE-2014-8176, CVE-2015-0209, CVE-2015-0286, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-3216, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2177, CVE-2016-2178, CVE-2016-2842) * This update fixes several flaws in libxml2. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1834, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483) * This update fixes three flaws in curl. (CVE-2016-5419, CVE-2016-5420, CVE-2016-7141) * This update fixes two flaws in httpd. (CVE-2014-3523, CVE-2015-3185) * This update fixes two flaws in mod_cluster. (CVE-2016-4459, CVE-2016-8612) * A buffer overflow flaw when concatenating virtual host names and URIs was fixed in mod_jk. (CVE-2016-6808) * A memory leak flaw was fixed in expat. JIRA issues fixed (https://issues.jboss.org/): JBCS-50 - CVE-2012-1148 CVE-2012-0876 expat: various flaws [jbews-3.0.0] JBCS-95 - CVE-2014-3523 httpd: WinNT MPM denial of service 6

Trust: 3.06

sources: NVD: CVE-2016-2106 // JVNDB: JVNDB-2016-002473 // BID: 89744 // VULMON: CVE-2016-2106 // PACKETSTORM: 169652 // PACKETSTORM: 138471 // PACKETSTORM: 142803 // PACKETSTORM: 138473 // PACKETSTORM: 140056 // PACKETSTORM: 136895 // PACKETSTORM: 136893 // PACKETSTORM: 139114 // PACKETSTORM: 139167 // PACKETSTORM: 137958 // PACKETSTORM: 139116 // PACKETSTORM: 140182

AFFECTED PRODUCTS

vendor:redhatmodel:enterprise linux hpc node eusscope:eqversion:7.2

Trust: 1.3

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.2

Trust: 1.3

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.2

Trust: 1.3

vendor:opensslmodel:opensslscope:eqversion:1.0.2f

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.2d

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.2c

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6.0

Trust: 1.0

vendor:opensslmodel:opensslscope:lteversion:1.0.1s

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.2g

Trust: 1.0

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:7.0

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.2a

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.2b

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.2e

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:1.0.2

Trust: 1.0

vendor:necmodel:esmpro/serveragentservicescope:eqversion:all versions (linux)

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:express

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:enterprise v8.2 to v9.4

Trust: 0.8

vendor:hitachimodel:cosminexus primary serverscope:eqversion:version 6

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:professional for plug-in

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v8.0

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:(v. 7)

Trust: 0.8

vendor:necmodel:ip38x/3000scope: - version: -

Trust: 0.8

vendor:hitachimodel:web serverscope:eqversion:none

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:foundation v8.2 to v8.5

Trust: 0.8

vendor:hitachimodel:web serverscope:eqversion:- security enhancement

Trust: 0.8

vendor:hitachimodel:ucosminexus service platformscope:eqversion:- messaging

Trust: 0.8

vendor:necmodel:websamscope:eqversion:6.2

Trust: 0.8

vendor:hitachimodel:cosminexus application server version 5scope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linux workstationscope:eqversion:(v. 7)

Trust: 0.8

vendor:red hatmodel:enterprise linux hpc nodescope:eqversion:(v. 6)

Trust: 0.8

vendor:necmodel:ip38x/3500scope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus developer standardscope: - version: -

Trust: 0.8

vendor:necmodel:ip38x/fw120scope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linux hpc node eusscope:eqversion:(v. 7.2)

Trust: 0.8

vendor:necmodel:ip38x/1200scope: - version: -

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v3.0

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:01

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:st ard v8.2 to v9.4

Trust: 0.8

vendor:opensslmodel:opensslscope:ltversion:1.0.1

Trust: 0.8

vendor:necmodel:enterprisedirectoryserverscope:eqversion:ver6.1 to v8.0

Trust: 0.8

vendor:hitachimodel:ucosminexus application server smart editionscope: - version: -

Trust: 0.8

vendor:necmodel:secureware/pki application development kitscope:eqversion:ver3.2

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v3.1

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v6.2

Trust: 0.8

vendor:necmodel:websamscope:eqversion:netvisorpro 6.1

Trust: 0.8

vendor:necmodel:ip38x/810scope: - version: -

Trust: 0.8

vendor:necmodel:webotx enterprise service busscope:eqversion:v8.2 to v9.3

Trust: 0.8

vendor:necmodel:ip38x/n500scope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus developer lightscope: - version: -

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:/sg series sg3600lm/lg/lj v6.1

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v7.0

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:/sg series intersecvm/sg v1.2

Trust: 0.8

vendor:necmodel:ip38x/1210scope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linux desktopscope:eqversion:(v. 6)

Trust: 0.8

vendor:hitachimodel:cosminexus developer version 5scope: - version: -

Trust: 0.8

vendor:necmodel:webotx application serverscope:eqversion:express v8.2 to v9.4

Trust: 0.8

vendor:red hatmodel:enterprise linux serverscope:eqversion:(v. 7)

Trust: 0.8

vendor:hitachimodel:cosminexus developer light version 6scope: - version: -

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v7.1

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:st ard-r

Trust: 0.8

vendor:hitachimodel:ucosminexus primary serverscope:eqversion:base

Trust: 0.8

vendor:red hatmodel:enterprise linux workstationscope:eqversion:(v. 6)

Trust: 0.8

vendor:hitachimodel:ucosminexus service platformscope:eqversion:none

Trust: 0.8

vendor:opensslmodel:opensslscope:eqversion:1.0.1t

Trust: 0.8

vendor:necmodel:capssuitescope:eqversion:v3.0 to v4.0

Trust: 0.8

vendor:hitachimodel:cosminexus primary serverscope:eqversion:base version 6

Trust: 0.8

vendor:hitachimodel:ucosminexus service architectscope: - version: -

Trust: 0.8

vendor:necmodel:univergescope:eqversion:business connect v7.1.1

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v4.0

Trust: 0.8

vendor:red hatmodel:enterprise linux server ausscope:eqversion:(v. 7.2)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.11 and later

Trust: 0.8

vendor:hitachimodel:ucosminexus application server enterprisescope: - version: -

Trust: 0.8

vendor:opensslmodel:opensslscope:ltversion:1.0.2

Trust: 0.8

vendor:necmodel:ip38x/5000scope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linux hpc nodescope:eqversion:(v. 7)

Trust: 0.8

vendor:red hatmodel:enterprise linux server eusscope:eqversion:(v. 7.2)

Trust: 0.8

vendor:necmodel:websamscope:eqversion:7.0

Trust: 0.8

vendor:necmodel:ip38x/sr100scope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus application server standardscope:eqversion:version 6

Trust: 0.8

vendor:hitachimodel:ucosminexus application server standardscope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus application server enterprisescope:eqversion:version 6

Trust: 0.8

vendor:hitachimodel:cosminexus developer standard version 6scope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus developer professional version 6scope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:professional

Trust: 0.8

vendor:opensslmodel:opensslscope:eqversion:1.0.2h

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:v8.2

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:/sg series univerge sg3000lg/lj

Trust: 0.8

vendor:red hatmodel:enterprise linux serverscope:eqversion:(v. 6)

Trust: 0.8

vendor:ciscomodel:registered envelope servicescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence video communication serverscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:paging serverscope:neversion:11.5.1

Trust: 0.6

vendor:ciscomodel:nexus series switches 5.2 sv3scope:neversion:1000v

Trust: 0.6

vendor:ciscomodel:network performance analyticsscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ironport encryption appliancescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:spa51x series ip phonesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mate collectorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ata series analog terminal adaptorscope:eqversion:1900

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:eqversion:30000

Trust: 0.3

vendor:ciscomodel:network health frameworkscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence server on virtual machinescope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:spa232d multi-line dect atascope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.2

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5.2(1)

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.2.1

Trust: 0.3

vendor:ciscomodel:unified series ip phonesscope:neversion:780011.5.2

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:8.3.0.0

Trust: 0.3

vendor:ciscomodel:clean access managerscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:neversion:6.8

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:10.5(3.10000.9)

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:eqversion:10.6(3)

Trust: 0.3

vendor:freebsdmodel:10.2-release-p8scope: - version: -

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.3

Trust: 0.3

vendor:ciscomodel:proactive network operations centerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence server mr2scope:neversion:87104.2

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.40

Trust: 0.3

vendor:ciscomodel:emergency responderscope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:video distribution suite for internet streamingscope:neversion:4.3.2

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.2

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.53

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitor fp1scope:eqversion:4.0.0

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6

Trust: 0.3

vendor:ciscomodel:video surveillance media serverscope:eqversion:0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1escope: - version: -

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:neversion:6.8.2

Trust: 0.3

vendor:ciscomodel:nexus series blade switches 0.9.8zfscope:neversion:4000

Trust: 0.3

vendor:ciscomodel:telepresence isdn linkscope:neversion:1.1.6

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.5

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2gscope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0.1

Trust: 0.3

vendor:ciscomodel:tandberg codian isdn gwscope:eqversion:32400

Trust: 0.3

vendor:ciscomodel:telepresence sx seriesscope:neversion:7.3.7

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1ascope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5.1.6

Trust: 0.3

vendor:ciscomodel:unified intelligent contact management enterprisescope:neversion:11.51

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.0.4

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:85100

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5.1.131

Trust: 0.3

vendor:ciscomodel:unified workforce optimizationscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.1

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:12.1.4

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:neversion:6.8.1

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:neversion:7.5.0.2

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.26

Trust: 0.3

vendor:ciscomodel:mediasense 9.0scope: - version: -

Trust: 0.3

vendor:ibmmodel:abyp-4tl-pscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:cognos business intelligence interim fixscope:neversion:10.1.119

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:1.0.1209

Trust: 0.3

vendor:ciscomodel:asr seriesscope:eqversion:50000

Trust: 0.3

vendor:ibmmodel:aspera sharesscope:neversion:1.9.6

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:8.4.0.0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p26scope: - version: -

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:eqversion:3400

Trust: 0.3

vendor:ciscomodel:enterprise content delivery systemscope:neversion:2.6.8

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.2.0.2

Trust: 0.3

vendor:ciscomodel:prime collaboration assurance sp1scope:neversion:11.5

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp3scope:eqversion:4.0.1

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:10.5(1)

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.3

Trust: 0.3

vendor:ibmmodel:workload deployerscope:eqversion:3.16

Trust: 0.3

vendor:ciscomodel:unified contact center enterprisescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:88310

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.5

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.11

Trust: 0.3

vendor:ciscomodel:intelligent automation for cloudscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:jabber guestscope:eqversion:10.0(2)

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:1.0.3361

Trust: 0.3

vendor:freebsdmodel:10.1-release-p5scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified ip phonesscope:eqversion:69010

Trust: 0.3

vendor:ciscomodel:prime security managerscope:neversion:9.5.4.3

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.13-34

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.1.1

Trust: 0.3

vendor:ciscomodel:im and presence servicescope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:ata analog telephone adaptorscope:neversion:1879.2.5

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp15scope:eqversion:4.0.0

Trust: 0.3

vendor:ciscomodel:jabber guestscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5(2)

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.1

Trust: 0.3

vendor:ibmmodel:real-time compression appliancescope:eqversion:4.1.2

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.4.0.1

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:eqversion:4.2.0.3

Trust: 0.3

vendor:ciscomodel:prime license managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ucs central 1.5scope:neversion: -

Trust: 0.3

vendor:ciscomodel:prime collaboration deploymentscope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:series ip phones vpn featurescope:neversion:8800-11.5.2

Trust: 0.3

vendor:ibmmodel:mobile foundation consumer editionscope:eqversion:6.2.0.1

Trust: 0.3

vendor:ciscomodel:web security appliancescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:1.0.3394

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.2

Trust: 0.3

vendor:ciscomodel:visual quality experience serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:filenet system monitorscope:eqversion:4.5

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1tscope:neversion: -

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for windowsscope:neversion:4.3

Trust: 0.3

vendor:ciscomodel:content security management appliancescope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p28scope: - version: -

Trust: 0.3

vendor:ciscomodel:agent for openflowscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.4.0

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.1

Trust: 0.3

vendor:ibmmodel:image construction and composition toolscope:eqversion:2.3.1.0

Trust: 0.3

vendor:ciscomodel:webex recording playback clientscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime collaboration assurancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:asa next-generation firewall servicesscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p38scope: - version: -

Trust: 0.3

vendor:ciscomodel:telepresence content serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:tandberg codian mse modelscope:eqversion:83200

Trust: 0.3

vendor:oraclemodel:mysql enterprise backupscope:eqversion:3.10.1

Trust: 0.3

vendor:ciscomodel:local collector appliancescope:eqversion:2.2.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.2

Trust: 0.3

vendor:freebsdmodel:9.3-release-p10scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p1scope: - version: -

Trust: 0.3

vendor:ciscomodel:digital media players seriesscope:eqversion:44000

Trust: 0.3

vendor:ciscomodel:mds series multilayer switchesscope:neversion:90008.3

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.16-37

Trust: 0.3

vendor:freebsdmodel:10.2-release-p13scope: - version: -

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1nxscope:neversion:5000

Trust: 0.3

vendor:susemodel:opensuse evergreenscope:eqversion:11.4

Trust: 0.3

vendor:ciscomodel:prime infrastructure standalone plug and play gatewayscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:spa50x series ip phonesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings for blackberryscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors interim fixscope:eqversion:4.014-01

Trust: 0.3

vendor:ibmmodel:security identity manager virtual appliancescope:eqversion:7.0.0.3

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1gscope: - version: -

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:neversion:3.5.1

Trust: 0.3

vendor:oraclemodel:exalogic infrastructurescope:eqversion:2.0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.4

Trust: 0.3

vendor:ciscomodel:telepresence integrator c seriesscope:neversion:7.3.7

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.5

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility clientscope:neversion:4.2

Trust: 0.3

vendor:ciscomodel:wide area application servicesscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:neversion:7.5.1.1

Trust: 0.3

vendor:ibmmodel:workload deployerscope:eqversion:3.1

Trust: 0.3

vendor:ciscomodel:telepresence serverscope:eqversion:87100

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.1

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.4-23

Trust: 0.3

vendor:freebsdmodel:10.2-release-p14scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.1-release-p17scope: - version: -

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.25-57

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.4.6.1146-109

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.18-43

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:neversion:4.1.0.5

Trust: 0.3

vendor:ibmmodel:workload deployer if12scope:neversion:3.1.0.7

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.2.1

Trust: 0.3

vendor:ciscomodel:media services interfacescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexus intercloudscope:eqversion:1000v0

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:neversion:3.5

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:8.5.0.0

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:9.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.1

Trust: 0.3

vendor:ciscomodel:ipsscope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1iscope: - version: -

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.4.2

Trust: 0.3

vendor:ciscomodel:unified workforce optimization quality management sr3 es5scope:neversion:11.0

Trust: 0.3

vendor:ibmmodel:qradarscope:eqversion:7.1

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0

Trust: 0.3

vendor:ciscomodel:meetingplacescope:neversion:2.7

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.1.0.1

Trust: 0.3

vendor:ibmmodel:security identity manager virtual appliancescope:eqversion:7.0.0.2

Trust: 0.3

vendor:oraclemodel:commerce guided searchscope:eqversion:11.2

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:1.0.913

Trust: 0.3

vendor:ciscomodel:unified attendant console advancedscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:neversion:7.0.1.7

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for iosscope:neversion:4.0

Trust: 0.3

vendor:ciscomodel:webex messenger service ep1scope:eqversion:7.9.9

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.3

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:5.1

Trust: 0.3

vendor:ciscomodel:mediasensescope:neversion:11.5.1

Trust: 0.3

vendor:ciscomodel:unified ip phone 9.4.2sr3scope:neversion:8961

Trust: 0.3

vendor:freebsdmodel:10.2-release-p9scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified wireless ip phonescope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1sscope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.1-release-p27scope: - version: -

Trust: 0.3

vendor:ciscomodel:spa122 ata with routerscope:neversion:1.4.5

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:eqversion:1.4.6

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.2

Trust: 0.3

vendor:ciscomodel:webex meeting centerscope:neversion:3.9.1

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.2

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:neversion:6.8.2

Trust: 0.3

vendor:ciscomodel:webex node for mcsscope:neversion:3.12.9.8

Trust: 0.3

vendor:ciscomodel:jabber for androidscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video surveillance 4300e/4500e high-definition ip camerasscope:neversion:3.2.8

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.20

Trust: 0.3

vendor:ibmmodel:mobilefirst platform foundationscope:eqversion:6.3.0.0

Trust: 0.3

vendor:freebsdmodel:10.2-release-p6scope: - version: -

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interix fixscope:eqversion:4.2.0.3

Trust: 0.3

vendor:ciscomodel:unified sip proxyscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:virtual security gateway for microsoft hyper-vscope:neversion:5.2(1)

Trust: 0.3

vendor:ciscomodel:tandberg codian isdn gwscope:eqversion:32100

Trust: 0.3

vendor:ciscomodel:unified attendant console premium editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media players series 5.4 rbscope:neversion:4300

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.11-28

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1

Trust: 0.3

vendor:ibmmodel:qradarscope:eqversion:7.2

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.31

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:6.1.5

Trust: 0.3

vendor:ciscomodel:prime optical for spsscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:neversion:2.2.1

Trust: 0.3

vendor:ibmmodel:abyp-2t-1s-1l-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mds series multilayer switchesscope:neversion:90006.2.17

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.19

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1rscope: - version: -

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for linuxscope:neversion:4.3

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.3

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:7.3.0.0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.03

Trust: 0.3

vendor:ibmmodel:aspera consolescope:neversion:3.1.1

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.5.0.997

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for osscope:neversion:x4.3

Trust: 0.3

vendor:ciscomodel:unified ip phone seriesscope:eqversion:79000

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for androidscope:neversion:4.3

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:connected analytics for collaboration 1.0.1qscope:neversion: -

Trust: 0.3

vendor:ciscomodel:jabber guestscope:neversion:11.0

Trust: 0.3

vendor:ibmmodel:abyp-2t-1s-1l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5.2(2)

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:neversion:6.7.3

Trust: 0.3

vendor:ciscomodel:mmp serverscope:eqversion:0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:13.2

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for imagesscope:eqversion:7.1.1.19

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.30.0-13

Trust: 0.3

vendor:oraclemodel:commerce guided searchscope:eqversion:11.1

Trust: 0.3

vendor:ibmmodel:abyp-10g-2sr-2lr-1-p-mscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for images buildscope:eqversion:7.1.1.20280.6

Trust: 0.3

vendor:ciscomodel:computer telephony integration object serverscope:neversion:11.51

Trust: 0.3

vendor:ciscomodel:unified communications for microsoft lyncscope:neversion:10.6.7

Trust: 0.3

vendor:ciscomodel:prime security managerscope:eqversion:9.3.4.2-4

Trust: 0.3

vendor:ciscomodel:anyres livescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:neversion:7.0.0.14

Trust: 0.3

vendor:ciscomodel:ons series multiservice provisioning platformsscope:neversion:1545410.6.1

Trust: 0.3

vendor:ciscomodel:telepresence isdn linkscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence serverscope:neversion:70104.4

Trust: 0.3

vendor:ciscomodel:packet tracerscope:eqversion:5.2

Trust: 0.3

vendor:ibmmodel:openssh for gpfs for windowsscope:neversion:3.5.0.31

Trust: 0.3

vendor:ciscomodel:agent for openflowscope:neversion:2.0.7

Trust: 0.3

vendor:ciscomodel:unified attendant console business editionscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:eqversion:4.1.0.5

Trust: 0.3

vendor:ibmmodel:cognos business intelligence interim fixscope:neversion:10.2.117

Trust: 0.3

vendor:ciscomodel:unified contact center enterprisescope:neversion:11.51

Trust: 0.3

vendor:ciscomodel:tandberg codian isdn gwscope:eqversion:32200

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5.2(3)

Trust: 0.3

vendor:paloaltonetworksmodel:globalprotect agentscope:eqversion:3.1.0

Trust: 0.3

vendor:ciscomodel:webex meetings for wp8scope:neversion:3.0

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.54

Trust: 0.3

vendor:ibmmodel:abyp-2t-2s-0l-pscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:2.1

Trust: 0.3

vendor:ciscomodel:webex meetings for androidscope:neversion:9.1

Trust: 0.3

vendor:ciscomodel:mds series multilayer switches 7.3.1nxscope:neversion:9000

Trust: 0.3

vendor:ciscomodel:mds series multilayer switchesscope:eqversion:90000

Trust: 0.3

vendor:ciscomodel:ios software and cisco ios xe softwarescope:neversion:16.3.1

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.0.2

Trust: 0.3

vendor:ciscomodel:webex meeting centerscope:neversion:3.9.0.5

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.15-36

Trust: 0.3

vendor:ciscomodel:ace application control engine modulescope:eqversion:300

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:neversion:6.7.3

Trust: 0.3

vendor:oraclemodel:exalogic infrastructurescope:eqversion:1.0

Trust: 0.3

vendor:ibmmodel:proventia network enterprise scannerscope:eqversion:2.3

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1.4

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment buildscope:neversion:5.1.1051.08

Trust: 0.3

vendor:ciscomodel:nac guest serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:local collector appliancescope:eqversion:2.2.10

Trust: 0.3

vendor:ciscomodel:enterprise content delivery systemscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:10.5(1)

Trust: 0.3

vendor:ciscomodel:email security appliancescope:eqversion:0

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:neversion:5.0.22

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.2.11

Trust: 0.3

vendor:ibmmodel:mobile foundation consumer editionscope:eqversion:6.2.0.0

Trust: 0.3

vendor:ciscomodel:prime collaboration deploymentscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings client hosted t31r1sp6scope:neversion: -

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fix1scope:eqversion:4.3.0.6

Trust: 0.3

vendor:freebsdmodel:9.3-release-p35scope: - version: -

Trust: 0.3

vendor:ciscomodel:dx series ip phonesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:virtualization experience media enginescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:neversion:60002.8

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:3x000

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.18

Trust: 0.3

vendor:ciscomodel:packet tracerscope:eqversion:5.3

Trust: 0.3

vendor:ciscomodel:unified sip proxyscope:neversion:10.0

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.7.12

Trust: 0.3

vendor:ibmmodel:aspera sharesscope:eqversion:1.9.3

Trust: 0.3

vendor:ibmmodel:abyp-0t-4s-0l-pscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.2-release-p10scope: - version: -

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.0.0.1

Trust: 0.3

vendor:ciscomodel:spa50x series ip phonesscope:neversion:7.6.5

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7

Trust: 0.3

vendor:ibmmodel:abyp-4ts-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:8.5

Trust: 0.3

vendor:ciscomodel:ata series analog terminal adaptorscope:neversion:1901.3

Trust: 0.3

vendor:oraclemodel:commerce guided searchscope:eqversion:11.0

Trust: 0.3

vendor:ciscomodel:digital media players series 5.4 rbscope:neversion:4400

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.4

Trust: 0.3

vendor:ciscomodel:virtualization experience media enginescope:neversion:11.5.1

Trust: 0.3

vendor:ibmmodel:abyp-10g-4lr-1-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:eqversion:3200

Trust: 0.3

vendor:ibmmodel:abyp-10g-4lr-1-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video surveillance ptz ip camerasscope:neversion:2.8

Trust: 0.3

vendor:freebsdmodel:9.3-release-p2scope: - version: -

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:8.6

Trust: 0.3

vendor:ciscomodel:unified communications for microsoft lyncscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:jabber software development kitscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:spa122 ata with routerscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-stablescope:neversion: -

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactions if03scope:eqversion:7.4.0.1

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.4

Trust: 0.3

vendor:ciscomodel:identity services enginescope:neversion:2.2.1

Trust: 0.3

vendor:oraclemodel:commerce experience managerscope:eqversion:11.2

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.1

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment buildscope:eqversion:5.1.151.05

Trust: 0.3

vendor:freebsdmodel:10.1-release-p9scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:neversion:2.7

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:7.3

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.1.2.2

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.21

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(2.10000.5)

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1cscope: - version: -

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.1.1.0

Trust: 0.3

vendor:ciscomodel:telepresence mx seriesscope:neversion:7.3.7

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:neversion:3204.4

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:neversion:6.8

Trust: 0.3

vendor:ibmmodel:qradar siem/qrif/qrm/qvm patchscope:neversion:7.2.71

Trust: 0.3

vendor:ciscomodel:digital media players series 5.3 rbscope:eqversion:4300

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:1.0.1768

Trust: 0.3

vendor:ciscomodel:telepresence profile seriesscope:neversion:7.3.7

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.41

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.1

Trust: 0.3

vendor:ibmmodel:openssh for gpfs for windowsscope:eqversion:3.5

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.11.6

Trust: 0.3

vendor:ibmmodel:abyp-0t-0s-4l-p-mscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.0.5

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1fscope: - version: -

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1nxscope:neversion:7000

Trust: 0.3

vendor:ciscomodel:jabber for android mrscope:neversion:11.6

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2ascope: - version: -

Trust: 0.3

vendor:ibmmodel:abyp-4t-0s-0l-p-mscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:algo audit and compliancescope:eqversion:2.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2fscope: - version: -

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.5

Trust: 0.3

vendor:ciscomodel:connected grid router-cgosscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:1.0.2919

Trust: 0.3

vendor:ibmmodel:worklight enterprise editionscope:eqversion:6.1.0.0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for imagesscope:eqversion:7.1.1.0

Trust: 0.3

vendor:ciscomodel:telepresence server on virtual machine mr2scope:neversion:4.2

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility clientscope:neversion:4.3

Trust: 0.3

vendor:ciscomodel:unified ip phonesscope:eqversion:69450

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:60008.3

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.15

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.30.2-9

Trust: 0.3

vendor:ibmmodel:abyp-0t-2s-2l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:70008.3

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.2

Trust: 0.3

vendor:ciscomodel:webex meetings server ssl gatewayscope:eqversion:-0

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.25

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.4.6.1146-110

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.4

Trust: 0.3

vendor:ibmmodel:messagesightscope:eqversion:1.2

Trust: 0.3

vendor:ciscomodel:prime network services controllerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:neversion:6.8.1

Trust: 0.3

vendor:ciscomodel:ironport email security appliancescope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p3scope: - version: -

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:prime collaboration provisioningscope:neversion:11.2

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:eqversion:1.5.0.12

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.4.6.1146-113

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:neversion:6.8

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.3

Trust: 0.3

vendor:ciscomodel:spa30x series ip phonesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1.2

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.30-12

Trust: 0.3

vendor:ciscomodel:webex meetings client on premisesscope:eqversion:-0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.3

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:7.1.1.19

Trust: 0.3

vendor:ciscomodel:telepresence serverscope:eqversion:70100

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.3(1)

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media managerscope:neversion:5.4

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:5.0.2

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:1.0.2

Trust: 0.3

vendor:ibmmodel:bm security identity governance and intelligencescope:eqversion:5.2.1

Trust: 0.3

vendor:ciscomodel:security managerscope:neversion:4.12

Trust: 0.3

vendor:ibmmodel:mobilefirst platform foundationscope:eqversion:7.1.0.0

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1.7

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5(.1.131)

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2dscope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.3

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:onepk all-in-one vmscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:9.1(1)

Trust: 0.3

vendor:ciscomodel:prime lan management solutionscope:eqversion:-0

Trust: 0.3

vendor:ibmmodel:algo audit and compliance ifscope:neversion:2.1.0.32

Trust: 0.3

vendor:ciscomodel:spa525gscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:eqversion:4.3.0.4

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:neversion:6.8.1

Trust: 0.3

vendor:freebsdmodel:9.3-release-p25scope: - version: -

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:7.0.0.0

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.0

Trust: 0.3

vendor:ibmmodel:abyp-0t-2s-2l-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified attendant console department editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified ip phone 9.4.2sr3scope:neversion:9971

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.1

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.29-9

Trust: 0.3

vendor:ciscomodel:series ip phones vpn featurescope:eqversion:8800-0

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1dxscope:neversion:6000

Trust: 0.3

vendor:ibmmodel:abyp-2t-0s-2l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:spa112 2-port phone adapterscope:neversion:1.4.5

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.2.0.6

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:1.0.3387

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.1.1

Trust: 0.3

vendor:ciscomodel:telepresence server mr2scope:neversion:70104.2

Trust: 0.3

vendor:ciscomodel:webex messenger servicescope:neversion:7.20

Trust: 0.3

vendor:ibmmodel:abyp-10g-4sr-1-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:neversion:3.2

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.0.0

Trust: 0.3

vendor:freebsdmodel:10.3-stablescope:neversion: -

Trust: 0.3

vendor:oraclemodel:commerce guided searchscope:eqversion:6.1.4

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:12.2.2

Trust: 0.3

vendor:oraclemodel:mysql enterprise backupscope:eqversion:3.10

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.2

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:connected grid router 15.6.2.15tscope:neversion: -

Trust: 0.3

vendor:ciscomodel:video distribution suite for internet streamingscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media players series 5.4 rbscope:eqversion:4300

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty media mr2scope:neversion:3204.2

Trust: 0.3

vendor:oraclemodel:linuxscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:5.1.116

Trust: 0.3

vendor:ciscomodel:cloupia unified infrastructure controllerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:neversion:11.5:20

Trust: 0.3

vendor:ciscomodel:jabber for macscope:neversion:11.7

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.20

Trust: 0.3

vendor:ciscomodel:agent desktop for cisco unified contact center expressscope:eqversion:0

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.1

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:eqversion:70000

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty media mr2scope:neversion:3104.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:70006.2.17

Trust: 0.3

vendor:ciscomodel:digital media players series 5.3 rbscope:eqversion:4400

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1nscope: - version: -

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:eqversion:3204.1

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:neversion:6.7.3

Trust: 0.3

vendor:ciscomodel:packet tracerscope:neversion:7.0

Trust: 0.3

vendor:ciscomodel:network analysis modulescope:neversion:6.3.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1oscope: - version: -

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:eqversion:60000

Trust: 0.3

vendor:ciscomodel:unified wireless ip phonescope:neversion:1.5.1

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for windowsscope:neversion:4.0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:neversion:8.0.1.4

Trust: 0.3

vendor:ciscomodel:virtual security gateway vsg2scope:neversion: -

Trust: 0.3

vendor:slackwaremodel:linux x86 64 -currentscope: - version: -

Trust: 0.3

vendor:ibmmodel:workload deployerscope:eqversion:3.17

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.1

Trust: 0.3

vendor:ciscomodel:policy suitescope:eqversion:0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.0

Trust: 0.3

vendor:ciscomodel:webex meetings client on premisesscope:neversion:-2.7

Trust: 0.3

vendor:freebsdmodel:10.2-release-p12scope: - version: -

Trust: 0.3

vendor:ciscomodel:spa51x series ip phonesscope:neversion:7.6.5

Trust: 0.3

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.55

Trust: 0.3

vendor:ciscomodel:unified ip conference phone for third-party call controlscope:eqversion:88310

Trust: 0.3

vendor:ciscomodel:unified intelligence centerscope:neversion:11.5.1

Trust: 0.3

vendor:ciscomodel:telepresence server on virtual machinescope:neversion:4.4

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:7.9.0.0

Trust: 0.3

vendor:ciscomodel:common services platform collectorscope:neversion:1.9.1

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:8.7

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2escope: - version: -

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.0.2

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.2

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(3.10000.9)

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:neversion:11.5

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1qscope: - version: -

Trust: 0.3

vendor:ciscomodel:dcm series 9900-digital content managerscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.3

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.16

Trust: 0.3

vendor:ciscomodel:digital media managerscope:neversion:5.3

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for iosscope:neversion:4.2

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.2.0.0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment intirim fixscope:eqversion:5.133

Trust: 0.3

vendor:ciscomodel:telepresence sx seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector sflowscope:neversion:6.8.2

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for windowsscope:neversion:4.2

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.2.2

Trust: 0.3

vendor:ciscomodel:webex meetings client hostedscope:eqversion:-0

Trust: 0.3

vendor:ciscomodel:webex meetings for wp8scope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.13

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:eqversion:1.4.6.1146-108

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unixscope:neversion:1.5.0.13

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:5.2(2.1)

Trust: 0.3

vendor:ciscomodel:webex meetings for wp8scope:neversion:2.6.1

Trust: 0.3

vendor:ciscomodel:physical access control gatewayscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:wide area application servicesscope:neversion:5.5.7

Trust: 0.3

vendor:freebsdmodel:9.3-release-p24scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex messenger servicescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security privileged identity managerscope:eqversion:2.0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p19scope: - version: -

Trust: 0.3

vendor:ciscomodel:mmp serverscope:neversion:3.10

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.0.1

Trust: 0.3

vendor:ciscomodel:prime ip expressscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:application and content networking systemscope:neversion:5.5.41

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.0

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:5.3

Trust: 0.3

vendor:oraclemodel:mysql workbenchscope:eqversion:6.1.4

Trust: 0.3

vendor:freebsdmodel:10.1-release-p30scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p13scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.2.1

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3

Trust: 0.3

vendor:ciscomodel:intelligent automation for cloudscope:neversion:0.9.8

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.1.1

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:5.0.1

Trust: 0.3

vendor:ciscomodel:edge digital media player 1.6rb4 5scope:neversion:300

Trust: 0.3

vendor:ciscomodel:mds series multilayer switches 7.3.1dxscope:neversion:9000

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:99510

Trust: 0.3

vendor:ibmmodel:abyp-10g-4sr-1-pscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p36scope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.6

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:89450

Trust: 0.3

vendor:ciscomodel:digital media managerscope:neversion:5.4.1

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment buildscope:eqversion:7.1.1.20280.6

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowsensorscope:neversion:6.8.2

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:neversion:30002.8

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.10

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:9.2

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.12

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.28

Trust: 0.3

vendor:ciscomodel:webex meeting centerscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.11

Trust: 0.3

vendor:ciscomodel:partner supporting servicescope:eqversion:1.0

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:neversion:7.1.0.11

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.29

Trust: 0.3

vendor:ciscomodel:mobility services enginescope:neversion:8.0

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:neversion:3401.2.0.20

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.1

Trust: 0.3

vendor:ibmmodel:abyp-0t-4s-0l-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:spa30x series ip phonesscope:neversion:7.6.5

Trust: 0.3

vendor:ciscomodel:unified series ip phonesscope:eqversion:78000

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:neversion:7.2.0.8

Trust: 0.3

vendor:ciscomodel:digital media players series 5.4 rbscope:eqversion:4400

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.13

Trust: 0.3

vendor:freebsdmodel:10.2-release-p11scope: - version: -

Trust: 0.3

vendor:ibmmodel:enterprise content management system monitorscope:eqversion:5.1

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:42000

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:neversion:9.0.1.0

Trust: 0.3

vendor:ciscomodel:socialminerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:standalone rack server cimcscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:8.2.0.0

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:spa112 2-port phone adapterscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:mysql enterprise backupscope:eqversion:3.12.2

Trust: 0.3

vendor:ciscomodel:intracerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:neversion:6.8

Trust: 0.3

vendor:ciscomodel:jabber for apple iosscope:neversion:11.6.2

Trust: 0.3

vendor:ciscomodel:video surveillance series high-definition ip camerasscope:neversion:40002.4.7

Trust: 0.3

vendor:ciscomodel:video surveillance media serverscope:eqversion:7.7

Trust: 0.3

vendor:freebsdmodel:9.3-release-p33scope: - version: -

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.5

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deployment buildscope:eqversion:5.1.1051.07

Trust: 0.3

vendor:ibmmodel:mq appliance m2001scope: - version: -

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.24

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:84200

Trust: 0.3

vendor:ciscomodel:jabber for windowsscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ironport email security appliancescope:neversion:10.5

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.2

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for linuxscope:neversion:4.0

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.112

Trust: 0.3

vendor:ciscomodel:spa525gscope:neversion:7.6.5

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.2.0.3

Trust: 0.3

vendor:ciscomodel:mmp serverscope:neversion:3.9.0.5

Trust: 0.3

vendor:freebsdmodel:9.3-release-p41scope:neversion: -

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp1scope:eqversion:4.0.1

Trust: 0.3

vendor:ciscomodel:telepresence integrator c seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime network registrarscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:cloud object storescope:neversion:3.8

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for androidscope:neversion:4.0

Trust: 0.3

vendor:ibmmodel:cognos business intelligence fixpackscope:eqversion:10.2.12

Trust: 0.3

vendor:oraclemodel:commerce experience managerscope:eqversion:6.1.4

Trust: 0.3

vendor:ciscomodel:telepresence sx seriesscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p25scope: - version: -

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:enterprise content management system monitorscope:eqversion:5.2

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.5.1.5

Trust: 0.3

vendor:ciscomodel:registered envelope servicescope:neversion:5.0

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.5.1.0

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.4

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:neversion:6.8.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors fp2scope:eqversion:4.0.1

Trust: 0.3

vendor:ibmmodel:cognos business intelligencescope:eqversion:10.2.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitor fp14scope:eqversion:4.0.0

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:99710

Trust: 0.3

vendor:ciscomodel:telepresence content serverscope:neversion:7.2

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:8.5(4)

Trust: 0.3

vendor:ciscomodel:meetingplacescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:neversion:3104.4

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1.4

Trust: 0.3

vendor:ibmmodel:security guardiumscope:eqversion:10.0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:5.1.0.2

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for linuxscope:neversion:4.2

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.3.0.6

Trust: 0.3

vendor:ibmmodel:mq appliance m2000scope: - version: -

Trust: 0.3

vendor:ciscomodel:ata analog telephone adaptorscope:eqversion:1870

Trust: 0.3

vendor:ciscomodel:asa cx and prime security managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:universal small cell seriesscope:neversion:50003.5.12.21

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1mscope: - version: -

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:13.1

Trust: 0.3

vendor:ciscomodel:expressway seriesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for androidscope:neversion:4.2

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:10.0(1)

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:50007.3.1

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:8.5(3)

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:6.0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p6scope: - version: -

Trust: 0.3

vendor:ibmmodel:security identity manager virtual appliancescope:eqversion:7.0.1.0

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.1.0.2

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:eqversion:3000

Trust: 0.3

vendor:ciscomodel:unified ip phone 9.4.2sr3scope:neversion:8945

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.18-49

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.0(1.10000.12)

Trust: 0.3

vendor:ciscomodel:telepresence ex seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:1000v0

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.3

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2.3

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1.6

Trust: 0.3

vendor:ciscomodel:mate designscope:eqversion:0

Trust: 0.3

vendor:opensslmodel:project opensslscope:eqversion:1.0.1

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:9.0.0.1

Trust: 0.3

vendor:ibmmodel:rational insightscope:eqversion:1.1.1.5

Trust: 0.3

vendor:freebsdmodel:10.3-rc2scope: - version: -

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.13-41

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.1

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.0

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:network admission controlscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified communications for microsoft lyncscope:neversion:11.6

Trust: 0.3

vendor:ciscomodel:identity services enginescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.4

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1jscope: - version: -

Trust: 0.3

vendor:ciscomodel:universal small cell seriesscope:eqversion:70003.4.2.0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p33scope:neversion: -

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1dxscope:neversion:5000

Trust: 0.3

vendor:ciscomodel:telepresence conductorscope:neversion:4.3

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:2.2

Trust: 0.3

vendor:ibmmodel:abyp-0t-0s-4l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified attendant console standardscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.115

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.4.0.0

Trust: 0.3

vendor:ibmmodel:security identity manager virtual appliancescope:eqversion:7.0.1.1

Trust: 0.3

vendor:ibmmodel:jazz reporting servicescope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:connected grid routersscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mate livescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.13

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:1.5(.1.6)

Trust: 0.3

vendor:oraclemodel:commerce experience managerscope:eqversion:11.1

Trust: 0.3

vendor:ciscomodel:telepresence integrator c seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified workforce optimization sr3 es5scope:neversion:11.0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1dscope: - version: -

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.2

Trust: 0.3

vendor:ciscomodel:unified communications manager 10.5 su3scope: - version: -

Trust: 0.3

vendor:ibmmodel:jazz reporting servicescope:eqversion:5.0.2

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:aspera sharesscope:eqversion:1.9.4

Trust: 0.3

vendor:ibmmodel:abyp-2t-2s-0l-p-mscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:abyp-4tl-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nac serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:neversion:6.7.3

Trust: 0.3

vendor:ciscomodel:application policy infrastructure controllerscope:neversion:2.0(0.400)

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:1.0.3381

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.9-34

Trust: 0.3

vendor:oraclemodel:enterprise managerscope:eqversion:12.3.2

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.3

Trust: 0.3

vendor:ibmmodel:abyp-4ts-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media players seriesscope:eqversion:43000

Trust: 0.3

vendor:ibmmodel:workload deployerscope:eqversion:3.11

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:eqversion:3100

Trust: 0.3

vendor:freebsdmodel:9.3-release-p31scope: - version: -

Trust: 0.3

vendor:ibmmodel:security proventia network active bypass 0343c3cscope: - version: -

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.23

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fix1scope:neversion:4.3.0.6

Trust: 0.3

vendor:ciscomodel:unified ip phones 9.3 sr3scope:neversion:6901

Trust: 0.3

vendor:ciscomodel:digital media managerscope:neversion:5.3.6

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1.3

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:11.0(0.98000.225)

Trust: 0.3

vendor:ciscomodel:prime networkscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for iosscope:neversion:4.3

Trust: 0.3

vendor:ciscomodel:prime performance managerscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.02

Trust: 0.3

vendor:ciscomodel:prime collaboration provisioningscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:network analysis modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:websphere application server liberty profilescope:eqversion:8.5.5

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.30

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.12

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.4

Trust: 0.3

vendor:ciscomodel:unity connectionscope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:telepresence video communication serverscope:neversion:8.8

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch smcscope:neversion:6.8.2

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(1.98991.13)

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.1.2.0

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.16

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:7

Trust: 0.3

vendor:ibmmodel:abyp-10g-2sr-2lr-1-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime optical for spsscope:neversion:10.6

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:45000

Trust: 0.3

vendor:ciscomodel:telepresence serverscope:neversion:87104.4

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:8.1.0.0

Trust: 0.3

vendor:ciscomodel:telepresence isdn gwscope:eqversion:32410

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.4

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:50008.3

Trust: 0.3

vendor:freebsdmodel:10.1-release-p31scope: - version: -

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.0

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors interim fixscope:eqversion:4.0.12-04

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.1.2.1

Trust: 0.3

vendor:ciscomodel:netflow generation appliancescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:neversion:2.1.2.3

Trust: 0.3

vendor:ibmmodel:aspera sharesscope:eqversion:1.9.2

Trust: 0.3

vendor:ciscomodel:telepresence server on multiparty mediascope:eqversion:3104.1

Trust: 0.3

vendor:ciscomodel:telepresence ex seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings server ssl gatewayscope:neversion:-2.7

Trust: 0.3

vendor:ciscomodel:telepresence server on virtual machinescope:eqversion:0

Trust: 0.3

vendor:hpmodel:system management homepagescope:neversion:7.6

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.1.0.5

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:7.5

Trust: 0.3

vendor:ciscomodel:webex meetings for androidscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:10.5(1.10000.5)

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.6

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactions if37scope:eqversion:7.3.0.1

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.6

Trust: 0.3

vendor:ibmmodel:tivoli network manager ip edition fix packscope:eqversion:3.94

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.0

Trust: 0.3

vendor:oraclemodel:commerce experience managerscope:eqversion:11.0

Trust: 0.3

vendor:ciscomodel:prime license managerscope:neversion:11.5

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:1.0.3376

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:messagesightscope:eqversion:1.1

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:5.1.3

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:2.18-42

Trust: 0.3

vendor:ciscomodel:video surveillance series ip camerasscope:neversion:70002.8

Trust: 0.3

vendor:ciscomodel:expressway seriesscope:neversion:8.8

Trust: 0.3

vendor:ibmmodel:abyp-4t-0s-0l-pscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:email security appliancescope:neversion:10.5

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:worklight enterprise editionscope:eqversion:6.1.0.2

Trust: 0.3

vendor:ciscomodel:virtual security gateway for microsoft hyper-v vsg2scope:neversion: -

Trust: 0.3

vendor:oraclemodel:vm virtualboxscope:eqversion:5.0.14

Trust: 0.3

vendor:ciscomodel:connected grid router cgos 15.6.2.15tscope:neversion: -

Trust: 0.3

vendor:ciscomodel:wide area application servicesscope:neversion:6.2.3

Trust: 0.3

vendor:freebsdmodel:9.3-release-p5scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors interim fixscope:eqversion:4.0.12-01

Trust: 0.3

vendor:ciscomodel:unified intelligent contact management enterprisescope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security identity manager virtual appliancescope:eqversion:7.0.0.1

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1nxscope:neversion:6000

Trust: 0.3

vendor:ciscomodel:application and content networking systemscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mmp serverscope:neversion:3.9.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1kscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p39scope: - version: -

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for iosscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:sterling connect:express for unix ifixscope:neversion:1.4.6.1146-114

Trust: 0.3

vendor:ciscomodel:telepresence mx seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.5

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.16

Trust: 0.3

vendor:ciscomodel:spa232d multi-line dect atascope:neversion:1.4.5

Trust: 0.3

vendor:slackwaremodel:linux -currentscope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for images buildscope:neversion:7.1.1.20290.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1bscope: - version: -

Trust: 0.3

vendor:ciscomodel:telepresence profile seriesscope:neversion:8.1.2

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.0.0.13

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for osscope:neversion:x4.2

Trust: 0.3

vendor:ibmmodel:tivoli netcool system service monitors interim fixscope:eqversion:4.014-08

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:neversion:6.8

Trust: 0.3

vendor:ciscomodel:universal small cell seriesscope:neversion:70003.5.12.21

Trust: 0.3

vendor:ciscomodel:telepresence conductorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:application policy infrastructure controllerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:jabber for macscope:eqversion:0

Trust: 0.3

vendor:paloaltonetworksmodel:globalprotect agentscope:neversion:3.1.1

Trust: 0.3

vendor:ciscomodel:dcm series 9900-digital content managerscope:neversion:19.0

Trust: 0.3

vendor:ibmmodel:image construction and composition toolscope:eqversion:2.3.2.0

Trust: 0.3

vendor:freebsdmodel:10.3-release-p1scope: - version: -

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1

Trust: 0.3

vendor:ibmmodel:security access managerscope:eqversion:9.0

Trust: 0.3

vendor:ciscomodel:video surveillance 4300e/4500e high-definition ip camerasscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:1.0.1876

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:9.0

Trust: 0.3

vendor:freebsdmodel:10.3-release-p2scope:neversion: -

Trust: 0.3

vendor:ciscomodel:unified ip phone 9.4.2sr3scope:neversion:9951

Trust: 0.3

vendor:ciscomodel:local collector appliancescope:neversion:2.2.12

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:worklight enterprise editionscope:eqversion:6.1.0.1

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.32

Trust: 0.3

vendor:ibmmodel:pureapplication systemscope:eqversion:2.1.0.0

Trust: 0.3

vendor:ciscomodel:content security appliance updater serversscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p29scope: - version: -

Trust: 0.3

vendor:ciscomodel:connected analytics for collaborationscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:multicast managerscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-release-p23scope: - version: -

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch flowcollector netflowscope:neversion:6.7.3

Trust: 0.3

vendor:ibmmodel:cognos business intelligence serverscope:eqversion:10.2

Trust: 0.3

vendor:ciscomodel:telepresence ex seriesscope:neversion:7.3.7

Trust: 0.3

vendor:applemodel:mac os security updatescope:neversion:x2016

Trust: 0.3

vendor:freebsdmodel:10.1-release-p16scope: - version: -

Trust: 0.3

vendor:ibmmodel:jazz reporting servicescope:eqversion:5.0.1

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.1

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:50006.2.17

Trust: 0.3

vendor:ibmmodel:security proventia network active bypassscope:eqversion:3.30.4-12

Trust: 0.3

vendor:ciscomodel:webex node for mcsscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:emergency responder 10.5scope: - version: -

Trust: 0.3

vendor:ibmmodel:security identity manager virtual appliancescope:eqversion:7.0.0.0

Trust: 0.3

vendor:ibmmodel:qradar siem mr2 patchscope:neversion:7.113

Trust: 0.3

vendor:ciscomodel:unified communications manager session management editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexusscope:neversion:900012.0

Trust: 0.3

vendor:ciscomodel:lancope stealthwatch udp directorscope:neversion:6.8.1

Trust: 0.3

vendor:freebsdmodel:9.3-release-p6scope: - version: -

Trust: 0.3

vendor:ciscomodel:video surveillance ptz ip camerasscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:virtualization experience media enginescope:neversion:11.7(0)

Trust: 0.3

vendor:ciscomodel:telepresence serial gateway seriesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:7.2

Trust: 0.3

vendor:freebsdmodel:9.3-release-p9scope: - version: -

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.3

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2cscope: - version: -

Trust: 0.3

vendor:ciscomodel:webex meetings server 2.5mr2scope: - version: -

Trust: 0.3

vendor:ciscomodel:virtual security gateway for microsoft hyper-vscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:services analytic platformscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:jabber for apple iosscope:neversion:11.7

Trust: 0.3

vendor:ciscomodel:unified ip phone seriesscope:eqversion:79009.4(2)

Trust: 0.3

vendor:ciscomodel:unified ip phonescope:eqversion:89610

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:neversion:60006.2.17

Trust: 0.3

vendor:ibmmodel:workload deployerscope:eqversion:3.12

Trust: 0.3

vendor:ibmmodel:tivoli common reportingscope:eqversion:3.1.2

Trust: 0.3

vendor:ciscomodel:unified series ip conference phonescope:eqversion:88310

Trust: 0.3

vendor:ciscomodel:video surveillance media serverscope:neversion:7.9

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:neversion:11.5

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.1

Trust: 0.3

vendor:ciscomodel:agent for openflowscope:neversion:2.1.5

Trust: 0.3

vendor:freebsdmodel:10.2-release-p16scope:neversion: -

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.27

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2hscope:neversion: -

Trust: 0.3

vendor:ciscomodel:virtual security gatewayscope:neversion:5.2(1)

Trust: 0.3

vendor:ciscomodel:unified attendant console enterprise editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified contact center expressscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:security network controllerscope:eqversion:1.0.3379

Trust: 0.3

vendor:ciscomodel:policy suitescope:neversion:10.0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for os deploymentscope:eqversion:7.1.1

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.2

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.2bscope: - version: -

Trust: 0.3

vendor:oraclemodel:mysql serverscope:eqversion:5.6.22

Trust: 0.3

vendor:ciscomodel:prime data center network managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified computing systemscope:eqversion: -

Trust: 0.3

vendor:ciscomodel:unified communications manager session management editionscope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:videoscape control suitescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence mcuscope:eqversion:53000

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:neversion:7.1

Trust: 0.3

vendor:ciscomodel:anyres livescope:neversion:9.4.5

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.3.0

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:mobilefirst platform foundationscope:eqversion:7.0.0.0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p34scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.0(1)

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for images system edition buildscope:neversion:x7.1.1.20290.1

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.1.0.10

Trust: 0.3

vendor:ciscomodel:jabber software development kitscope:neversion:11.7

Trust: 0.3

vendor:ciscomodel:unified contact center expressscope:neversion:11.5.1

Trust: 0.3

vendor:hpmodel:system management homepagescope:eqversion:7.3

Trust: 0.3

vendor:ciscomodel:webex meetings server mr1scope:eqversion:2.5

Trust: 0.3

vendor:ciscomodel:telepresence mx seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:webex meetings serverscope:eqversion:2.5.99.2

Trust: 0.3

vendor:ibmmodel:rational reporting for development intelligencescope:eqversion:2.0.1

Trust: 0.3

vendor:ibmmodel:jazz reporting servicescope:eqversion:5.0

Trust: 0.3

vendor:ciscomodel:telepresence isdn gw msescope:eqversion:83210

Trust: 0.3

vendor:ciscomodel:telepresence profile seriesscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:abyp-2t-0s-2l-p-mscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:visual quality experience tools serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:cloud manager with openstack interim fixscope:neversion:4.2.0.3

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:neversion:7.2

Trust: 0.3

vendor:oraclemodel:mysql enterprise backupscope:eqversion:4.0.1

Trust: 0.3

vendor:ciscomodel:nexus series switches 7.3.1dxscope:neversion:7000

Trust: 0.3

vendor:ciscomodel:asa cx and cisco prime security managerscope:neversion:9.5.4.3

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:7

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1lscope: - version: -

Trust: 0.3

vendor:ciscomodel:im and presence servicescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:5.3

Trust: 0.3

vendor:freebsdmodel:9.3-release-p29scope: - version: -

Trust: 0.3

vendor:ciscomodel:firesight system softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:management appliancescope:eqversion:0

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.2

Trust: 0.3

vendor:ibmmodel:aspera consolescope:eqversion:3.0.2

Trust: 0.3

vendor:ibmmodel:tivoli provisioning manager for images system editionscope:eqversion:x7.1.1.0

Trust: 0.3

vendor:ciscomodel:unity connectionscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:datapower gatewaysscope:eqversion:7.5.0.1

Trust: 0.3

vendor:ciscomodel:cloud object storescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:anyconnect secure mobility client for osscope:neversion:x4.0

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1hscope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(2.13900.9)

Trust: 0.3

vendor:ciscomodel:ip interoperability and collaboration systemscope:neversion:5.0

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:10.5(0.98000.88)

Trust: 0.3

vendor:ibmmodel:cloud manager with openstackscope:eqversion:4.2.0.1

Trust: 0.3

vendor:opensslmodel:project openssl 1.0.1pscope: - version: -

Trust: 0.3

sources: BID: 89744 // JVNDB: JVNDB-2016-002473 // NVD: CVE-2016-2106

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-2106
value: HIGH

Trust: 1.0

NVD: CVE-2016-2106
value: HIGH

Trust: 0.8

VULMON: CVE-2016-2106
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-2106
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2016-2106
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULMON: CVE-2016-2106 // JVNDB: JVNDB-2016-002473 // NVD: CVE-2016-2106

PROBLEMTYPE DATA

problemtype:CWE-189

Trust: 1.8

sources: JVNDB: JVNDB-2016-002473 // NVD: CVE-2016-2106

THREAT TYPE

network

Trust: 0.3

sources: BID: 89744

TYPE

Boundary Condition Error

Trust: 0.3

sources: BID: 89744

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002473

PATCH

title:APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004url:http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

Trust: 0.8

title:HT206903url:https://support.apple.com/en-us/HT206903

Trust: 0.8

title:HT206903url:https://support.apple.com/ja-jp/HT206903

Trust: 0.8

title:HPSBMU03691url:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Trust: 0.8

title:SB10160url:https://kc.mcafee.com/corporate/index?page=content&id=SB10160

Trust: 0.8

title:NV16-015url:http://jpn.nec.com/security-info/secinfo/nv16-015.html

Trust: 0.8

title:Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]url:https://www.openssl.org/news/openssl-1.0.2-notes.html

Trust: 0.8

title:Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016]url:https://www.openssl.org/news/openssl-1.0.1-notes.html

Trust: 0.8

title:Fix encrypt overflowurl:https://git.openssl.org/?p=openssl.git;a=commit;h=3f3582139fbb259a1c3cbb0a25236500a409bf26

Trust: 0.8

title:EVP_EncryptUpdate overflow (CVE-2016-2106)url:https://www.openssl.org/news/secadv/20160503.txt

Trust: 0.8

title:Oracle Critical Patch Update Advisory - October 2016url:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Trust: 0.8

title:Oracle Critical Patch Update Advisory - July 2016url:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Trust: 0.8

title:Oracle Linux Bulletin - April 2016url:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Trust: 0.8

title:Oracle Solaris Third Party Bulletin - April 2016url:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Trust: 0.8

title:Oracle VM Server for x86 Bulletin - July 2016url:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Trust: 0.8

title:Oracle Linux Bulletin - July 2016url:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

Trust: 0.8

title:RHSA-2016:0996url:http://rhn.redhat.com/errata/RHSA-2016-0996.html

Trust: 0.8

title:RHSA-2016:0722url:http://rhn.redhat.com/errata/RHSA-2016-0722.html

Trust: 0.8

title:SA40202url:https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202

Trust: 0.8

title:JSA10759url:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

Trust: 0.8

title:TLSA-2016-14url:http://www.turbolinux.co.jp/security/2016/TLSA-2016-14j.html

Trust: 0.8

title:HS16-023url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS16-023/index.html

Trust: 0.8

title:The Registerurl:https://www.theregister.co.uk/2016/05/03/openssl_patches/

Trust: 0.2

title:Red Hat: Important: openssl security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162073 - Security Advisory

Trust: 0.1

title:Red Hat: CVE-2016-2106url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2016-2106

Trust: 0.1

title:Ubuntu Security Notice: openssl vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-2959-1

Trust: 0.1

title:Debian Security Advisories: DSA-3566-1 openssl -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=055972eb84483959232c972f757685e0

Trust: 0.1

title:Amazon Linux AMI: ALAS-2016-695url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2016-695

Trust: 0.1

title:Tenable Security Advisories: [R5] OpenSSL '20160503' Advisory Affects Tenable Productsurl:https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2016-10

Trust: 0.1

title:Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Releaseurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20162957 - Security Advisory

Trust: 0.1

title:IBM: IBM Security Bulletin: Fabric OS firmware for Brocade 8Gb SAN Switch Module for BladeCenter is affected by vulnerabilities in OpenSSL and OpenSSHurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=b7f5b1e7edcafce07f28205855d4db49

Trust: 0.1

title:Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2016-13

Trust: 0.1

title:Symantec Security Advisories: SA123 : OpenSSL Vulnerabilities 3-May-2016url:https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=5d65f6765e60e5fe9e6998a5bde1aadc

Trust: 0.1

title:Forcepoint Security Advisories: CVE-2016-2105, 2106, 2107, 2108, 2109, 2176 -- Security Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories&qid=01fd01e3d154696ffabfde89f4142310

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - April 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=83bbd91f8369c8f064e6d68dac68400f

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - July 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=0bd8c924b56aac98dda0f5b45f425f38

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=a31bff03e9909229fd67996884614fdf

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - July 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=3a04485ebb79f7fbc2472bf9af5ce489

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - April 2017url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=143b3fb255063c81571469eaa3cf0a87

Trust: 0.1

title:Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2016-18

Trust: 0.1

title:Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=6c15273f6bf4a785175f27073b98a1ce

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=976a4da35d55283870dbb31b88a6c655

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - October 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=05aabe19d38058b7814ef5514aab4c0c

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - January 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=e2a7f287e9acc8c64ab3df71130bc64d

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=586e6062440cdd312211d748e028164e

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - July 2017url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=2f446a7e1ea263c0c3a365776c6713f2

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - July 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=5f8c525f1408011628af1792207b2099

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2016-2106

Trust: 0.1

title:alpine-cvecheckurl:https://github.com/tomwillfixit/alpine-cvecheck

Trust: 0.1

title: - url:https://github.com/imhunterand/hackerone-publicy-disclosed

Trust: 0.1

title:satellite-host-cveurl:https://github.com/RedHatSatellite/satellite-host-cve

Trust: 0.1

sources: VULMON: CVE-2016-2106 // JVNDB: JVNDB-2016-002473

EXTERNAL IDS

db:NVDid:CVE-2016-2106

Trust: 3.4

db:BIDid:89744

Trust: 1.4

db:PACKETSTORMid:136912

Trust: 1.1

db:PULSESECUREid:SA40202

Trust: 1.1

db:TENABLEid:TNS-2016-18

Trust: 1.1

db:SIEMENSid:SSA-412672

Trust: 1.1

db:SECTRACKid:1035721

Trust: 1.1

db:MCAFEEid:SB10160

Trust: 1.1

db:JUNIPERid:JSA10759

Trust: 1.1

db:BIDid:91787

Trust: 1.1

db:JVNid:JVNVU93163809

Trust: 0.8

db:JVNid:JVNVU94844193

Trust: 0.8

db:JVNDBid:JVNDB-2016-002473

Trust: 0.8

db:ICS CERTid:ICSA-22-349-21

Trust: 0.1

db:VULMONid:CVE-2016-2106

Trust: 0.1

db:PACKETSTORMid:169652

Trust: 0.1

db:PACKETSTORMid:138471

Trust: 0.1

db:PACKETSTORMid:142803

Trust: 0.1

db:PACKETSTORMid:138473

Trust: 0.1

db:PACKETSTORMid:140056

Trust: 0.1

db:PACKETSTORMid:136895

Trust: 0.1

db:PACKETSTORMid:136893

Trust: 0.1

db:PACKETSTORMid:139114

Trust: 0.1

db:PACKETSTORMid:139167

Trust: 0.1

db:PACKETSTORMid:137958

Trust: 0.1

db:PACKETSTORMid:139116

Trust: 0.1

db:PACKETSTORMid:140182

Trust: 0.1

sources: VULMON: CVE-2016-2106 // BID: 89744 // JVNDB: JVNDB-2016-002473 // PACKETSTORM: 169652 // PACKETSTORM: 138471 // PACKETSTORM: 142803 // PACKETSTORM: 138473 // PACKETSTORM: 140056 // PACKETSTORM: 136895 // PACKETSTORM: 136893 // PACKETSTORM: 139114 // PACKETSTORM: 139167 // PACKETSTORM: 137958 // PACKETSTORM: 139116 // PACKETSTORM: 140182 // NVD: CVE-2016-2106

REFERENCES

url:https://www.openssl.org/news/secadv/20160503.txt

Trust: 1.6

url:http://rhn.redhat.com/errata/rhsa-2016-0722.html

Trust: 1.4

url:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Trust: 1.4

url:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Trust: 1.4

url:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

Trust: 1.4

url:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Trust: 1.4

url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160504-openssl

Trust: 1.4

url:http://rhn.redhat.com/errata/rhsa-2016-1650.html

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2016-1648.html

Trust: 1.2

url:http://www.ubuntu.com/usn/usn-2959-1

Trust: 1.2

url:https://security.gentoo.org/glsa/201612-16

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2016-2957.html

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2016-2073.html

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2016-2056.html

Trust: 1.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-2106

Trust: 1.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-2105

Trust: 1.2

url:https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40202

Trust: 1.1

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10160

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2016-0996.html

Trust: 1.1

url:http://lists.apple.com/archives/security-announce/2016/jul/msg00000.html

Trust: 1.1

url:https://support.apple.com/ht206903

Trust: 1.1

url:http://www.securityfocus.com/bid/91787

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2016-1649.html

Trust: 1.1

url:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Trust: 1.1

url:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Trust: 1.1

url:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05320149

Trust: 1.1

url:http://www.securityfocus.com/bid/89744

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html

Trust: 1.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2016-may/184605.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html

Trust: 1.1

url:https://www.freebsd.org/security/advisories/freebsd-sa-16:17.openssl.asc

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html

Trust: 1.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183457.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html

Trust: 1.1

url:http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html

Trust: 1.1

url:http://www.securitytracker.com/id/1035721

Trust: 1.1

url:http://www.debian.org/security/2016/dsa-3566

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html

Trust: 1.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2016-may/183607.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html

Trust: 1.1

url:https://bto.bluecoat.com/security-advisory/sa123

Trust: 1.1

url:http://packetstormsecurity.com/files/136912/slackware-security-advisory-openssl-updates.html

Trust: 1.1

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10759

Trust: 1.1

url:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722

Trust: 1.1

url:https://www.tenable.com/security/tns-2016-18

Trust: 1.1

url:https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbhf03756en_us

Trust: 1.1

url:https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbhf03765en_us

Trust: 1.1

url:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20160504-0001/

Trust: 1.1

url:https://source.android.com/security/bulletin/pixel/2017-11-01

Trust: 1.1

url:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Trust: 1.1

url:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Trust: 1.1

url:https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

Trust: 1.1

url:https://git.openssl.org/?p=openssl.git%3ba=commit%3bh=3f3582139fbb259a1c3cbb0a25236500a409bf26

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2108

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2016-2109

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2106

Trust: 0.8

url:http://jvn.jp/vu/jvnvu93163809/

Trust: 0.8

url:http://jvn.jp/vu/jvnvu94844193/

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2106

Trust: 0.8

url:http://www.aratana.jp/security/detail.php?id=16

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2016-2107

Trust: 0.8

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2016-2106

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2016-2105

Trust: 0.6

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2016-2176

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2016-3110

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2016-3110

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2016-2109

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2016-2108

Trust: 0.4

url:http://openssl.org/

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1331536

Trust: 0.3

url:http://seclists.org/bugtraq/2016/may/25

Trust: 0.3

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1023779

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1023814

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024319

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024507

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg2c1000158

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas8n1021361

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas8n1021376

Trust: 0.3

url:https://www.openssl.org/news/vulnerabilities.html

Trust: 0.3

url:https://securityadvisories.paloaltonetworks.com/home/detail/56?aspxautodetectcookiesupport=1

Trust: 0.3

url:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21987903

Trust: 0.3

url:https://support.asperasoft.com/hc/en-us/articles/229505687-security-bulletin-multiple-openssl-vulnerabilities-affect-ibm-aspera-shares-1-9-2-or-earlier-%20-ibm-aspera-console-3-0-6-or-earlier

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024066

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988007

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=ssg1s1009147

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984323

Trust: 0.3

url:https://www-01.ibm.com/support/docview.wss?uid=swg21984483

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984583

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984609

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984794

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984920

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21984977

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21985736

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986068

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986123

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986152

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986260

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986473

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986506

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986563

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986564

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21986669

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21987671

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21987779

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21987968

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988055

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988071

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988189

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988350

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988383

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21988976

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21989046

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21992493

Trust: 0.3

url:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory20.asc

Trust: 0.3

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://access.redhat.com/security/team/key/

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-3195

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2016-4459

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2015-3195

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-5387

Trust: 0.2

url:https://access.redhat.com/site/documentation/en-us/jboss_enterprise_web_server/2/html-single/installation_guide/index.html

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-5387

Trust: 0.2

url:https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/2.1/html/2.1.1_release_notes/index.html

Trust: 0.2

url:https://access.redhat.com/security/vulnerabilities/httpoxy

Trust: 0.2

url:https://access.redhat.com/site/documentation/

Trust: 0.2

url:https://access.redhat.com/articles/2688611

Trust: 0.2

url:https://access.redhat.com/solutions/222023

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-4459

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-4000

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-4000

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-3183

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-3183

Trust: 0.2

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform&downloadtype=securitypatches&version=6.4

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-2107

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-0799

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-2842

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-0799

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-1836

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/189.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2016-2106

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2016:2073

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://usn.ubuntu.com/2959-1/

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=49332

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-0169

Trust: 0.1

url:https://www.openssl.org/policies/secpolicy.html

Trust: 0.1

url:https://www.openssl.org/policies/releasestrat.html),

Trust: 0.1

url:http://www.hpe.com/support/security_bulletin_archive

Trust: 0.1

url:https://www.hpe.com/info/report-security-vulnerability

Trust: 0.1

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03756en_us

Trust: 0.1

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499

Trust: 0.1

url:http://www.hpe.com/support/subscriber_choice

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-0204

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0204

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-3570

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2014-3570

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver&downloadtype=distributions&version=2.1.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2180

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2105

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2178

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2183

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2107

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2178

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2176

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2177

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-7052

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6304

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6305

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2106

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2108

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7052

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-6306

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2109

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-6304

Trust: 0.1

url:http://eprint.iacr.org/2016/594.pdf

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-6305

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2180

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2177

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2183

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6306

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssl/1.0.2d-0ubuntu1.5

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.19

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.36

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2016-2054.html

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/6.4/index.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2842

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-0718

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4599

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4601

Trust: 0.1

url:https://gpgtools.org

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4449

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4483

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4600

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1865

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4597

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4596

Trust: 0.1

url:http://www.apple.com/support/downloads/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4447

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1863

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4582

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4595

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1864

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-9862

Trust: 0.1

url:http://support.apple.com/kb/ht201222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4607

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4448

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4598

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1684

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4602

Trust: 0.1

url:https://support.apple.com/kb/ht206900

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4594

Trust: 0.1

url:https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/

Trust: 0.1

url:https://issues.jboss.org/):

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-0705

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-3196

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-4448

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3216

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-0702

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-0797

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2014-8176

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-6808

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1835

Trust: 0.1

url:https://access.redhat.com/documentation/en/red-hat-jboss-core-services-apache-http-server/version-2.4.23/apache-http-server-2423-release-notes/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-3705

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-1838

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3196

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-1839

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-3523

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-2177

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-4483

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2014-3523

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-8612

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1148

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1840

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-0797

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3185

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-0705

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-3185

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-3194

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-1833

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp&downloadtype=distributions&version=2.4.23

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-8176

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-1840

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-1836

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-1762

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-1835

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-4449

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-0286

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1762

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-5420

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-2178

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3194

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0286

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-3627

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2012-1148

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-1837

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-1834

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0209

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1837

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1839

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-5419

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-0209

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-0702

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-3216

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1838

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1833

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1834

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-4447

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-7141

Trust: 0.1

sources: VULMON: CVE-2016-2106 // BID: 89744 // JVNDB: JVNDB-2016-002473 // PACKETSTORM: 169652 // PACKETSTORM: 138471 // PACKETSTORM: 142803 // PACKETSTORM: 138473 // PACKETSTORM: 140056 // PACKETSTORM: 136895 // PACKETSTORM: 136893 // PACKETSTORM: 139114 // PACKETSTORM: 139167 // PACKETSTORM: 137958 // PACKETSTORM: 139116 // PACKETSTORM: 140182 // NVD: CVE-2016-2106

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 138471 // PACKETSTORM: 138473 // PACKETSTORM: 139114 // PACKETSTORM: 139167 // PACKETSTORM: 139116 // PACKETSTORM: 140182

SOURCES

db:VULMONid:CVE-2016-2106
db:BIDid:89744
db:JVNDBid:JVNDB-2016-002473
db:PACKETSTORMid:169652
db:PACKETSTORMid:138471
db:PACKETSTORMid:142803
db:PACKETSTORMid:138473
db:PACKETSTORMid:140056
db:PACKETSTORMid:136895
db:PACKETSTORMid:136893
db:PACKETSTORMid:139114
db:PACKETSTORMid:139167
db:PACKETSTORMid:137958
db:PACKETSTORMid:139116
db:PACKETSTORMid:140182
db:NVDid:CVE-2016-2106

LAST UPDATE DATE

2024-12-19T20:06:33.960000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2016-2106date:2023-11-07T00:00:00
db:BIDid:89744date:2017-05-02T01:10:00
db:JVNDBid:JVNDB-2016-002473date:2017-10-03T00:00:00
db:NVDid:CVE-2016-2106date:2024-11-21T02:47:49.083

SOURCES RELEASE DATE

db:VULMONid:CVE-2016-2106date:2016-05-05T00:00:00
db:BIDid:89744date:2016-05-03T00:00:00
db:JVNDBid:JVNDB-2016-002473date:2016-05-10T00:00:00
db:PACKETSTORMid:169652date:2016-05-03T12:12:12
db:PACKETSTORMid:138471date:2016-08-22T23:23:00
db:PACKETSTORMid:142803date:2017-06-05T18:18:00
db:PACKETSTORMid:138473date:2016-08-22T23:25:00
db:PACKETSTORMid:140056date:2016-12-07T16:37:31
db:PACKETSTORMid:136895date:2016-05-03T22:56:05
db:PACKETSTORMid:136893date:2016-05-03T22:55:47
db:PACKETSTORMid:139114date:2016-10-12T20:16:45
db:PACKETSTORMid:139167date:2016-10-18T13:58:46
db:PACKETSTORMid:137958date:2016-07-19T19:45:20
db:PACKETSTORMid:139116date:2016-10-12T23:44:55
db:PACKETSTORMid:140182date:2016-12-16T16:34:49
db:NVDid:CVE-2016-2106date:2016-05-05T01:59:02.217